Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Script/Exploit detected by AVG Free 9.0


  • Please log in to reply
No replies to this topic

#1 smellywalrus

smellywalrus

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 29 November 2009 - 11:53 AM

I had serious problems a couple of weeks ago, which you kind folks helped me clear up.

Since then, I updated my AVG Free 8.5 to 9.0 and have all the components enabled. A scan runs every morning upon startup.

I download Malwarebytes updates every morning and do a Quick Scan. Once a week, I do a Full Scan.

Laptop is running XP Professional.

This morning, while running the Full Scan with Malwarebytes, the AVG Resident Shield alert popped up and said:

***
Threat detected!

File name: C\Documents and Settings\Joan Fletc\Local Settings\Temporary Internet Files\Content.IE5\G70SDOWQ\bh{1}.pdf

Threat name: Virus found Script/Exploit; detected on open.
***

I clicked the AVG link to "learn more about this threat." AVG's site said this:

"The Script/Exploit is not a virus, is it a heuristic scan warning, that there is a file on your computer which is able to use a security hole. It is necessary for such a program to have rights to change the Windows registry settings, and the program gets these rights by a dirty trick. This script does not contain any destructive action. If such a file is present on your computer, it is necessary to delete this file to avoid any further security damage done to your computer."

Two things confuse me. The portion of the file name that is Content.IE5 and the AVG info that this is not a virus.

I updated to IE8 after we had cleaned up all the various problems about which I'd posted a few weeks ago. So why should there be some issue with an IE5 file?

The Malwarebytes full scan did not detect any malicious items.

Since AVG moved this file to the Virus Vault, does anything else need to be done? Any idea where this is coming from and how to avoid it in the future?

As usual, thanks for any and all help!

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users