Trojan.JS.Phishing.I Virus

I have a Trojan JS Phishing.I virus, identified by my Charter Security Suite.    I have tried getting rid of it with my f-secure security suite anti-virus program, but it doesn't get rid of it.  The path for the virus is:  C:\Users\John\AppData\Local\Microsoft\Windows Live Mail\Hotmail\Deleted Items\6F1174AD-0000600D.eml\[From "David Walter" *** Email address is removed for privacy ***?][Subject:Transfer Alert Confirmation.]PDF File.zip\PDF file.htm.

 

I've tried running other virus removal tools, but they don't even recognize the virus.

 

I am running Windows10 on a Dell laptop.

 

Please help.

Comments

  • 1) Check the file to https://www.virustotal.com/
    2_ Send this file to the analysis laboratory F-Secure
    https://www.f-secure.com/en/web/labs_global/submit-a-sample

    And the question. How is it found on your computer if you have installed F-Secure? FSecue detected in real time or during on-demand scan?

    Ukko
  • UkkoUkko Posts: 3,198 Superuser

    Hello,

     

    Also most likely (or maybe) will be enough "clean" (or something like that) folder "Deleted letters/recycle-bin/trash" (maybe called something like that) under Hotmail/Windows Live Mail client...

    Or just one letter.. from whom you know (and maybe mail-address also known for you).

     

    And F-Secure detected this "phishing" letter with suspicious attachments.

     

    Under community was topic about dealing with "mail client" letters and detection (which F-Secure do not provide to "remove"... because... even if... the letter can be helpful partly.. or if detection comes about backup/archive of ALL letters.. but not about one)..... to proper clean/remove just one of them (with specific tool/solutions by one of greatest community members). Maybe you able to re-check it... if this is not enough less steps (or if you not able to remove full ".eml"-file (6F1174AD-0000600D.eml) - because.. how I can to understand.. this is can be as archive for one letter.. or some letters.. which can be partly needed for you. but just because destination have words about "deleted items"... maybe archive can be just about deleted one letters - which most likely deleted by purpose). And better do not open this letter under mail-client (and eventually... launch attachment).

     

    Sorry for my reply.

This discussion has been closed.