HTML:Illiframe-D

Hi,

Avast is detecting the "HTML:Illiframe-D" virus for the attached file. Nod32 doesn't detect anything. I believe that Avast is right because of the embedded links to a Russian website. Please let me know what you think.

Thanks,
Gili

 

I believe the reason is, that file is a Text file, meaning it can't do anything but be read. No code or script can be executed so it is not actually a threat.

I could be mistaken, but if the file were converted into a .html or .php file so that it actually ran when opened, then NOD would keep it from doing anything malicious.

Also, if the only thing it does is redirect, then the file itself is not a threat, but the site it redirects to might be. If so, then NOD will kill the connection if anything tries to come through on the site.

 

Avast and Sophos and the only 2 antivirus programs that detect this text file as malicious

 

yes, it is a hacked website.

 

You are wrong. This file came from a hacked website (I simply renamed it to .txt) and when you hit it using IE it redirects you to a Russian website that tries infecting you.

NOD32 blocks you from visiting the Russian website, but it does nothing to let you know that the original website was infected with a virus (and which one). This makes it more difficult to clean one's own website. NOD32 should detect this even under FireFox!

Gili