HTML/scripted.gen virus

C

Chris

This virus keeps coming in when I browse with IE and logs me off several
accounts including MSN. AdAware can find it and repair but cannot block it.

Firefox has a script-blocking feature, why doesn't IE? Are they working on it?
I've unchecked all the scripting options under Options/Settings.

Anything else I should do?
 
D

David H. Lipman

From: "Chris" <Chris@discussions.microsoft.com>

| This virus keeps coming in when I browse with IE and logs me off several
| accounts including MSN. AdAware can find it and repair but cannot block it.

| Firefox has a script-blocking feature, why doesn't IE? Are they working on it?
| I've unchecked all the scripting options under Options/Settings.

| Anything else I should do?

Obviously you are browsing malicious sites if you are getting HTML declarations. You need
to learn Safe Hex practices and stop willy-nilly browsing that gets you to malicious
sites.

The first thing to know this is NOT a declaration of a virus. This is a declaration of a
malcious script from a web page.

You say "AdAware can find it and repair but cannot block it."
The fact is Ad-aware does NOT repair it. It can't be repaired because it is a malicious
script. It is not something that was good, then modified to be bad and can be fixed to be
good again. It was bad from the very beginning.

You also do NOT mention what anti virus software you are using because Ad-aware (and you
don't mention what version it is) is not anti virus. It is an anti adware/spyware utility
and depending upon whether it is the free version or the paid-for version will make ait a
preventative tool or a corrective tool. In the case of the free Ad-aware all it can do is
find the script after it is on your PC and delete it. However, at that point it may be
too late. You need anti virus application performing "On Access" scanning to prevent such
a script from be interpreted and performing its payload.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
C

Chris

I, myself, didn't think it was a virus, AdAware (Plus, not the free version)
refers to it as one i.e. when the scan finishes it says 'virus found -
html/scripted.gen - repair?' Correct, it is not repaired. It seems to be
temporarily deleted.

As for the sites I visit, I wasn't aware they were malicious several news
sites, local newspapers, IMDB, and Myspace. My Myspace friends don't seem to
have this problem.

I am also running Avast - free version as well as Avira free version.
I have a McAfee license that came with the Dell, but was told these were
better. If you would please recommend a product that can keep these scripts
from entering, I'd gladly pay for the full version.

I still want to know why IE can't keep these from coming in, if FF can?

Thanks
Chris
 
D

David H. Lipman

From: "Chris" <Chris@discussions.microsoft.com>

| I, myself, didn't think it was a virus, AdAware (Plus, not the free version)
| refers to it as one i.e. when the scan finishes it says 'virus found -
| html/scripted.gen - repair?' Correct, it is not repaired. It seems to be
| temporarily deleted.

| As for the sites I visit, I wasn't aware they were malicious several news
| sites, local newspapers, IMDB, and Myspace. My Myspace friends don't seem to
| have this problem.

| I am also running Avast - free version as well as Avira free version.
| I have a McAfee license that came with the Dell, but was told these were
| better. If you would please recommend a product that can keep these scripts
| from entering, I'd gladly pay for the full version.

| I still want to know why IE can't keep these from coming in, if FF can?

| Thanks
| Chris


I'm not going into what FF can do and why can't IE do it also.

It is totaly contrainicated to have two fuly installed anti virus applications running on
one platform. Remove Avast as Avira AntiVir is better and remove any/all remnants of
McAfee as well. Having them all may be why they did not catch the malicious script.

As for Ad-aware calling the malicious script a virus. This is something all anti malware
do. It is because of how they they work. They use a simple string identifier when
something is caught saying that a virus was found. This will also happen if you test it
against the EICAR test file. However if you look what it was decalred as you can see what
class of malware was actually found. In this case the declaration was
'HTML/scripted.gen'. This indicates a generic detection for a HTML script.

There are really only two actions the software can take on a malicious script, delete or
block.

The question then comes up is what are the circumstances surrounding this ?

Are you performing an "On Demand" scan with Ad-aware when the file deemed to be infected
with 'HTML/scripted.gen' was ascertained or were you actually doing something like surfing
the web and Ad-aware then gave you a Pop-Up declaration in an "On Access" fashion ?

Another question would be pertaing to WHAT file was deemed to be infected with
'HTML/scripted.gen'. Log extracts would be helpful.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
You must log in or register to reply here.

Similar threads

A
Hello i need help,Recently i got problem with virus and now the windows 10 antivirus is malfunctioning
Replies
0
Views
45
Augusto V9Cesar
A
P
  • Article
Unlock a new era of innovation with Windows Copilot Runtime and Copilot+ PCs
Replies
0
Views
86
Pavan Davuluri
P
R
Windows Server 2025 Secured-core Server
Replies
0
Views
54
RoySasabe
R
M
  • Article
New experiences designed to make every developer more productive on Windows 11
Replies
0
Views
113
Mike Harsh, Partner Director, Product Management
M
Y
  • Article
The most personal Windows 11 experience begins rolling out today
Replies
0
Views
152
Yusuf Mehdi, Corporate Vice President &#38
Y
Back
Top Bottom