Users of my homepage reported, that they got a virus (malware) from my homepage. Seems to be program which simulate, that other infects happened and would sell a program called Vista Total Security.
I have avast and avast reported: Malware blocked, Infection: HTML:Iframe-inf.
If you use PHP or other content management software it is possible it could be in your templates, etc.
In taking down the home page, there is obviously some checking going on as, Scott said you are getting a 403 page that is also got the malicious iframe tag in it. So it might be worth putting a placeholder page as the Home, index.htm, page etc. with something like Site under maintenance, etc. until you get control of it.
You would however need to sort the permission issue and clean the 403 error page, I suspect that if you have a 404 page that too will have an iframe in it, also check the favicon.ico file too.
Important also to check and eventually upgrade and update your website software to protect against re-infection,
2 issues here, says sucuri: “Known javascript malware. Details: http://sucuri.net/malware/malware-entry-mwjs488”
and “Javascript included from a blacklisted domain. Details: http://sucuri.net/malware/entry/MW:BLK:2
Javascript::rthlsinks.cz.cc ->Javascript included from a .co.cc domain\ remote include of blacklist site – cross- site,
warning)” hidden iframes is a most popular form of infection still,
Thanks all for your comments!
I could in the meanwhile solve the issue. Infected were a few html document which were provided by the hosting company and saved in a separate folder. I could clean them and now it works without warnings.
Best regards
Nyy
Cleaning is a good first step, but ideally you have to find how those pages were infected (usually out of date content management software as I mentioned) or this could be exploited again.