Re: Trojan & ADEBOT - Dell Vista SP1 XPS420 infected by ADEBOT... Trend installed but didn't prevent infection.

Tech-Archive recommends: Fix windows errors by optimizing your registry

Posted here as lots do run Trend A/V LW...

But yes, this is a stand alone PC... and it's been set up properly, and the
A/V was current as was the Vista SP1 patch level... and NO these people
don't hang out where all of the bad stuff takes place yet got hit just the
same; switched from the secondary user account to the primary user account
and BAMMO! they got hit (the primary account that is).

Much like yourself none of my systems ever get hit - touch wood - and I
probably go to some places one shouldn't... and I run a mix of different A/V
and a few virtual machines without any A.V protection, some behind my
SBS2003 R2 domain and some stand alone outside it (back to topic eh! <VBG>).

And yes, these BOTs can be a *bitch* to remove... so far this one was fairly
easy...so far!

Thanks though...

"Lanwench [MVP - Exchange]"
<lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:Oqz0tJsrIHA.4912@xxxxxxxxxxxxxxxxxxxxxxx
Gary J. DIkkema <gary_d-NO-SPAM-@xxxxxxx> wrote:
Not to pick on Trend, however, perhaps to alert everyone to this.
Where does this crapware come from?
Read on...
=================================================================
Have a customer who's computer got infected with the following and it
was a little nasty to pry it's claws off the computer; I finally
located a fix using Google and that seems to have worked.
The only thing is, the customer had Trend Micro Internet Security
installed and it was up to date and they tell me they weren't surfing
on bad sites. they did receive a disc with some pictures on it.
Regardless the A/V should have cleaned any crapware.
Makes me wonder where the infection came from.
Makes me wonder about the usefulness and EFFECTIVENESS of the three
year program that they bought along with their Dell.
According to the following chart they should have been protected.
Here's what they had. according to Trend.
Adware Playteck

TROJ_BHO.SK

They also had an ADEBOT and here's a link on how to remove.
http://www.techspot.com/vb/showthread.php?s=19c44773b433fed817f53bd112deb891&t=104254

<snip>

Hi - what a pain. However, this doesn't look like an SBS issue (nor an
issue with Trend's server suite) - I'd suggest you a) contact Trend
support directly and b) post in microsoft.public.security.virus. Also,
it's impossible to say whether the computer was actually being updated
properly or whether the software was running resident in the background. I
run TrendMicro at all my clients (including standalone users - PCCillin)
and I have never had to deal with this one, fortunately.







.

Quantcast