Trojan in jpg

[Beenthere]

I'm browsing this forum i always do (gaming) and on one page my avira popped up saying there is a virus in the cache...

With my "uber elite" skills, i managed to find out that the file in the cache which avira finds infected is a picture that one guy posted.

This one

hxxp://www.homee.com/pic/thread%20sucks.jpg

I opened the jpg with notepad and found a java script in it that leads to one page that seems legit

<IFRAME SRC="hxxp://www.ciudad.com.ar/ar/popunder/p_submit.asp?site=personales.ciudad.com.ar" width=1 height=1></IFRAME><script LANGUAGE="JavaScript">//<!--for (var i=1; i<15; i++){  setTimeout('self.focus();',i*30);}//--></SCRIPT><!-- FIN - PUBLICIDAD POP-UP UNDER -->

What can you tell me about this?

I dont suppose my PC is infected now -,-

[MysteryFCM]

Looking at the file, it appears the bad guy that created it, didn't do his homework properly, or is having problems with his server, as the URL returns a 404, and none of the files I've identified as previously being located on personales.ciudad.com.ar, are loading.

In short, previously it likely lead to something nefarious, and Avira will flag it due to the presence of scripts + iFrames in an image file, but in the sites current state, the image is harmless.

[Beenthere]

thanks Mr Burn

gratz on your thousand posts

[MysteryFCM]

No problem, and cheers