OT

**migster** · #1 (**permalink**) 26-01-2010, 16:35

Every time I access any forum page, Avast reports a malware issue with the following details

File Name: http://www.eukhost.com/forums/external.php?type=RSS2

Malware Name: HTML:Iframe-inf

Aborting the connection makes Avast happy, and the page appears complete. Anybody else seeing this, or is it a false positive?

It looks like it has issues with the RSS feed in some way. As I'm aborting the connection, I don't see an RSS feed anywhere, so I have no idea what it might be. I can't imagine iFrame being used?

**eUK-Victor** · #2 (**permalink**) 26-01-2010, 16:52

Hello,

Its not possible. There is no such IFrame injection or any Malware in our forum. Your avast might be giving you a false positive may be any URL included in our forum posts.

**migster** · #3 (**permalink**) 26-01-2010, 18:08

I suspected it was a false positive.

It happens on the front forum page too, so it's not an issue when reading urls in posts.

Rock · #4 (**permalink**) 26-01-2010, 20:02

Quote:

Originally Posted by migster

I suspected it was a false positive.

It happens on the front forum page too, so it's not an issue when reading urls in posts.

Hi,

This should be sorted out now. There is a thread on our forum [ http://www.eukhost.com/forums/f29/security-issue-10073 ] which actually contains the exact IFrame code posted by one of the forum members, which was injected into his web pages, which was further more parsed when loading through the RSS in your browser & reported by Avast.

I've now commented the IP addressed within those posts & none are active at the moment. It'd take time for the changes to reflect though the RSS feeds, but if you still notice the problems/warnings/alerts, please get back to us.

**migster** · #5 (**permalink**) 26-01-2010, 20:11

Yep, all gone away now.

I owe Avast an apology

Rock · #6 (**permalink**) 26-01-2010, 20:50

Quote:

Originally Posted by migster

Yep, all gone away now.

I owe Avast an apology

Glad to know that

**DPS Computing** · #7 (**permalink**) 28-01-2010, 12:31

Glad to see the problem sorted. You did well to find that one Rock!

.

Rock · #8 (**permalink**) 28-01-2010, 12:49

Quote:

Originally Posted by DPS Computing

Glad to see the problem sorted. You did well to find that one Rock!

.

Thanks David

Yeah, I was shocked to see this thread in the first case & started to thoroughly investigate the causes of the warnings on top priority

I'll see that none of such incidents recur in the future which might harm/infect any of our clients' systems.

**DPS Computing** · #9 (**permalink**) 29-01-2010, 11:38

Quote:

Originally Posted by Rock

Thanks David

Yeah, I was shocked to see this thread in the first case & started to thoroughly investigate the causes of the warnings on top priority

I'll see that none of such incidents recur in the future which might harm/infect any of our clients' systems.

Thats good to know. I think in another life you are probably a detective

.

Rock · #10 (**permalink**) 30-01-2010, 09:59

Quote:

Originally Posted by DPS Computing

Thats good to know. I think in another life you are probably a detective

.

Haha nice guess David

I've been a fan of Hercule Poirot & Sherlock Holmes for life

**DPS Computing** · #11 (**permalink**) 30-01-2010, 12:42

Quote:

Originally Posted by Rock

Haha nice guess David

I've been a fan of Hercule Poirot & Sherlock Holmes for life

You've obviously learned well from them

.

**migster** · #12 (**permalink**) 31-01-2010, 11:04

Really, anybody who is running even a basic website should know more than enough to be protected sufficiently, even during regular internet use. If not, then they'll find themeslves in trouble sooner, rather than later.

Thanks for dealing with it so promptly

**DPS Computing** · #13 (**permalink**) 31-01-2010, 14:06

Quote:

Originally Posted by migster

Really, anybody who is running even a basic website should know more than enough to be protected sufficiently, even during regular internet use. If not, then they'll find themeslves in trouble sooner, rather than later.

Thanks for dealing with it so promptly

Sadly as we know this is not nearly always the case

.

**migster** · #14 (**permalink**) 31-01-2010, 22:11

Quote:

Originally Posted by DPS Computing

Sadly as we know this is not nearly always the case

.

Alas, you are right.

I've broken many, many things through incompetence, but never through insufficient security

**DPS Computing** · #15 (**permalink**) 01-02-2010, 15:27

Quote:

Originally Posted by migster

Alas, you are right.

I've broken many, many things through incompetence, but never through insufficient security

Lol

.

Some of my friends are so oblivious to things like attachments in emails and spyware on the net.

Its like "Yes I know your watching a lovely woman who has particularly nice surgically enchanced breasts **BUT** there is a crap load of spyware being dumped on your computer in the process".

I downloaded a backup of one of my sites (DPS Computing) on the 30th last month. I virus scanned it - 476 viruses in around 3000 e-mails. And thats why I don't look at the "purchasing order" I supposedly made or the cheap viagra ".doc" file which is really ".doc.exe" or open the attachment coming with the e-mail that my long lost grandfather twice removed has met his untimely death in a freak accident with a snow plow and left me 20 gazillion Ugandan dollars!