Jump to content

Recommended Posts

Posted

I just ran an AVG scan and it turns out 39 of my files (all MS Word documents) are infected with Exploit-Dropper.1Table . AVG tried to clean up the files but failed. I have now deactivated the internet connection on that machine.

Tried to google for Exploit-Dropper.1Table to find out more, but cannot really find anything useful.

Does somebody have any pointers of what to do next? :o

:D

Posted

Reboot into safe mode and try agin. It should be able to clean it then. If not:

Download and install Antivir, disable AVG and boot into safe mode. Run Antivir in safe mode. Reboot and rescan.

Posted

It appears it.rising.com.cn may have a fix for it. It appears in their anti virus upgrade reports dated 09feb07 and 12feb07.

Unfortunately the site is all in Chinese.

Hopefully one of our Chinese reading members can help.

Posted

This looks like a coolwebsearch variant. Annoying but not destructive. Picked up by IE at infected websites or html emails.

Posted

Thanks a lot for your help, I am downloading antivir now and will try the steps you recommended cdnvic. :o

It is probably not a coincidence info about this virus is only available in Chinese. I just noticed all 39 of the infected documents AVG listed ultimately come from the same source, a Chinese customer of mine.

Posted

Well, after having followed Vic's advice Avira found these on my computer, all of which had not been detected by AVG, Spybot Search & Destroy and ADaware SE:

TR/Dldr.Stration.C

TR/Dldr.Stration.D

TR/Crypt.U.Gen

It also warned me twice during the scan because two files could not be opened, and I am not sure what this entails:

C:\pagefile.sys

[WARNING] The file could not be opened!

C:\hiberfil.sys

[WARNING] The file could not be opened!

Posted
No worries, that's just your virtual memory and hibernation info.

Thanks, that is good to know.

As for TR/Dldr.Stration.C and TR/Dldr.Stration.D , Antivir did not do anything about them since they were in my Mozilla Thunderbird Inbox... I have tried to look for the e-mails referenced but cannot find them there. I do know that I never opened the attachments though (I never do), so I guess that means they will not be able to do any harm...? :o

UPDATE: I sent you a PM with details from the Antivir log.

Posted
No worries, that's just your virtual memory and hibernation info.

Thanks, that is good to know.

As for TR/Dldr.Stration.C and TR/Dldr.Stration.D , Antivir did not do anything about them since they were in my Mozilla Thunderbird Inbox... I have tried to look for the e-mails referenced but cannot find them there. I do know that I never opened the attachments though (I never do), so I guess that means they will not be able to do any harm...? :D

UPDATE: I sent you a PM with details from the Antivir log.

PM replied with link to instructions :o

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...