Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Trojan-Spy.HTML.Fraud.gen


  • Please log in to reply
2 replies to this topic

#1 pj48

pj48

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 16 February 2009 - 05:05 AM

I have a 20,000 message archive in Mozilla-Eudora, and was able to remove all of the viruses except for one when moving to a new computer. According to Kapersky there are 6 instances of Trojan-Spy.HTML.Fraud.gen in the inbox archive (not a current mailbox). This was called something else by Bitdefender but it no longer finds it upon scanning.

Have tried avg scan, bitdefender online scan, kapersky online scan, panda and fsecure online scans, as well as spybot, cc cleaner and hijack this. Also tried going through and deleting all the individual spam messages, first focusing on the ones with attachments and then going through them 1 by 1.

Got it down to 1 message popping up on the virus scan, but now it says there are 6. I have Eudora set to ask before it connects to the internet as well as the firewall set to ask for permission, but the viruses keep replicating in the older mail folder despite it being compacted.

Let me know if you have heard of Trojan-Spy.HTML.Fraud.gen, or if you have any suggestions for removal. Will run a few more scans and post the virsus details if they have a different name for it.

BC AdBot (Login to Remove)

 


#2 pj48

pj48
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 16 February 2009 - 05:12 AM

Here is the Virus List entry:
http://www.viruslist.com/en/viruses/encycl...a?virusid=66363

#3 pj48

pj48
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:14 PM

Posted 16 February 2009 - 02:58 PM

The trojan in the email archive folder was detected as Trojan-Spy.HTML.Fraud.gen by Kapersky, but could not be removed by the online or paid scanner. The virus was detected as Generic.Peed.Eml.7823A991 by BitDefender's online scanner but could not be removed.

What did the trick was clamwin, which found the titles of the emails and allowed for easy deletion in safe mode. All were fake Ebay emails:

http://www.clamwin.com/

Never tried or even heard of Clamwin before until this post by the excellen Houston Chronicle tech blog by Dwight Silverman. Silverman pointed to a utility repair kit with 57 different tools to fix problems on your computer. One was Clamwin, which did the trick.

http://blogs.chron.com/techblog/archives/2..._tools_all.html




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users