Posted 22 August 2008 - 07:03 PM
Seems like a few people here at work over the past couple of weeks have been nailed with the Fakealer trojan/virus
Victim #1: Too many problems. Was able to save Documents but had to reformat drive.
Victim #2: Was able to kill the trojan, saved files, deleted account/profile from computer and recreated account... No problems
Victim #3: Also saved files, deleted account, recreated account.... can't print from Internet Explorer
Victim #4(Me): Stopped trojan, immediatly did a system restore and went back 2 weeks (the trojan didn't get to my system restore yet). I can't print from Word
We're running TrendMicro OfficeScan on XP computers updated by our central server. The OfficeScan caught/catches the VBS_Fakealer.HJ trojan. Couldn't clean it but Quarantined it. From the other victims I knew that it destroyed the System Restore record and messed up the desktop background. So I Immediately killed any processes that I was not familiar with. Then I ran System Restore and went back 2 weeks in time. So everything looks fine except I can't print from Word. It says that it's printing and acknowledges that it was sent to the printer but nothing happens. Similarly, Victim #3 has a similar problem but it's from IE. I also tried printing to Adobe PDF instead of a printer.. It goes through all the steps, asks for filename, but nothing gets created.
I'd just reformat the drive to clean it up from junk over the years, but there is just too much on this computer.. plus some Domain Admin stuff was loaded onto my computer so I can take care of simple network/server issues. It would just take too much time to fully recover.
Anybody heard of similiar issues or has some experience with this? I'm kind of stumped.