Iframe virus attack

By nismo91
Jul 13, 2009
  1. hi all, basically my computers are not likely to be attacked by any virus, but recent recovery (done early last mth) has brought some iframe viruses. usually, what i saw is during the start of mozilla firefox. it blocks site

    yeah i found the solution by modifying the hiddenwindows.html in res folder.
    last mth it works, but yesterday it appears again without any obvious source.
    i delete the row <iframe>, but after i close it, it appears again.

    it begins when i was watching dvd suddenly my C:\windows\temp folder is infected. after that, the firefox start begins to show "access to iframe is blocked"

    i am using avast home free edition with updated virus database, anyway.

    so since im not a huge fan of iframe trojan, i boottime scan every single file in my computer, delete some useless crap. but it didnt work, i tried enabling UAC back for security purposes. after next reboot so the com surrogate has stopped working (i am using vista 32 home), and some viruses found again in C:\windows\temp.

    i delete those files manually, and the firefox iframe issue has been gone. but randomly, i got those messages that viruses in C:\windows\temp appears again, but with different name.

    here is the attachment of what is my antivirus logging.
    as u all can see, i've been clean from 30/06 (ignore the autorun.inf, its my friend portable disk) and this morning, many attacks are shown.

    from the log, im pretty sure the host of the viruses live in windows\temp

    if i has to recover the computer, i can do it, just i doubt it may appear again after recovery.

    help from anyone with ideas on this are appreciated. thank you!
  2. nismo91

    nismo91 TS Evangelist Topic Starter Posts: 899   +15

    additional info:

    it appears that the virus has infected alot of my html files, until all of them are listed.
    nevertheless, some of my games application has been infected too. because last night scan delete the file, and when i reinstall a new one, the same .exe is listed clean

    anyway, the virus, always comes with the "com surrogate have stopped working"
    so each time my avast blocks it, the windows errors will pop up as well...

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...