Results 1 to 10 of 16

Thread: trojan-spy.html.fraud.gen

Hybrid View

  1. #1
    freaky Guest

    Default trojan-spy.html.fraud.gen

    hi. I've been using zass for a few years now and have never had a problem. When i upgraded to ver.7, on the very first scan, it found: trojan-spy.html.fraud.gen and trojan-spy.html.bayfraud.p. ZL goes thru the process where it automaticly quarentines or deletes or has me delete on reboot. but what ever i do it just pops right back up 2 min. later and wants me to do the same thing again. kapursky says it is a phishing thing but offers no help. You guys and Malware help. org. have no listings for it. I have run 5 other virus scan programs and they do not catch anything. When i maximize the scan results in ZL, this is the path i get: C:\documents and settings\jim\local settings\application data\microsoft\MSN\db30\mail(heatfreek..... That is as much as it gives me. I don't know how to go any further to get the extension. I did boot into safe mode and ran ZL virus scan on the document and settings\jim\local settings\ etc. folder but it found nothing. there are like 20k files in that db30 folder thing... i had no problems with ver.6 and i don't think i did any surfing between ver. 7 and those trojans or spys or whatever they are. Any help will be appreciated... thanks... jim...

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Internet Security Suite
    Software Version:7.0

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: trojan-spy.html.fraud.gen

    Hi!most probably you received an e-mail(s) which contained a link to the fake page; this link exploits the Frame Spoof vulnerability in Internet Explorer.See here: http://www.viruslist.com/en/viruses/...?virusid=66363You can find the exact location of the detection in the Alert/logs tab --> Alert type "antivirus" --> Select it --> look down (entry detail) --> Right click in the entry detail box --> copy --> paste it here.Are both trojan detected in the same location?Probably its enough to delete (remember to empty thetrash) all junk e-mail or e-mail you received that are fake... can you recognise thse e-mails in you mail box?Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    freaky Guest

    Default Re: trojan-spy.html.fraud.gen

    Decription

    Anti-virus attempted but failed to quarantine a virus or viruses
    Date / Time
    2007/04/24 07:37:12-7:00 GMT
    Type







    Treat
    Virus name

    Trojan-Spy.HTML.Bayfraud.p
    Filename



    C:\Documents and Settings\JIM\Local Settings\Application Data\Microsoft\MSN\db30\Mail (heatfreek@msn.com)\stm0x3000adb.000
    Action





    Quarantine failed
    Mode







    Manual
    E-mail






    Decription

    Anti-virus attempted but failed to quarantine a virus or viruses
    Date / Time
    2007/04/24 07:37:12-7:00 GMT
    Type







    Treat
    Virus name

    Trojan-Spy.HTML.Fraud.gen
    Filename



    C:\Documents and Settings\JIM\Local Settings\Application Data\Microsoft\MSN\db30\Mail (heatfreek@msn.com)\stm0x3000d95.000
    Action





    Quarantine failed
    Mode







    Manual
    E-mail






    hey hey. There is the entire path. Wonders never cease. Thank You Very Much.
    Should i try to delete them is safe mode?
    ZL found 10 of them. 2 of the bayfraud and 8 of the fraud.gen.
    thanks.. jim...

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: trojan-spy.html.fraud.gen

    Hi!what application do you use for sending/receiving e-mails?I cannot recognise this path ....Microsoft\MSN\db30\Mail ....It should be enough to go to your e-mail client and delete those e-mails (NOTE: empty the trash bin after).Going into SAFE MODE and delete may corrupt your mailbox... depending on what are you using as e-mail client. In principle, you would alsoneed to set your OS to show hidden files and folder since "Local Settings\Application Data" is hidden in XP systems.Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    freaky Guest

    Default Re: trojan-spy.html.fraud.gen

    hi. i have verizon with msn premium so i think i use verizon's mail and more. Altho up at the top of this screen it says msn mail. i do have show hidden files turned on. so, first i will go and delete all junk emails from the junk email folders. then i will delete all trash can folders. Is trash can the same as recycle bin?
    i just thought of something. I remember forwarding some phishing emails to the companys they were phishing about. Would this mean that there might be a copy in my sent folder? But why wouldn't have ZL ver.6 have caught anything??
    Also, somewhere it said these things were part of IE vers. 5 and 6. and i have ver. 7.
    Oh well... I'm getting a headache. Hope i haven't given you guys one too. I'll go try something and let you know what happens...
    thanks... jim...

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: trojan-spy.html.fraud.gen

    Hi!again, I don't know if deleting manually those messages in that folder is OK. Try at your own risk...Better you delete those mails directly from your MSN Mail Client. Never used this e-mail client, so, I don't know...Delete trash can folders? No. Just empty them...Also found this: http://belfiore.mvps.org/mail.htmZL version 6 used a weak antivirus provided by Computer Asssociates (it was OK few years ago, but malware evolves rapidly and CA is not so good anymore). ZL version 7 uses a much stronger AV engine (by Kaspersky). Kaspersky is one of the best AV scanners on the market right now (in terms of detection).Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •