2 Replies Latest reply on Mar 22, 2012 11:56 PM by Lakshmanan Sathyamoorthy

    Massive Infection "Generic Damaged.a"

    njacinto

      Hello,

       

      We have Viruscan 8.7 with McAfee Agent 4.5 on all machines (4000) and ePO 4.5.4 to manage them.

      We currently have 20% of all machines reporting infected files with "Generic Damaged.a" trojan.

      The threat target path is almost always on "<drive>\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\<some folder>".

      Viruscan deletes the affected files, ODS always comes clean but the threat keeps coming back.

       

      Already tried NAI removal solution for the above threat. Any other day trojans keeps coming back.

      Sample attached.

       

      Any ideas on how to find the source?