JS/Downloader-AUD

Discussion in 'Malware Help (A Specialist Will Reply)' started by spyware sucks, May 2, 2007.

  1. spyware sucks

    spyware sucks Private First Class

    hi the mcafee virusscan on my computer found this trojan and it says that the file cannot be deleted. It tells me to verify that the file is not write-protected and try again. how do i verify that its not write-protected?
     
    spyware sucks, May 2, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Right click on the file from Windows Explorer and make sure it is not set to READ ONLY. However I doubt that is the problem. The file could be in use by the malware which is blocking McAfee from removing it (rather silly since that is what an antivirus program is supposed to be able to remove) or it could be in System Restore which cannot be removed until you disable system restore.

    Since you did not give adequate information on the Trojan name, the file name, where it is located, your OS.....etc. I cannot make any other comments.

    If you have malware problems that cannot be removed, run the READ & RUN ME sticky and attach the 6 requested logs.
     
    chaslang, May 2, 2007
    #2
  3. spyware sucks

    spyware sucks Private First Class

    the file name is cinecast[1].htm
    trojan name is js/downloader-aud
    it's in the temporary internet files\content.IE5\4HMFWDM3

    i tried looking for the file but i couldn't find it. i was just wondering if maybe it was already deleted.
     
    Last edited: May 2, 2007
    spyware sucks, May 2, 2007
    #3
  4. spyware sucks

    spyware sucks Private First Class

    i didn't save some of the scans but if you need them i'll scan again.
     

    Attached Files:

    spyware sucks, May 2, 2007
    #4
  5. spyware sucks

    spyware sucks Private First Class

    here are a couple more scans. sorry about the hijack log already
     

    Attached Files:

    spyware sucks, May 2, 2007
    #5
  6. spyware sucks

    spyware sucks Private First Class

    counterspy log. sorry for so many responses.
     

    Attached Files:

    spyware sucks, May 2, 2007
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Probably was deleted. That is just a temp file for IE. Once you exit IE, it could easily be cleaned by dumping the cache, or using a program like Ccleaner, or by running any number of scanners. It was not a major problem in reality to begin with.

    Your logs are clean other than the fact that you are way out of date with your Sun Java version. You have J2SE Runtime Environment 5.0 Update 6. Step 6 of the READ ME tells you to uninstall old versions and install the current version (link given).
     
    chaslang, May 3, 2007
    #7
  8. spyware sucks

    spyware sucks Private First Class

    thanks chaslang.
     
    spyware sucks, May 3, 2007
    #8
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, May 3, 2007
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds