FRIHOSTFORUMSFAQTOSBLOGSDIRECTORY
You are invited to Log in or Register a Frihost Account!

Trojan-Clicker HTML IFrame.gv" removal from code help.

   Frihost Forum Index -> Scripting -> Php and MySQL
 


toughtrio
I have recently started getting the following message whenever I open my phpbb forums on my site hosted somewhere else. This message appears in Kaspersky Web Anti-Virus feature, and lists it as:
Trojan-Clicker.HTML.IFrame.gv

When I click on more information, it doesn't have any informative description rather than just simply telling me that it's an unknown clicker.

Furthermore, this message appears in all the pages inside the phpBB forums, i.e. When viewing a forum, when viewing a topic and when posting a message. So there has to be some common file which might be doing this. And it shows the same message on all templates, so it HAS to be some common forum code file only.

The help I need is:
1) If anyone's experienced with these types of codes, can you please tell me HOW the code looks like so that I can scan and remove it from my phpBB forums.
2) Which file should I narrow onto when looking for the code. Which is the file used in ALL forum pages, even in Private Messages.

It has nothing to do with pop under ads, i've tried removing all ads completely without any luck.

Anticipating a prompt response regarding this matter.
Warm Regards

Last edited by toughtrio on Mon Mar 31, 2008 12:35 am; edited 1 time in total
RiCtee
If you can, it will be a lot easier if you posted your forum url. That way we can just scan through the page source. Most likely it'll be a snippet of Javascript. Your best bet is to start looking at the index.php file.
toughtrio
The forums at www.blackpapers.info.

Anticipating a prompt response.
rvec
toughtrio wrote:
The forums at www.blackpapers.info.

Anticipating a prompt response.

avast doesn't give me any warning here.
sonam
rvec wrote:
toughtrio wrote:
The forums at www.blackpapers.info.

Anticipating a prompt response.

avast doesn't give me any warning here.


NOD32 also didn't screaming. Laughing

Sonam
Diablosblizz
NOD32 is clean as a whistle.
mahirharoon
that is a virus in iframe probaly a false report
but ther is no thing called iframe
toughtrio
It's in http://blackpapers.info/modules.php?name=Forums
Login with
username - frihost
password - frihost

There's the real bug.
sonam
I was login and I didn't get any virus warning. BTW login from this link is not working. I was login from your home page.

Sonam
Dougie1
Remove all of your ads and see if it works. When I have Add block enabled the site works fine. When I don't my browser crashes. The google ads should be fine try just removing the AdBrite ads.

It might help to get support from programmers by actually leaving the copyright parts from scripts in. Where it says powered by you are meant to leave PHP-Nuke in at that point.... It is just bad practise to take these things out...
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2007 Frihost, forums powered by phpBB.