|
Mandycat
|
 |
« on: April 09, 2008, 01:26:35 AM » |
|
A poster informed me by PM that her anti-virus program flagged something called "html/framer.z" that was traced to a website that I posted in the thread about the woman with the possible Mad Cow disease. The site was cjdinsights. I deleted that link just in case it is a problem. I Googled the "html/framer.z" to try to find out something about it, but there is not much and it seems that what discussion there is about it on various sites indicates that people have had this happen from various sites that have nothing to do with the one I posted. Although some people are referring to it as a virus, nobody seems to know exactly what it is. One person said that it was something that was just in the Temporary Internet files and that deleting them would solve the problem - whatever the problem is.  I cannot find anything about this at my McAfee website and I have personally not seen this on my computer. I am not very computer literate beyond the very basics, but I am letting everyone know so that you can check your own computers and/or be alerted to look for this. Has anyone else had any kind of indication of this problem after visiting the site I posted or any other site? |
|
|
|
|
Logged
|
|
|
|
|
kaffe
Guest
|
|
« Reply #1 on: April 09, 2008, 02:00:58 AM » |
|
Thanks Mandycat!
|
|
|
|
|
Logged
|
|
|
|
|
3catkidneyfailure
|
|
« Reply #2 on: April 09, 2008, 10:25:39 AM » |
|
Looks like this is a relatively new possible computer attacker that's connected with HostFresh and Psyme
trojan.
Contains some kind of obfuscated script. Reports presently indicate that AVG can't remove it at this time.
Norton is not yet reporting it. So hopefully the antivirus companies will get to it soon.
|
|
|
|
« Last Edit: April 09, 2008, 10:28:19 AM by 3catkidneyfailure »
|
Logged
|
|
|
|
|
Mandycat
|
|
« Reply #3 on: April 09, 2008, 02:06:46 PM » |
|
I did some further searching in my Security Center and, apparently, I did have an attempt at the following trying to be downloaded on my computer on April 8.
VBS/Psyme - which is described as a VBS Script and a Trojan
This was blocked and removed by my McAfee Anti-Virus program. I did find this thing described on the McAfee website. Nothing was included that called it the "html/framer.z", though. I don't know the connection between the two, but will search further.
Thanks, 3cat. Your post helped me recognize this when I looked at the Security Center.
|
|
|
|
|
Logged
|
|
|
|
|
3catkidneyfailure
|
|
« Reply #4 on: April 09, 2008, 04:58:58 PM » |
|
We all have arcane talents or interests.
HostFresh is a particularly nasty Russian botnet. So be sure and run a full virus scan this week
after updating definitions.
|
|
|
|
|
Logged
|
|
|
|
|
Carol
|
|
« Reply #5 on: April 09, 2008, 05:01:33 PM » |
|
It's reading posts like these that remind me that I have absolutely no idea what the heck I am doing on this computer! LOL... |
|
|
|
|
Logged
|
“Never doubt that a small group of thoughtful, committed citizens can change the world; indeed, it’s the only thing that ever has.” — Margaret Mead
United we stand Divided we fall....
|
|
|
|
lesliek
|
|
« Reply #6 on: April 09, 2008, 05:07:44 PM » |
|
Carol- You are not the only one ! |
|
|
|
|
Logged
|
"the world's most inept extortionist"
|
|
|
|
3catkidneyfailure
|
|
« Reply #7 on: April 09, 2008, 05:32:20 PM » |
|
http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.htmlThere is a really simple program to run called HijackThis, while you are connected to the Internet. Then you save the text file report in a .txt file. You can check the results on a German analysis site (but it's in English), which is here: http://www.hijackthis.de/Copy and paste the HijackThis report results into the window on the German site. If you see anything going out from your computer to an IP address which begins with 53., you may have this problem. If not, you're safe. Just be careful not to delete anything from the HijackThis report unless you are absolutely sure about what you're doing.
|
|
|
|
« Last Edit: April 09, 2008, 05:40:31 PM by 3catkidneyfailure »
|
Logged
|
|
|
|
|
|
|
3catkidneyfailure
|
|
« Reply #9 on: April 09, 2008, 05:41:43 PM » |
|
I thought so, Klondike. Trend-Micro didn't used to own it, but it's a
long-standing spyware checker program. I just did it on Windows
XP Pro. I am not positive about comptability with Windows Vista.
Read the download.com instructions and watch the video on how to
use the program.
|
|
|
|
« Last Edit: April 09, 2008, 05:55:31 PM by 3catkidneyfailure »
|
Logged
|
|
|
|
|
Poco
|
|
« Reply #10 on: April 09, 2008, 05:43:40 PM » |
|
Sounds like you have experience with it, then. Scary name and the German web site added more intrigue for me.
|
|
|
|
|
Logged
|
 Don't experiment on me! |
|
|
|
3catkidneyfailure
|
|
« Reply #11 on: April 09, 2008, 05:59:12 PM » |
|
Been using the program for quite a while. The German analysis site is just a
free instant analyzer website that has also been there for years. But absolutely
do not fix all items that come up with red X's on the German site with HijackThis
unless you are absolute sure. Save the German report and research it further
before deleting ANYTHING if you're not or consult a computer expert.
Now I'm kind of sorry I started this, because if you delete the wrong things, you can
mess up your computer. I use it as kind of a quick check analysis. Then consult
a better expert before "fixing" an item. The German analysis site can sometimes flag
things that are necessary on your computer configuration or for your computer programs.
So use the analysis results cautiously.
|
|
|
|
« Last Edit: April 09, 2008, 06:16:26 PM by 3catkidneyfailure »
|
Logged
|
|
|
|
|
Poco
|
|
« Reply #12 on: April 09, 2008, 06:09:45 PM » |
|
Don't worry, most of us are too chicken to even run the program, let alone start deleting things.  I'll try to read up on it, though. Thanks for letting us know about it! |
|
|
|
|
Logged
|
Don't experiment on me! |
|
|
|
mainecoonpeg
|
|
« Reply #13 on: April 09, 2008, 07:06:11 PM » |
|
Gray matter is trickling out of my left ear..................
|
|
|
|
|
Logged
|
If cats could talk......They wouldn't
Tortie cats are like Almond Joys........Very sweet and a little nuts
|
|
|
|
3catkidneyfailure
|
|
« Reply #14 on: April 09, 2008, 07:10:16 PM » |
|
Just run updated antivirus and spyware scans and you should be fine.
Should I remove the posts about HijackThis? If you don't fix anything, but
just get some red X's on the German analysis site, at least you know what
to research or ask about, either via online tech forums or from a computer
expert.
|
|
|
|
|
Logged
|
|
|
|
|
