wcturner
Royal Geek
User is Offline
Joined: 23 Dec 2006
Posts: 205
Posted: Mon Sep 22, 2008 2:02 am Post subject: HiJacker.IFrame.OS · Quote · Edit · Delete · IP
--------------------------------------------------------------------------------
Repa,
A scan today in Safe Mode, using AVG Anti-Spyware, found 1 Object (647 Traces)of HiJacker.IFrame.OS. It was called a "HIGH RISK". Scary!
I'm pretty sure this was found before, several months ago, and I deleted it. This time I placed it in Quarantine. Don't I need to Delete it from Quarantine?
Here is the path it showed, and it's description. This malicious software changes the settings for the Start Page or the Search Page of the Internet Browser or any other browser resulting in an unwanted and unknown new start or search page.
Path:It said The File then... C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_12.cab/\Pavilion\XPHNABS3EN\LocalContent\en-us\Act iveContent\
Change a parallel port setting.ihtm.html cannot be quarantined because it is embedded in the archive C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_12.cab.
Then it said: Do you want to quarantine the whole Archive?
All objects in the quarantine are encrypted and can do no harm to your computer.
I hope you know what all this means, because, I sure don't.? Do I need to go back in and Delete?
_________________
Thanks!!
wcturner
Back to top · Profile · PM · Email
--------------------------------------------------------------------------------
Repa
Site Admin
User is Online
Joined: 26 Nov 2006
Posts: 1847
Location: North Carolina
Posted: Mon Sep 22, 2008 2:26 pm Post subject: · Quote · Edit · Delete · IP
--------------------------------------------------------------------------------
It's possible that you got a false positive with the latest signature file update, but I don't know that for sure. I cannot find anything about Hijacker.Iframe.OS, but have found similar reports for other Hijacker.Iframe malware detected by AVG Anti-spyware. I suggest you don't delete the quarantined archive just yet. Go through Sticky #6 in the Tutorials forum and see if any other scanners find anything and let me know.
You might also register here:
http://freeforum.avg.com/ and after registering and logging in, post your question in the following forum:
http://freeforum.avg.com/list.php?9 being sure to provide the following information:
1. Windows version.
2. AVG Anti-Spyware version (found in the right hand side of the AVG Anti-Spyware main (status) window)
3. Other antivirus software installed / previously uninstalled (if any)
4. Other protection software installed
5. The exact error message you are getting
6. Infection file and path (post it exactly as given by AVG Anti-Spyware)
7. Results or lack of results obtained from other scanners