Today we have had two incidents of a pernicious malware infection which is identified by the desktop background being altered to a red image with a 'Privacy protection threat' warning. It is accompanied by a number of popups trying to get you to obtain malware removal programs. These popups appear at regular intervals even in idle mode. Both machines also had the Windows Task Manager disabled although regedit and msconfig were available for use.
These two incidents are on unrelated equipment. One machine had a copy of McAfee installed but we cannot vouch for the state of the updates licence. The other machine had lost it's antivirus and was thus totally unprotected. We believe the infection has been brought in by a trojan horse but our invesigations have not identified the causal agent.
The totally unprotected machine allowed us to install and run Panda AntiVirus, which removed some threats but did not entirely clean the machine. We did a system restore to a week ago and then reinstalled Panda. Other machines on this network which were protected seem to be unaffected.
The other machine gave us grief. We could not get Panda installed initially because we could not remove McAfee. We disabled startup options in msconfig and trawled through registry to remove relevant McAfee keys. We have loaded Panda and done a system scan but we are not sure how complete the clean up has been. We may have to use system restore on this one as well.
This malware seems to strike fast. Dont let it cripple your system. keep your anti virus up to date.
Both systems running WIndows XP. One using XP Home, one XP Professional. Both SP2.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment