5 Replies Latest reply on Apr 6, 2011 3:26 PM by edpannell

    Spyware issue

      Hi All,

       

      In our environment few machine has been affected by Spyware " XP Security 2011 firewall alert & XP Antispyware 2011 Alert",

      The above 2 Spyware has drop one or two .exe files under current user, application data, they randomly change the names, but it should be 3 letter files.

      And created few changes & modification under registry.

       

      McAfee virus scan and Stinger Not event detect that.

       

      I ran Hijack this and few tools to identify the thread on the machine, Once i removed the infected file from the machine, the Spyware got removed but after restating the machine

      .exe files are not open up.....If i click any .exe file, open with diolog box appears and i unable to open any .exe files. Its seems to be some windows file has been corrupted.

       

      Is there any sollution for this

       

      Is there a way to create a AP rule in virus scan to avoid this kind of issues.

       

      Thanks in advance.

       

      Regards

       

      Sundar

        • 1. Re: Spyware issue

          Sorry the Last post wasn't answered....

          • 2. Re: Spyware issue
            pato

            I had that once... The Virus had manipulated something in the registry for the .exe extenstion. But I was unable to fix it within 2 hours of fiddling around, so I decided to fresh setup the PC.

            For protection of that Virus keep your software (all Adobe Products, Java, ...) on an up to date state as that one is usually distributed by drive-by infection. It's so often updated that the AV manufactors (like Mcafee) can't react fast enough.

             

            pato   

            • 3. Re: Spyware issue

              If there any way to avoid this kind for spyware attack.

               

              Message was edited by: sundar.8212 on 3/28/11 3:44:01 PM CDT
              • 4. Re: Spyware issue
                pato

                Not really, as the developers of that Spyware constantly update it to use the latest security holes. Besides that they also use typical distribution channels like spam mail and such. The chance is really big to be once infected.

                What helps against being infected is to keep Windows, Adobe (Reader, Flash, Shockwave) and Java up to date.  

                • 5. Re: Spyware issue

                  Just used Malwarebytes to clean the PC and ran a Reg fix for the exe issue. 

                   

                  took about an hour, but saved me from backing up over 100GB of data.