Click here for important information about

Solved How to handle Names of detection signatures in EXTRA.DAT .

December 21, 2014 at 20:28:40
Specs: Windows 7, 8 Gb

I'm scanning my small set of PC's for a few weeks and today firtst time I hit this error: " Names of detection signatures in EXTRA.DAT = Trojan-Wiper (ED)"

Could someone please explain me whant means EXTRA.DAT? Is it addition to .DAT? In my case I am using xdat.exe to get latest .DAT and then command line for scanning. How should I handle the issue? I only have OnDemandLog.txt file at the end of scan. Should I open Console and analyze what McAfee did with that malware Trojan-Wiper. BTW is it a virus? What measures should I take to get rid of it?

I will attach a small log that I got from my scan.


P.S. After first detection of Trojan-Wiper in 2 hours I ran again with a newer version of .DAT and it again detected the same issue.
The biggest confusion is that when I scan the same PC using VirusScan Console and the same Task it didn't find any issue. I used for VirusScan all default values and for command line scan I used this command:

See More: How to handle Names of detection signatures in EXTRA.DAT .

December 21, 2014 at 20:53:45
Lets get another opinion.

Best you print or write the instructions & check the steps off as you do them.

Run ESET Online Scanner, Copy and Paste the contents of the log in your reply please. This scan may take a very long while, so please be patient. Maybe start it before going to work or bed.
If your comp is unbootable, or won't let you download, you will have to download ESET from a good computer, put it on a flash/thumb/pen/usb drive & run it from there.
Create a ESET SysRescue CD or USB drive
How do I use my ESET SysRescue CD or USB flash drive to scan and clean my system?
Configure ESET this way & disable your AV.
How to Temporarily Disable your Anti-virus
Which web browsers are compatible with ESET Online Scanner?
Online Scanner not working
Why Would I Ever Need an Online Virus Scanner? I already have an antivirus program installed, isn't that enough?
Once onto a machine, malware can disable antivirus programs, prevent antimalware programs from downloading updates, or prevent a user from running antivirus scans or installing new antivirus software or malware removal tools. At this point even though you are aware the computer is infected, removal is very difficult.
5: Why does the ESET Online Scanner run slowly on my computer?
If you have other antivirus, antispyware or anti-malware programs running on your computer, they may intercept the scan being performed by the ESET Online Scanner and hinder performance. You may wish to disable the real-time protection components of your other security software before running the ESET Online Scanner. Remember to turn them back on after you are finished.
17: How can I view the log file from ESET Online Scanner?
The ESET Online Scanner saves a log file after running, which can be examined or sent in to ESET for further analysis. The path to the log file is "C:\Program Files\EsetOnlineScanner\log.txt". You can view this file by navigating to the directory and double-clicking on it in Windows Explorer, or by copying and pasting the path specification above (including the quotation marks) into the Start ? Run dialog box from the Start Menu on the Desktop.
If no threats are found, you will simply see an information window that no threats were found.

message edited by Johnw

Report •

December 22, 2014 at 04:28:46
Thanks for reply BUT my PC's are located on VLAN and does not have access to Internet. Also my orgsnisation policy does not allow me to do that.
Hence I have to deal with what I have 😀
Thanks anyway

Report •

December 22, 2014 at 04:41:45
✔ Best Answer
I'd never heard of extra.dat and was inclined to feel it "might" be a nuisance item; and thus not at all surprised when JohnW suggested an initial look-see for pests...

Meanwhile I dun a wee google trawl using the string:


and found this - amongst other hits...

Possibly it relates to what you are describing?

Report •

Related Solutions

December 22, 2014 at 04:45:35
More googling.

McAfee Labs Threat Advisory

Report •

Ask Question