IFrame Exploit - HELP please.

Hi…

I got a window from avast saying a virus was found, the iframe exploit. I put it in the "chest. Does it just stay there, or do I have to do something else to it?

Also, this happens consistently when I go to PayPal. Is my info compromised? What should I do to be able to use pp again?

I emptied my cookies, etc, ran about 3 scans (avast, avg, some microsoft one) and the latter two didn’t find anything, while avast keeps finding the exploit.

Advice, please!

Heather
PS: Why didn’t I pay more attention in my computer science classes??? :frowning:

What was the URL ?
I suspect the contact us redirect, as this has been reported in another topic, http://forum.avast.com/index.php?topic=29553.msg243007#msg243007. I believe it is a false positive detection.

Thank you so much…

I will get the URL tonight. I really appreciate you!

Heather

Just check if it is the same as the one reported in the other topic, if so don’t worry. If it is different, then post it here, but break the link so it isn’t live, e.g. http:// www . examplesiteurl.com.

This is what the URL says when the high blood pressure inducing WARNING pops up:

https: //www.paypal.com/row/cgi-bin/helpweb?cmd=_help

Does that look like the glitch?? Shoud I be worried?

Heather

PS: When avast is showing me the infected file this is what it says:

c://documentsandsettings\owner\localsettings\temporaryinternetfiles\content.ie5\35jsdpa0\webscr1.htm

What the heck does that mean?

I doubt you have anything to worry about, although it is a different url it would appear to be the same issue, a problem with how avast sees paypal’s use of the iFrame to import a page/information.

DrWeb link checker doesn’t find anything there either.
https :// www . paypal.com/row/cgi-bin/helpweb?cmd=_help

Though, I don’t know how the other file you mention got on your system, web shield should have intercepted it. Perhaps it was already on your system and after a VPS update was then deemed infected. I would suggest you jus clear your browser cache (temp internet files) as that is where it is.

So, all the other stuff that came up when Googled (ie: back up system, something about restore), or, um, the Geek Squad guy said he could come over for $250… not necessary. Should I avoid clicking the help link?

So, do I understand this: there is no virus/threat, its just something avast pops up??? Harmless?

You are the best!

Heather

This is a false alarm which should be corrected in the next update. Sorry for any troubles.

You guys are the best.

Thanks for the feedback and quick response kubecj.

He He, saved you $250, much cheaper and probably quicker to ask on the avast forums.

Welcome to the forums.

Saved $$, and, having a Geek Squad car in your driveway is totally embarrassing. :smiley:

Now fixed by VPS update 0760-3.