Jump to content

New heuristic [pattern] detected, which virus is this?

Recommended Posts

I had this weird trojan, originally started from a js file, and, I have not quite managed to remove all the bad files.  Now that 25th December 2017 is today finally my DVD drive eject is working, it was blocked, I wonder which virus blocks the opening and closing of my DVD drive, I thought this was a hardware problem initially, however, the infection came after the problem was observed where .js files messed up some of my files and corrupted them.

I think I deleted the files that were converted to .html, basically the script changed the format, I cleaned out some of them.  Now a side effect is that I insert my USB stick and the computer is creating a shorcut to C:\Windows\system32\rundll32, and I wonder if this is the system file or another rabbit hole created by the virus.


Originally the virus was found in a spam folder, when I was reading Yahoo Mail! [www.yahoo.it].  The RAR file can be opened with the application WinRAR available at www.rarlabs.com.



fajl li jdejjaqli ghajni.jpg


Link to comment
Share on other sites

Basically my computer is blocking either the DVD writer or the USB external drive, what are the roots of this legacy OS, is it the OS that is infected?

Edited by Marcos
Personal post address removed for privacy reasons
Link to comment
Share on other sites

  • ESET Moderators


This sounds like it might be a USB autorun worm of some kind that is modifying HTML and JS files on your system in order to include a link to a network-based copy of itself.  If your copy of ESET's software didn't detect it, you may wish to send some copy of the infected file, as well as a few modified files to the virus per the instructions in ESET Knowledgebase Article #141, "How to submit a virus, website or potential false positive sample to ESET's lab."


Aryeh Goretsky

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...