Results 1 to 4 of 4

Thread: HEUR:Trojan.script.lframer

  1. #1
    epig Guest

    Exclamation HEUR:Trojan.script.lframer

    This has showed up in two places via a super scan mode. It had to have shown up yesterday (July 30, 2010) as I do regular scans and a super scan once a week.

    Two questions:

    1) What does this Trojan do and what is the risk to my system and personal information?

    2) Why did Zone Alarm Extreme Security not prevent it from downloading?

    Any help would be appreciated.

    Thanks.

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: HEUR:Trojan.script.lframer

    Hi!

    1. Its an heuristic detection of a trojan diffusing via web browsing. There potentially thousands of variations. So impossible to say what it does. Trojans can steal private information, accounts, private info, make your PC a zombi to spam, etc...

    2. It did otherwise you would be infected . It can be also a false positive. Heuristic can have false positives. Also its good norm you actually post the exact location and name of the file.

    For peace of mind you can see here below for standard steps:
    Malware Clean-up Guidance

    For better protection see here:
    xyz was not detected. What I should do?

    If you have ZA Extreme I would recommend you turn ON virtualization. If you have then you perfectly protected.

    Cheers,
    Fax
    P.S. and no, super scan every week? Way too much, you will become a slave of your security tool. Just keep ZAX always updated and active and you will not need such scans. May be in months not weeks. Keep the recommended settings.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    epig Guest

    Smile Re: HEUR:Trojan.script.lframer

    Fax, thanks for responding to me.

    It was found in the following path:

    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\fm[1].htm

    One thing I did find interesting is the folder "Temporary Internet Files" in that particular path is set as a system folder and would not show up until I modified the setting to show all hidden and system folders. That folder is not considered a system folder under guest and shared users.

    I thought I had checked "Enable Virtualization" but after your suggestion wanted to verify and found that it was not checked. It is now.

    I guess I was expecting Zone Alarm to not even allow the trojan to download to my hard drive but the scan caught it so I should be okay.

    Thanks again.

    PS: I am afraid the super scan every week is my paranoia of identity theft coming through. :-)
    Last edited by epig; July 31st, 2010 at 12:56 PM. Reason: Wanted to add something

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: HEUR:Trojan.script.lframer

    Quote Originally Posted by epig View Post
    I guess I was expecting Zone Alarm to not even allow the trojan to download to my hard drive but the scan caught it so I should be okay.
    Probably it did otherwise you would not been discussing this here

    You are good to go...
    And virtualization is there to defend you exactly on these type of issues by isolating the browser from the rest of the system. Keep it on always.

    Read the guide for further help on how to use ZA:
    http://download.zonealarm.com/bin/me...ser_manual.pdf

    Quote Originally Posted by epig View Post
    I am afraid the super scan every week is my paranoia of identity theft coming through. :-)
    Again, way too much... may be you can do it every 2-3 months. Its not the scan that will do it but ZA itself on the spot if kept updated and always running.

    Cheers,
    Fax
    Last edited by fax; August 1st, 2010 at 03:24 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Information on HEUR:Exploit.Script.Generic
    By lateralus in forum Malware Discussion
    Replies: 1
    Last Post: June 15th, 2010, 06:28 AM
  2. Heur:Trojan Win32
    By atinalee in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 5
    Last Post: May 17th, 2010, 01:19 PM
  3. trojan-downloader.script.generic What is it?
    By bobsec in forum Malware Discussion
    Replies: 1
    Last Post: March 17th, 2010, 07:08 AM
  4. HEUR:Trojan.Win32.Generic
    By shuggie in forum ZoneAlarm Anti-virus & Anti-spyware
    Replies: 1
    Last Post: February 1st, 2010, 11:05 AM
  5. Replies: 3
    Last Post: June 29th, 2009, 05:25 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •