Help - Search - Members
Full Version: Heur.Trojan.Script.Generic
Kaspersky Lab Forum > English User Forum > Protection for Home Users > Kaspersky Internet Security & Anti-Virus for Windows
craftybegonia
Hi! I just ran my anti-virus and it said that I have Heur.Trojan.Script.Generic, It did not give me the option to Quarantine, so I need to find out what to do about it.
I'm running a laptop on Vista and it said that the critter is in C:\Documents and Settings\clotilde\AppData\Local\

Could you tell me what to do?

Thank you!
richbuff
Welcome. Name of the critter? Is it a churkendoose?

Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and select Path. Right click the Detected bar again and select File.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.


Reports > Detailed Report > lower left > Save button > please attach the saved text.
craftybegonia
Thank you for trying to help me! I tried to comply with your request but couldn't, my machine froze and I could not even reboot. I had to wait till the battery ran out and it shut down automatically to get back in. I was able to download OTL and have a log for you, that is all I have been able to do, since it seems I have a limited control of my laptop. No, it is not churkendoose. All I know is what Kaspersky told me, that I have Heur.trojan.script.generic. That it is located in C:\Documents and Settings\clotilde\AppData\Local. I'm running Vista. It won't let me do much and I don't have anough knowledge to make the machine do more than it is.
Thank you for your patience and kindness.

edit: del unrequested log.
richbuff
You're welcome. What is the name of the file?

Please see the first Important topic.

We need the file name, and the logs that the first important topic requests.
craftybegonia
My version of Vista does not include the Snipping Tool, so I have to use a screen capture software, when I try to use it now, the machine crashes. Still, I am going to try to get the report you need. I'm trying even as I write this, if I'm able, Ill upload it.

Thank you!



QUOTE(richbuff @ 8.02.2012 04:31) *
You're welcome. What is the name of the file?

Please see the first Important topic.

We need the file name, and the logs that the first important topic requests.

craftybegonia
Here is the only screen shot I could get. Hope this is what you need.
richbuff
That is definitely not a churkendoose.

Please clear your Firefox cache: http://support.mozilla.org/en-US/kb/How%20...r%20the%20cache
craftybegonia
Is that all I need to do? Wonderful!

Thank you so very much!



QUOTE(richbuff @ 9.02.2012 05:03) *
That is definitely not a churkendoose.

Please clear your Firefox cache: http://support.mozilla.org/en-US/kb/How%20...r%20the%20cache

craftybegonia

Is that all I need to do? Wonderful!

Thank you so very much!


PS
I have noticed an extra problem. The virus I had, whatever it was, has corrupted a great number of my documents. I have had to delete them. But now some of my folders appear with a blue arrow on them and somewhat grayed out. My Music, My Videos, Local Settings, and others. How can I fix that?
craftybegonia
Here are the things you requested. The screen shots are of the folders that appear with blue arrows on them. And then there are the reports.
Could i do a system restore to a previous point in time so that I could recover my corrupted files? I have lost things that are valuable to me. In the Program Data Folder of Computer\Local Disk there is a bunch of folders with blue arrows on them too.
It is all over! By the way, the upload of the new getsys failed because it said the file is too large!

Thanks for all your help!
richbuff
Windows control panel > Appearance and personalization > Folder options > View tab > check Hide Protected operating system files > Apply > ok. Blue arrows gone?

3. Click here to upload your GetSystemInfo log.
4. Now add the link to the report you have just made in your post.

Let's wait a bit for the system restore.
craftybegonia
QUOTE(craftybegonia @ 9.02.2012 09:39) *
Here are the things you requested. The screen shots are of the folders that appear with blue arrows on them. And then there are the reports.
Could i do a system restore to a previous point in time so that I could recover my corrupted files? I have lost things that are valuable to me. In the Program Data Folder of Computer\Local Disk there is a bunch of folders with blue arrows on them too.


Thanks for all your help!

craftybegonia
Blue arrows are gone. But Kaspersky is still red and warning me about the trojan. I was not able to clear up my cache because of a StumbleUpon toolbar, only my browsing history. But today, while at Firefox, I hit Ctl + Alt+ Del and the proper window appeared and I cleaned up everything. Now I am running my anti-virus to see if it will finally come up clean. Will let you know what happens.

Thanks a bunch!
craftybegonia
Cache was emptied. Virus scan finished and Kspersky is still red. Warning is still on. Have no idea what to do next.



QUOTE(craftybegonia @ 10.02.2012 01:34) *
Blue arrows are gone. But Kaspersky is still red and warning me about the trojan. I was not able to clear up my cache because of a StumbleUpon toolbar, only my browsing history. But today, while at Firefox, I hit Ctl + Alt+ Del and the proper window appeared and I cleaned up everything. Now I am running my anti-virus to see if it will finally come up clean. Will let you know what happens.

Thanks a bunch!

richbuff
Please clean install version 2012. Clean install instructions, links and tips are located in the second and third Important topics. After you clean install version 2012, do a databases update > reboot.
craftybegonia
Done! Everything is back to normal.

Thank you so much! bravo.gif

God bless.



QUOTE(richbuff @ 10.02.2012 04:44) *
Please clean install version 2012. Clean install instructions, links and tips are located in the second and third Important topics. After you clean install version 2012, do a databases update > reboot.

lastkings
HI

I need some help, because i just watched recently an adult content site.

tnx
antikythera
the threat was detected and dealt with. nothing to worry about lastkings. if you intend to continue going on adult content sites, use safe run for websites and they will be isolated from the system restricting the chances of any damage further.
lastkings
thanks for the information, but how to remove the report?
antikythera
QUOTE(lastkings @ 26.07.2012 13:12) *
thanks for the information, but how to remove the report?

http://support.kaspersky.com/kis2012/reports?qid=208284498
lastkings
thank you very much problem solved!!:) bravo.gif
Greg H Gober
I got a file quarantined. Its a HEUR:Trojan.Script.Generic . See attachment. I don't know what to do with it. Should I delete it or ??????

Thanks
King Grub
If you want to. Or you can leave it in quarantine. It can't hurt your system from there.
Greg H Gober
QUOTE(King Grub @ 28.07.2012 23:34) *
If you want to. Or you can leave it in quarantine. It can't hurt your system from there.


Thx. Maybe I'll leave it there in quarantined....
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.