What does this Virus!

I got a virus when i looked att internet at some picture name of the picture

Top_ban[1].gif

Name

Win32:IFrame-E [trj]

Thanks for help

First I don’t believe you got a virus, it was intercepted by avast, this I would say was the web shield at work and it would only give you one option, abort connection, was that what you saw (see image example) ?

It wasn’t the pictures that were the problem but the page they were on, contained on that page was an iframe tag.

The iframe HTML tag is a powerful tool which can import and execute data. Whilst this is fine on a web site for importing dynamic data, it can still be put to malicious purposes as well as good. So it would seem the purpose of this iframe was to exploit and as such malicious. This is however, speculation (but educated guess) as there is insufficient information to say for certain.

Check the avast! Log Viewer (right click the avast ‘a’ icon), Warning section, this contains information on all avast detections. This will give the location and will most likely be an internet URL, proving that the infection didn’t get on to your system.

no it whas not like that i had 3 options delete to chest or permently delete all

I have goten virus from the internet before when it says abort conection

Then it was detected by the standard shield.

Post the information from the avast log viewer about the detection, file name and location as outlined above. Or open the C:\Program Files\Alwil Software\Avast4\DATA\log\warning.log file with notepad and copy and paste the information (probably easier).

Here is the log warning

2008-07-18 00:06:47 1216332407 SYSTEM 1604 Sign of “Win32:IFrame-E [trj]” has been found in “C:\Users\Cigel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GO28J0XG\top_ban[1].gif” file.

It seems a very strange alert, as I don’t believe it is possible for this file to generate an iframe alert, unless of course the .gif file type is faked to mislead and the underlying file type is htm or html.

I would say the only thing you need do is clear your browsers Temporary Internet Files.

If you want more, I suggest:

  1. Disable System Restore and reenable it after step 3.
  2. As David said, clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.