Trojan.Giframe
Trojan.Giframe is a heuristic detection method to identify infected GIF images that may contain HTML tags crafted to redirect infected computer to malicious web sites.
Alias: Trojan.JS.Iframe.at, IFrame.gen, GIF/Iframe!generic, Trojan.DL.Giframe.a, Mal/Iframe-F, Trojan-Clicker.HTML.IFrame, TROJ_IFRAME.CP
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Distribution
Trojan.Giframe may infect a computer when user visited a web site that consists of maliciously crafted GIF files. There is no confirmation as of this writing that the Trojan may spread and infect other files within a local network. The Trojan activates within an IFrame when browsing malicious web page. It opens a browser windows that points to predefined web sites that may download additional potential harmful files on the infected computer.
%Temp%\contactus.htm_cmp_zero010_vbtn.gif %Temp%\contactus.htm_cmp_zero010_vbtn_a.gif %Temp%\environmentalfriendly.htm_cmp_zero010_vbtn.gif %Temp%\environmentalfriendly.htm_cmp_zero010_vbtn_a.gif %Temp%\home_cmp_zero010_vbtn_a.gif %Temp%\home_cmp_zero010_vbtn_p.gif %Temp%\IndustriesServed.htm_cmp_zero010_vbtn.gif %Temp%\IndustriesServed.htm_cmp_zero010_vbtn_a.gif %Temp%\logo52.gif %Temp%\products.htm_cmp_zero010_vbtn.gif %Temp%\products.htm_cmp_zero010_vbtn_a.gif %Temp%\request for quote.htm_cmp_zero010_vbtn.gif %Temp%\request for quote.htm_cmp_zero010_vbtn_a.gif %Temp%\services.htm_cmp_zero010_vbtn.gif %Temp%\services.htm_cmp_zero010_vbtn_a.gif
How to Remove Trojan.Giframe
1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. To be able to identify even the most recent variant of Trojan.Giframe, open your antivirus application and update the virus definition file.
3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 on your keyboard repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Please select Safe Mode with Networking.
- The system will now boot Windows and loads only necessary drivers and files.
4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable to delete, better place them in quarantine. Once the scan is complete, please proceed with the next step.
Scan with Norton Power Eraser:
Free tool from Symantec called Norton Power Eraser provides deep scanning technology to detect and remote threats like Trojan.Giframe. NPE targets and eliminate threats that regular virus scan fails to identify. Download NPE here.
Important! Because of Norton Power Eraser’s aggressive method, it can select even legitimate files as suspicious. Please use this tool very carefully.
Samuel
Mar 04, 2009 @ 19:14:23
Please help.
I need to remove a Trojan. giframe of my PC.
Tanks,
Samuel
George
Mar 20, 2009 @ 06:53:20
There is plenty of hackers that creates viruses and attack millions of computers. Why no one compe up with the solution to fight against them?