cancel
Showing results for 
Search instead for 
Did you mean: 

Spyware issue

Hi All,

In our environment few machine has been affected by Spyware " XP Security 2011 firewall alert & XP Antispyware 2011 Alert",

The above 2 Spyware has drop one or two .exe files under current user, application data, they randomly change the names, but it should be 3 letter files.

And created few changes & modification under registry.

McAfee virus scan and Stinger Not event detect that.

I ran Hijack this and few tools to identify the thread on the machine, Once i removed the infected file from the machine, the Spyware got removed but after restating the machine

.exe files are not open up.....If i click any .exe file, open with diolog box appears and i unable to open any .exe files. Its seems to be some windows file has been corrupted.

Is there any sollution for this

Is there a way to create a AP rule in virus scan to avoid this kind of issues.

Thanks in advance.

Regards

Sundar

5 Replies

Re: Spyware issue

Sorry the Last post wasn't answered....

pato
Level 7
Report Inappropriate Content
Message 3 of 6

Re: Spyware issue

I had that once... The Virus had manipulated something in the registry for the .exe extenstion. But I was unable to fix it within 2 hours of fiddling around, so I decided to fresh setup the PC.

For protection of that Virus keep your software (all Adobe Products, Java, ...) on an up to date state as that one is usually distributed by drive-by infection. It's so often updated that the AV manufactors (like Mcafee) can't react fast enough.

pato   

Re: Spyware issue

If there any way to avoid this kind for spyware attack.

Message was edited by: sundar.8212 on 3/28/11 3:44:01 PM CDT
pato
Level 7
Report Inappropriate Content
Message 5 of 6

Re: Spyware issue

Not really, as the developers of that Spyware constantly update it to use the latest security holes. Besides that they also use typical distribution channels like spam mail and such. The chance is really big to be once infected.

What helps against being infected is to keep Windows, Adobe (Reader, Flash, Shockwave) and Java up to date.  

Re: Spyware issue

Just used Malwarebytes to clean the PC and ran a Reg fix for the exe issue. 

took about an hour, but saved me from backing up over 100GB of data.