I think we have got a trojan on some user profiles which have not been detected by VSE8.7
Basically some user have a service.exe hidden file on their Apllication Data folder under their profiles. The original properties of the file show mirc.exe. It also place a batch file Melt.bat on the same location
The service.exe loads everytime user logs in (it is in the HKLM\Softwaer\Microsoft\Windows\Current Version\Run key) and hammers the CPU.
I am still trying to find more info on the net, but still no success.
As a test for a user, I deleted her profile and re-image her machine. It seems to be going well so far.
Does anyone know anything about this threat? Any comments are appreciated.
you should upload the suspect files to www.virustotal.com and included the anaysis link when you then submit them to McAfee through the service portal, the virus total result will also show you the name of the threat if its detected by other products that you can use to obtain info to remove/clean it until you can get an extra.dat from Mcafee