0 Replies Latest reply on Sep 24, 2010 9:12 AM by Singularety

    Patched-sysfile.d is no longer being cleaned...

    Singularety

      Ok have a major issue..seems that there is a new variant of Patched-sysfile.d out there and I have a few copies of it on some of the computers I manage. McAfee (Latest patch and latest DAT) runs finds said Trojan and successfully cleans. User reboots Trojan is back and now Google is on a mission to take my poor user to all kind of sites they really don't want to be going too...What! the Bank of America is being filtered as a porn site..HELP..

       

      I have been working with Gold support for a few days...you know.. try this and call me back. Submit this call me back...be another 24-48 hours before we call you back...are you sure you scanned it standing on your head while slapping yourself in the face yet...no? try that and call us back. I have tried everything and still it comes back. Have turned off system restore point and am going to try Hitman Pro (http://www.surfright.nl/en/home/) which everyone on the Symantec forums where claiming as the only product that actually cleans the infection. Yes Norton is having the same issues although they call it backdoor.tidserv!inf and they also cannot clean it.

       

      I don't have time to spare on this and expect a little more help being a corporate Gold customer. Coupled with being a Financial Institution I cannot play with backdoors and I will just have to reimage the machines and hope it is not widespread (ePO reporting 5 computers at this time).  Just a heads up and beware.

       

      Oh and there is also a Kapersky tool that sometimes works sometimes doesn't