Did DirectUpdate download a virus?

Asks questions about settings, bugs...

Moderators: willynt, DiskDrive, fifinou

litobito
Posts: 1
Joined: Sat Mar 24, 2012 2:07 pm

Did DirectUpdate download a virus?

Postby litobito » Sat Mar 24, 2012 4:26 pm

Hi Guys

This morning my antivirus software Avira startet to alert about a (probable) virus found in a file called "ipd-allgemeine IP-Adresserkennung-checkip.fraggers.net.html". Avira declared that the file is containing a malware/virus called "HTML/IFrame.DO.54".

Every 30 Min. I got the same message. I found out, that the file was downloaded by DirectUpdate v.4.6.6 and placed in the directory: C:\Programs\DirectUpdate v4\Dump\. To find out what this is all about I startet the DirectUpdate Control panel and I found the domain "checkip.fraggers.net" listed under point 4 (used websites). Unfortunately I'm not a pro, so I can't really figure out, what this means exactly. Now I disabled the checkbox before the mentioned domain. Since then the alerts seem to have stopped.

Can anyone tell me, what this means? Ther a similar files in the directory C:\Programs\DirectUpdate v4\Dump\. What are they good for?

Many thanks in advance!!

litobito

willynt
Site Admin
Posts: 242
Joined: Thu Mar 10, 2005 6:32 am

Re: Did DirectUpdate download a virus?

Postby willynt » Tue Mar 27, 2012 9:13 pm

Hi,

Sure, here is the story of these files...
Every time DirectUpdate contacts a server (to detect your IP or to update your domain), it stores all the data exchanged with the server into a file, inside the Dump folder.
That's only meant for Debug purpose.
For an IP detection, the file is named "ipd-YourIpDetectioName-ServerName.html"

Here, the server fraggers.net doesn't exist anymore, so you can safely uncheck it (or even delete it) from the list under point 4.

Hope it helps
Regards
William


Return to “Questions, bugs,...”

Who is online

Users browsing this forum: No registered users and 2 guests