+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
Windows Thread, Your Computer is infected! in Technical; See attached screen shot, if I clear out the profiles it goes !! Anyone else seen this ? [ it's ...
  1. #1

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739

    Your Computer is infected!

    See attached screen shot, if I clear out the profiles it goes !!
    Anyone else seen this ? [ it's NOT spyware or scareware as I have done a very deep scan and check ]
    Attached Images Attached Images

  2. #2

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    On investigation, this is more spyware by the looks of it, our firewall is certainly NOT doing what it's supposed to be doing.....I'm NOT happy.

  3. #3

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,855
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    181
    It is spyware ('to pervent'?), and Malwarebytes Anti-Malware is the only thing I have found to clean it off reliably.

    (It's Antivirus Pro 2010 btw, which of course is a complete hypocrisy.)

  4. #4

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Hmmmmm, linked in with the other problem I had this morning.
    All this getting though our firewall and AV - not good, NOT very good at all. Makes you wonder why we pay such vast sums of dosh for appliences that clearly are NOT doing the job at the moment.

  5. #5

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,855
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    181
    To be fair, AVP2010's stock infection technique is drive-by-downloads, so you probably need to blame your content filter more than your firewall.

  6. #6

    Join Date
    Mar 2008
    Location
    Bromley
    Posts
    283
    Thank Post
    15
    Thanked 21 Times in 21 Posts
    Rep Power
    16
    Malwarebytes Anti-Malware gets rid of this one quite nicley if you boot into safe mode first.

  7. #7

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,049
    Thank Post
    1,680
    Thanked 2,021 Times in 1,495 Posts
    Rep Power
    673
    Chances are that something infectious is in someone's profile, if it disappears when the profiles are cleared down.

  8. #8

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by elsiegee40 View Post
    Chances are that something infectious is in someone's profile, if it disappears when the profiles are cleared down.
    Hit the nail on the head, I'm logging on as Admin, running a delprof, running a crap cleaner session, running the malware scan, making sure it gets rid of the nasties - re-booting and hey presto.

    Pain the backside though as I would rather be testing my ESXi setup.....

  9. #9

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,144
    Thank Post
    113
    Thanked 518 Times in 447 Posts
    Blog Entries
    2
    Rep Power
    121
    Quote Originally Posted by mattx View Post
    Hmmmmm, linked in with the other problem I had this morning.
    All this getting though our firewall and AV - not good, NOT very good at all. Makes you wonder why we pay such vast sums of dosh for appliences that clearly are NOT doing the job at the moment.
    Don't think you can blame the firewall; I think you'd find it very difficult to get a firewall rule to block this kind of infection.

    AV ought to pick it up but I've seen it get past Symantec (definitely up to date when it happened)

  10. #10

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Heads up on this. Found my computer zero and for anyone getting similar problems:

    TROJ_BREDOLAB.EF:
    TROJ_BREDOLAB.EF - Description and solution

    TROJ_INJECT.ANU:
    TROJ_INJECT.ANU - Description and solution

  11. #11

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Sent off some samples and got this back: [ The world may now be a safer place.....for 2 mins ]

    Dear Matt,

    The malware you have submitted are not yet included in our current patterns.
    We are now in the process of adding it so it will be detected in our next pattern release.

    Please expect another email from us as an update.

    Please retain the subject heading of this email as it will serve as the case-ID reference for this case.

    Best Regards,
    _______________________________________

    John Macariola
    Antivirus Engineer
    TREND MICRO EMEA
    _______________________________________

    "Matt wrote:

    > Attached is a zip file of possible scare ware files that are not being
    > detected - [ the Antivirus 2010 scam ]
    >
    > These files I have located from within the C:\windows\temp dir.
    >
    > The problem is only effecting locally stored profiles.

  12. #12
    dirtydog's Avatar
    Join Date
    Sep 2008
    Posts
    301
    Thank Post
    47
    Thanked 29 Times in 16 Posts
    Rep Power
    23
    weve had loads of these the past 2 weeks coming via email, malwarebytes does the trick.

  13. #13
    Chunky's Avatar
    Join Date
    Nov 2007
    Location
    Newbridge, Wales, UK.
    Posts
    164
    Thank Post
    15
    Thanked 26 Times in 20 Posts
    Rep Power
    18
    Personally I'd just reinstall. Why?

    I don't believe that once a PC has been compromised that it can be trusted 100%.

    It may be a bit cutthroat, but you can never be 100% sure it's clean afterwards from ANY infections.
    (Even if you've cleaned off the most obvious ones, you have no idea what else is still hiding in there)

    Just my 2p,

    Chunks

  14. #14
    TheLibrarian
    Guest
    Quote Originally Posted by Chunky View Post
    Personally I'd just reinstall. Why?

    I don't believe that once a PC has been compromised that it can be trusted 100%.

    It may be a bit cutthroat, but you can never be 100% sure it's clean afterwards from ANY infections.
    (Even if you've cleaned off the most obvious ones, you have no idea what else is still hiding in there)

    Just my 2p,

    Chunks
    Guess you aren't a DeepFreeze user then.

  15. #15

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,229
    Thank Post
    1,056
    Thanked 1,066 Times in 623 Posts
    Rep Power
    739
    Quote Originally Posted by TheLibrarian View Post
    Guess you aren't a DeepFreeze user then.
    LOL

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. users getting infected with spyware
    By techie211 in forum Internet Related/Filtering/Firewall
    Replies: 10
    Last Post: 16th September 2009, 05:01 PM
  2. [Joke] Windows 7 to be supplied ‘pre-infected’
    By kearton in forum Jokes/Interweb Things
    Replies: 7
    Last Post: 4th August 2009, 08:19 PM
  3. Replies: 13
    Last Post: 30th June 2009, 04:23 PM
  4. Malware/Adware or Spyware Computer Infected
    By MyDejaVu in forum Windows
    Replies: 10
    Last Post: 30th May 2008, 07:44 PM
  5. Computer hangs at 'Applying Computer Settings'
    By crc-ict in forum Wireless Networks
    Replies: 8
    Last Post: 25th April 2008, 10:29 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •