Question on False Alarm Hit..

I have build a few sites and i received an email earlier today from a user from my site. He received an alert from his avast program saying that the page he was on contained a virus. He included a screen shot of this and this is something new to me. I have never used avast but this concerns me that he got this false alert from my site. the site is relatively new and very low traffic at the present time. I have searched my site code and i see no indications that it has been hacked. The only thing that i can think of is possibly he received the error from the Google adsense code. Has anyone seen this? And what would be some suggestions?

Regards,
Brad

could you post the screen shot here? just mask the web site name if you prefer, what’s needed is just the type of infection that was detected…yeah, a third party site could be responsible too…but adsense I have doubts…I suppose that Google is checking the content of the ads and where they link to.

Welcome to the forums, merchelweb.

If you could post the link to the site that the user was alerted on, then someone here could take a look to see anything…
Just remember to deactivate the link (change http to hXXp or www to wXw) that way, people can’t potentially infect themselves…

This kind of detection is very common these days, with many ‘legitimate sites’ becoming hacked to distribute malware:

Every 3.6 seconds a website is infected

-Scott-

Below is the screenshot he sent me.

http://www.junkshed.com/images/screenshot.jpg

so that’s your own site right…the detection is about an iFrame (I’m not a specialist, others might bring you here more details…). iFrames are hidden pieces of scripts able if programmed that way to redirect to a bad site. You should check your server or ask your host to scan it for you.

Your site seems to have been hacked…

http://www.UnmaskParasites.com/security-report/?page=www.junkshed.com/index.php%3Fcityid%3D21

There are two hidden iframes pointing to hxxp://msnupdateserver.info…which according to Google is malicious…

I presume that you didn’t put them there…


A post worth reading by DavidR:

-Scott-


EDIT: This is what avast! is alerting on, I have just tested it...

Yes this is my site… going through the code line by line i think i may have found it.

I have found the code. I appreciate your help with this. This is something that i havent run into before…

Then you need to close the vulnerability or it could well be back again, check out the quoted text in Reply #5 as a start point.

That was quick… ;D
The Unmaskparasites link in my last post now reports it as clean…

Good on you for reporting this, many site owners will just dismiss reports of this nature ::slight_smile:
I hope you will also consider the other points mentioned…

-Scott-

many site owners will just dismiss reports of this nature
true, the number of them who just let go during months is amazing; nice reaction the OP had here ;)