Gen:Variant.Adware.Graftor.146914

everytime i do a full scan this virus is found but never removed. went into my virus and spyware scan logs...under action taken... always says NONE.... i disabled my back up and restore and scanned again...virus still wasnt removed. how can i get my F-Secure to remove it and anything else it might find?

Accepted Answer

Comments

  • Thank You....Smiley Happy

  • UkkoUkko Posts: 3,220 Superuser

    Hello,


    Sorry for next words... and I'm not sure.. but probably does not matter.. if here adware.


    If detected - should be removed - if it possible.

     

    Potentially here can be just situation (related with detection name) -> that malicious code found in some of busy-files/archives or... for example... like part of installer.

    It's mean -> not possible to "edit" installer and remove "string" about one of code-part. It should be removed during installation (for example). Or removed full installer.

     

    Anyway -> your logs should be with directory way and name of file.

    Sorry... I probably not really find here... information about this....   but it's can be important.. for understanding.. why F-Secure not removed it (here can be some reasons).

     

    And also.. if you already get MBAM .... will be interesting what certainly they can do with that situation (and be ready - that MBAM can to find some other "places", which will be marked as dangerous - but it's not really like that).

  • SimonSimon Posts: 2,661 Superuser
    If the issue is solved, kindly mark the relevent post as the Solution.

    Thanks. :)
  • i downloaded it...scanned my computer...it found 7 things....but not t was asking about...... restarted computer once it was finished..... then did a full scan with F-Secure...still says..... Viruses: 1

  • UkkoUkko Posts: 3,220 Superuser

    Maybe it's not surprise.. that Malwarebytes (MBAM) nothing to do with situation:

     

    -> if here false-positive - they ignore this file.

    -> if here indeed malicious - MBAM love to ignore hard malicious and reported about a lot of "other" things (which usually user able to remove without any specific tools).

    -------------------------

     

    Anyway -> just if it not hard...  after full scan with F-Secure; when you open log-file (last scan log-file report):

    Which file detected -> folders (where)? name of file?

     

    Sorry for ask.

  • NikKNikK Posts: 935 Rock Star

    So it says Adware but is reported as a virus? Not sure what that means but I found this analysis at VirusTotal.com saying that some AV's detect it as Adware and others as a Trojan. So perhaps it's not entirely an Adware.

     

    What action do you have in the F-Secure settings for "When virus or spyware is found"? (under manual scanning) Try set it to "Always ask me". Then you'll get options to clean, delete, quarantine. Hopefully one of them works.

     

    Also in the scan results window try and right-click on the file name and select Properties, to see the full path for the file. Certain paths may require different cleaning methods. If you know the path you can start a manual scan from a windows explorer by right-clicking that folder and select "Scan Folders for Viruses".

    Here are some F-Secure KB articles that may help:

    If nothing helps, try this: http://malwaretips.com/blogs/gen-variant-adware-graftor-removal/

    deliciousmemory
  • Windows\temporary internet files\content.IE5\wndiv284\blockandsurf_2222-5510[1].exe\stream_264.bin
    Ukko
  • NikKNikK Posts: 935 Rock Star

    Well, then this is what you should do (but I assume you already have):

    Cleaning temporary Internet files in Internet Explorer

     

    By the path(a folder called "Low" is missing) I suspect you haven't enabled Protected Mode (or Enhanced Protected Mode for 64-bit) in Internet Explorer. To do that you first need to make sure UAC is turned on. I recommend you read this: Running as Administrator? Read this!

     

    Here's some good information about the two protected modes:

    http://www.sevenforums.com/tutorials/63141-internet-explorer-protected-mode-turn-off.html

    http://www.eightforums.com/tutorials/31977-internet-explorer-enhanced-protected-mode-turn-off.html

    deliciousmemory
This discussion has been closed.