IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> Trojan Detected
Bpa
post 3.06.2009 06:34
Post #1


Member
**

Group: Members
Posts: 12
Joined: 3.01.2009




Hello,

I was on the Internet and clicked into a site and got a red warning from Kaspersky. There was no option for me (block, delete, quartine, etc.). I checked the Reports and there were four things found:

6/2/2009 2:52:02 PM

Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Processing error: HEUR:Trojan.Script.Iframer

6/2/2009 2:52:06 PM
Object: xxp://bfegrtuker.ru/bede/in.php
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Processing error: HEUR:Trojan-Downloader.Script.Generic

6/2/2009 2:52:02 PM
Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html//test_acc_ess
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Detected: HEUR:Trojan.Script.Iframer

6/2/2009 2:52:06 PM
Object: xxp://bfegrtuker.ru/bede/in.php//in
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Detected: HEUR:Trojan-Downloader.Script.Generic

Can you tell me what these are and how to get rid of 'em?

Thanks, Bpa

edit: links obtunded.


This post has been edited by richbuff: 3.06.2009 06:39
Go to the top of the page
 
+Quote Post
dawgg
post 3.06.2009 18:16
Post #2


Forum Elite
**************

Group: Moderators
Posts: 9300
Joined: 6.04.2006
From: London




They are malicious websites.
Open Kaspersky, click "detected" on the bottom-right and then select "all detected..." on the dropdown menu on the top-left.
Expand "virus" and post a screenshot of that.
Go to the top of the page
 
+Quote Post
Baz^^
post 3.06.2009 18:20
Post #3


Wrestling Champion
**************

Group: Gold beta testers
Posts: 8799
Joined: 10.03.2007




QUOTE(Bpa @ 3.06.2009 03:34) *
Hello,

I was on the Internet and clicked into a site and got a red warning from Kaspersky. There was no option for me (block, delete, quartine, etc.). I checked the Reports and there were four things found:

6/2/2009 2:52:02 PM

Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Processing error: HEUR:Trojan.Script.Iframer

6/2/2009 2:52:06 PM
Object: xxp://bfegrtuker.ru/bede/in.php
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Processing error: HEUR:Trojan-Downloader.Script.Generic

6/2/2009 2:52:02 PM
Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html//test_acc_ess
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Detected: HEUR:Trojan.Script.Iframer

6/2/2009 2:52:06 PM
Object: xxp://bfegrtuker.ru/bede/in.php//in
Path: C:\Program Files (x86)\INTERNET EXPLORER\
Name: IEXPLORE.EXE
Process ID: 3444
Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937
Result: Detected: HEUR:Trojan-Downloader.Script.Generic

Can you tell me what these are and how to get rid of 'em?

Thanks, Bpa

edit: links obtunded.





Hi,





No option to block because you are in auto mode, where Kaspersky blocks any malicious URLS automatically.






--------------------
Kind Regards,

Baz (volunteer moderator/beta testing lead -- I don't work for Kaspersky
)
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 1.09.2014 22:31