Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.
1 - 8 of 8 Posts

·
Registered
Joined
·
860 Posts
Discussion Starter · #1 ·
:confused:

When I d/l e-mails this am, I found 3 files with attachments, 2 senders unknown and 1 known and the same sender. When I went to check for the details on the attachments, I was presented in each case with a screen saying: You have chosen to d/l a file from this location

EA4DMGBP9p from

What would you like to do with this file?
- open
- save

I decided not to open and went about business on other e-mails.

When I returned to the unopened e-mails, as soon as I clicked on the first one, I was presented with an AVG warning screen warning of the badtrans virus. I closed the screen and deleted that file.

I consulted Norton's instructions, shut down, started in safe mode, b/u registry, and looked for kernel32.exe in RunOnce. That file was not there, only an icon saying default.

I opened in Windows and looked at remaining attachments. They have extensions like docs.doc.pif.

I scanned with AVG in both safe mode and not. No virus files were reported.

What should I be doing now? Thanks very much indeed.
 

·
Registered
Joined
·
2,336 Posts
Hi... Did the attachment jump up w/ out you trying to open it?

Was your AVG Virus scanner updated?

If not go scan at housecalls... its free & very efficient.
You can get there by clicking Here!

Savvy :)
also see this post!
 

·
Registered
Joined
·
860 Posts
Discussion Starter · #3 ·
Thanks for quick reply.

Yes. I think I just opened the e-mail. I may have clicked on the paper clip - I guess I must have - to get the "You have chosen ..." screen.

As I said, I have scanned twice with AVG updated as of 11/24. It did not id any virus files.

Do you still think I need to go to housecalls too?
 

·
Registered
Joined
·
860 Posts
Discussion Starter · #4 ·
I had forgotten that when I delete it just goes to a delete folder. When I just remembered I went there again. As soon as I clicked on the e-mail, I got the AVG warning again. It asked if I wanted to enable access. I replied no and deleted the file from delete.

Thoughts? Thanks.
 

·
Registered
Joined
·
2,336 Posts
No... its a self installing virus & opens itsself even in the preview pane of your e-mail... AVG must have quarantined it. I also was hit w/ it last night. Same thing & circumstances.

It did steal my passwords in my e-mail settings. Had to redo them in accounts.

Savvy :)

Go to AVG quarantine & delete it & yes I went to houscalls too... better safe than sorry
 

·
Registered
Joined
·
2,336 Posts
For what its worth I got hit with it last night too.
Same identical way & follwed thru just like you.

Savvy :)
 
1 - 8 of 8 Posts
Status
Not open for further replies.
Top