Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Cleaned But Problems


  • Please log in to reply
2 replies to this topic

#1 sdp54321

sdp54321

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 22 August 2008 - 07:03 PM

Seems like a few people here at work over the past couple of weeks have been nailed with the Fakealer trojan/virus

Victim #1: Too many problems. Was able to save Documents but had to reformat drive.
Victim #2: Was able to kill the trojan, saved files, deleted account/profile from computer and recreated account... No problems
Victim #3: Also saved files, deleted account, recreated account.... can't print from Internet Explorer
Victim #4(Me): Stopped trojan, immediatly did a system restore and went back 2 weeks (the trojan didn't get to my system restore yet). I can't print from Word

We're running TrendMicro OfficeScan on XP computers updated by our central server. The OfficeScan caught/catches the VBS_Fakealer.HJ trojan. Couldn't clean it but Quarantined it. From the other victims I knew that it destroyed the System Restore record and messed up the desktop background. So I Immediately killed any processes that I was not familiar with. Then I ran System Restore and went back 2 weeks in time. So everything looks fine except I can't print from Word. It says that it's printing and acknowledges that it was sent to the printer but nothing happens. Similarly, Victim #3 has a similar problem but it's from IE. I also tried printing to Adobe PDF instead of a printer.. It goes through all the steps, asks for filename, but nothing gets created.

I'd just reformat the drive to clean it up from junk over the years, but there is just too much on this computer.. plus some Domain Admin stuff was loaded onto my computer so I can take care of simple network/server issues. It would just take too much time to fully recover.

Anybody heard of similiar issues or has some experience with this? I'm kind of stumped.

Thanks, Pete

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:18 AM

Posted 22 August 2008 - 09:17 PM

Hello and welcome to BC Pete

If this is a work computer, have you contacted and advised your IT Dept? They probably have policies and procedures in place to deal with infections on the network and may not approve of your seeking help at an online forum.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 sdp54321

sdp54321
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 23 August 2008 - 12:17 PM

Heh heh heh.... Well.. I am the IT department. But I'm an Electrical Engineer who has learned alot over the past 8 years through hands on experience. I can take care of most things unless it starts getting really complicated or over my head.

Edited by sdp54321, 23 August 2008 - 12:17 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users