Jump to content
Vla

Trojan Detected

Recommended Posts

Vla   

Hello,

 

I was on the Internet and clicked into a site and got a red warning from Kaspersky. There was no option for me (block, delete, quartine, etc.). I checked the Reports and there were four things found:

 

6/2/2009 2:52:02 PM

 

Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Processing error: HEUR:Trojan.Script.Iframer

 

6/2/2009 2:52:06 PM

Object: xxp://bfegrtuker.ru/bede/in.php

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Processing error: HEUR:Trojan-Downloader.Script.Generic

 

6/2/2009 2:52:02 PM

Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html//test_acc_ess

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Detected: HEUR:Trojan.Script.Iframer

 

6/2/2009 2:52:06 PM

Object: xxp://bfegrtuker.ru/bede/in.php//in

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Detected: HEUR:Trojan-Downloader.Script.Generic

 

Can you tell me what these are and how to get rid of 'em?

 

Thanks, Bpa

edit: links obtunded.

Edited by richbuff

Share this post


Link to post
Share on other sites
dawgg   

They are malicious websites.

Open Kaspersky, click "detected" on the bottom-right and then select "all detected..." on the dropdown menu on the top-left.

Expand "virus" and post a screenshot of that.

Share this post


Link to post
Share on other sites
Baz^^   
Hello,

 

I was on the Internet and clicked into a site and got a red warning from Kaspersky. There was no option for me (block, delete, quartine, etc.). I checked the Reports and there were four things found:

 

6/2/2009 2:52:02 PM

 

Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Processing error: HEUR:Trojan.Script.Iframer

 

6/2/2009 2:52:06 PM

Object: xxp://bfegrtuker.ru/bede/in.php

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Processing error: HEUR:Trojan-Downloader.Script.Generic

 

6/2/2009 2:52:02 PM

Object: xxp://desafiolasgrutas.com.ar/lasgrutas/thumbnails/_img/test_acc_ess.html//test_acc_ess

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Detected: HEUR:Trojan.Script.Iframer

 

6/2/2009 2:52:06 PM

Object: xxp://bfegrtuker.ru/bede/in.php//in

Path: C:\Program Files (x86)\INTERNET EXPLORER\

Name: IEXPLORE.EXE

Process ID: 3444

Application/Parameters: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3420 CREDAT:71937

Result: Detected: HEUR:Trojan-Downloader.Script.Generic

 

Can you tell me what these are and how to get rid of 'em?

 

Thanks, Bpa

edit: links obtunded.

 

 

 

 

Hi,

 

 

 

 

 

No option to block because you are in auto mode, where Kaspersky blocks any malicious URLS automatically.

 

 

 

 

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×