Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Niggling Doubt After Removing Psecurity


  • Please log in to reply
1 reply to this topic

#1 springlering

springlering

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:48 PM

Posted 10 December 2009 - 01:49 PM

One of my workstations got hit by the Psecurity trojan yesterday.

I followed the instructions here to remove it (THANK YOU EVER SO MUCH FOR THE SIMPLE INSTRUCTIONS!!!!!) and think I got it off. I've run quick and full scans on Malwarebytes several times , as well as AVG and Windows Defender. The first MWB run picked up 25 trojans, all associated with Psecurity, which I isolated and deleted.

We have no idea how we got the virus.

But one thing is nagging at me. I emailed the bleepingcomputer URL from my own workstation (which is clean) to the infected computer. Because Psecurity blocked MWB and AVG and also redirected IE on that workstation, I ended up having to put Rkill and MW on a harddrive and cleaned the infected computer that way.

Today, though, my own bleepingcomputer email I sent myself shows on Outlook as a file with unread email, and the unread email is a Viagra email with an attachment.

I've run several other test emails from my office, home and phone email addresses this afternoon, and nothing else is showing up that way.

Am I worrying unecessarily? It's just making me uneasy that I've missed something.

BTW, this particular workstation has an email address (we have one Outlook express email box set up per workstation) that has just been hammered by Viagra emails. This is the workstation that an elderly family member uses, bless her heart. She deletes those that clear the filter without reading them, and then empties her email box immediately because they embarrass her so bad to know they're sitting there. I think she equates it to finding Playboys under the bed, lol!

Am just worried. PSecurity seems to be a particularly nasty pest.

BC AdBot (Login to Remove)

 


#2 Computer Pro

Computer Pro

  • Members
  • 2,448 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:48 PM

Posted 10 December 2009 - 03:24 PM

Hello and welcome to Bleeping Computer.

Please subscribe to your topic so that you will be notified as soon as I post a reply, instead of you having to check the topic all of the time. This will allow you to get an email notification when I reply.

To subscribe, go to your topic, and at the top right hand corner by your first post, click the Options button and then click Track this topic. The bullet the immediate notification bubble. Then press submit.


Can you please Update Malwarebytes by going to the Update tab, and then run a Full scan? Then please post back the log.
Computer Pro




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users