|
Virus question
My laptop has GDATA as the virus checker.
It has just flagged up the following. HTML IFrame-inf(engine B) JSFake AV-eg [trj] (engine B) W32 Dialer.fdf (engine A) Any clues please as whilst the virus checker has found these, it seems unable to fix or otherwise cure. (Running XP as the operating system) Thanks, LJ |
It seems these are Trojans. Most "normal" virus checkers have difficulties handling those.
You might want to try "HijackThis" first, and then run a thorough scan with "Malwarebytes mba" (freeware version). It takes time (and nerves) but these two applications finally did the job when my PC got severely infected two months ago, despite a good anti-virus checker. HighjackThis will "only" create a log file of a deep scan which you can then upload and have analyzed automatically. Google "HighjackThis" for download sources. Go to HijackThis Logfileauswertung for the log file check. MBAM will attempt to get rid of the malware. Malwarebytes Finally, try to recall suspicious web sites where you might have caught the viruses, and avoid those in the future. |
Since the item flagged appears to relate to a hidden script (i-frame) it has probably detected an infection in a web page you were navigating to and blocked it.
If this is the case, no further action is required, except to inform the site operator that the site has been hacked. If this appeared as a result of a scan, however, rather than on-access, different story. What was the message displayed by Gdata? (G-data uses two AV engines, hence the "a" and "b" references.) |
Hi Tarq57,
Thanks for your reply. These emerged as part of a routine scan. I'm not sure what effect if any they have. I have heard horror stories about computers dialling premium rate phone lines without any indications hence my concern about the 'dialer'. Also is this part of a phishing scam to get information about bank accounts etc? I have run the GDATA cleanup programme but it says it is unable to cure the infection. I have not used the option to quarantine because it gives all sorts of dire warnings that other programmes or e-mail might not be available afterwards. Don't know if these are new viruses but a report has gone to GDATA. Any thoughts? |
"Any thoughts?"
Well, how I'd proceed might be different, depending on what is actually seen when a quarantine is attempted. I'd be looking at each file that the AV was wanting to quarantine and assessing it on a case by case basis. Over the internerd one can offer generic ideas only, without the use of diagnostics and a bit more knowledge than yours truly actually has. What was/were the original file name and path of all nasties reported? (If there's more than 3 or 4, just give us the most common location, if there is one, eg: C: \Windows\System32... What I'd do is the following: Clean all your temporary and temporary internet files. (Ccleaner or ATF cleaner is good for this. If you use Ccleaner, either use the slim version, or opt out of the Yahoo toolbar install.) Download MBAM,(free version) kindly linked above. It's darned good. Install it, update it, run a quick scan. Following the scan a report will be produced. Select everything found and click on "remove selected". If prompted to reboot to complete removal, do so promptly. Scan again with GData. Report back on anything found/removed/obstinate. |
| All times are GMT. The time now is 06:48. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.