Trojan Alert

Flyman

Hi,

Just had an alert today where BD found this:

Trojan.FakeAlert.CI

and according to the log its located here:

C:\Users\David\AppData\Roaming\Apple Computer\Safari\PubSub\Feeds\fa7aebfd64732f0ed215f302158b04cf4ec9c731\4ae7e42c80e9de1a42a3e4a481ce4529e32945e3.xml

At the moment its in quarantine so is it best just to delete it?

Also has anyone any idea as to how I might have got it?

alexcrist

Hello Flyman,

Judging by the file path, I'd say that the file has been downloaded through Safari's feed reader. There's no way of telling more details about this detection from what you've posted. However, if everything's working OK, then that file might not be a critical one. If nothing goes wrong in the next few days, it should be safe to completely delete it from Quarantine.

If you would like the file to be double-checked, please follow these steps:

• close ALL unnecessary applications (browsers, media player, documents, anything)
• temporarily disabled BitDefender Realtime Protection
• go to BitDefender's quarantine (BitDefender Security Center (Expert mode) -> Antivirus -> Quarantine), select that file and click Restore
• go to the file's original location and, without opening the file, put it in an archive protected with the password infected (see my signature for links on how to do this)
• after the archive has been created, re-enable BitDefender Realtime Protection (if that file is detected again, move it to qarantine)
• then upload the archive on a file sharing server (like www.sendspace.com) and send me the download link by PM. Please do NOT post the link on the public forum, as it might contain dangerous files.

Cris.