Ntsite Posted February 13, 2011 Share Posted February 13, 2011 While trying to log in with IE 8 to my cPanel account my antivirus warns me about Html/Infected.WebPage.gen. It seems to be related with I-frame, because in another browser I-frames are disabled so by logging in I don't recieve any warnings. Link to comment Share on other sites More sharing options...
jje Posted February 13, 2011 Share Posted February 13, 2011 The only IFRAME used when using cPanel is the script which keeps your account alive (stop being suspended due to inactivity). 1. What URL are you using to login? 2. What anti-virus are you using? 3. What is your domain and username? This support request is being escalated to our root admin. @djbob : I am not getting any messages in IE8 and I am using AVG. However, cPanel isn't displaying correctly in IE8. Link to comment Share on other sites More sharing options...
Wizard Posted February 13, 2011 Share Posted February 13, 2011 I wouldn't trust IE8 past using it to download Firefox/Chrome. Are you running updated anti-virus software? What anti-virus do you have? Link to comment Share on other sites More sharing options...
Guest Geoff Posted February 13, 2011 Share Posted February 13, 2011 Internet Explorer sucks. Go here if you don't believe me. Link to comment Share on other sites More sharing options...
Ashoat Posted February 13, 2011 Share Posted February 13, 2011 I'm not seeing any such file in the cPanel web directory. Can you point out exactly where it is, or where you think that I should take a look? Link to comment Share on other sites More sharing options...
Ntsite Posted February 14, 2011 Author Share Posted February 14, 2011 The only IFRAME used when using cPanel is the script which keeps your account alive (stop being suspended due to inactivity). 1. What URL are you using to login? 2. What anti-virus are you using? 3. What is your domain and username? Hi. How can I get details about my account activity? 1. The actual url I try to login is ntsite.heliohost.org/cpanel 2. Avira Premium 10 3. ntsite/Stevie I use Opera 9. But due to security reasons I disabled Inline frames. So registering was unavailable from Opera I used IE for more stability. after then tried to logged into account and recieved a block message from Avira. Thought it's just coincidence. but also realized that pages don't open and leaves blank. while trying with Opera, it was OK, as there i-frames were disabled. The next day I tried again with IE8 to login and again received the same message. I looked for details and here are they: When accessing data from the URL, "http://skfi.info/" a virus or unwanted program 'HTML/Infected.WebPage.Gen2' [virus] was found. Action taken: Blocked file Right now I tried to try again, but now I recieve this error message from IE though I didn't block the website: Internet Explorer cannot open Internet site http://stevie.heliohost.org:2082/frontend/x3/index.phpcp Access is denied But with Opera it's OK. I also tried by enabling I-frames - no error was received. Thank you. Link to comment Share on other sites More sharing options...
Ashoat Posted February 14, 2011 Share Posted February 14, 2011 I just did an analysis on network requests on the cPanel page, and I can't find anything requesting "skfi.info"... Link to comment Share on other sites More sharing options...
Ntsite Posted February 14, 2011 Author Share Posted February 14, 2011 I just did an analysis on network requests on the cPanel page, and I can't find anything requesting "skfi.info"... Sorry, you are right, "skfi.info" is not related with cpanel - because actually it gets blocked by Guard not Webguard. The Guard blocks index page that's why I receive the error from IE that access is denied. The actual details for this issue are: Virus or unwanted program 'HTML/Infected.WebPage.Gen [virus]' detected in file 'C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V1F5WVZO\index[1].htm. Action performed: Deny access Link to comment Share on other sites More sharing options...
Guest Geoff Posted February 15, 2011 Share Posted February 15, 2011 Can you please post the contents of that file? Link to comment Share on other sites More sharing options...
Ashoat Posted February 15, 2011 Share Posted February 15, 2011 A network request analysis in Google Chrome doesn't show any "HTML/Infected.WebPage.Gen" being requested. Link to comment Share on other sites More sharing options...
jje Posted February 15, 2011 Share Posted February 15, 2011 IFRAMEs must be allowed because they keep your account active and stop your account automatically suspending. Link to comment Share on other sites More sharing options...
Guest Geoff Posted February 15, 2011 Share Posted February 15, 2011 I don't understand what you have against iframes. The problem is obviously your computer, not heliohost. Link to comment Share on other sites More sharing options...
Ntsite Posted February 16, 2011 Author Share Posted February 16, 2011 Checked with Virustotal just only Avira recognized it as Malware. Also another VBA32, found "Malware.HTML.Iframe (paranoid heuristics)", though in Virustotal it found nothing. Seems like nothing serious. http://www.virustotal.com/file-scan/report...c5c-1297875506# Thank you guys. Link to comment Share on other sites More sharing options...
Ashoat Posted February 16, 2011 Share Posted February 16, 2011 No problem, and thanks for letting us know Link to comment Share on other sites More sharing options...
Recommended Posts