Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor:Win32/Rbot.gen!A


  • Please log in to reply
2 replies to this topic

#1 fryer99

fryer99

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:13 PM

Posted 15 January 2010 - 01:24 PM

Hi,
I am running XP

I have Microsoft Security Essentials installed.

Every time I turn on my PC I recieve notification that my computer is infected. Microsoft Security Essentials (MSE) recommends I clean the infection. I get a notification from MSE informing me the the threat has been removed and then it gives me a warning about a suspicious file: C:\WINDOWS\system32\Office.exe.

I have cleaned this infection every time I turn on the pc but it is still there. I have run Malwarebytes and SuperAntispy and both came back clean. Any suggestions as to what I should do?

Thanks in Advance!

BC AdBot (Login to Remove)

 


#2 whiteac2k4

whiteac2k4

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:03:13 PM

Posted 15 January 2010 - 03:11 PM

From what I have gathered this is the Lovgate Worm or Trojan.MancSyn-B.
Each opens a backdoor and should be removed. I would boot into Safe Mode by tapping F8 upon restarting the machine. Once in Safe Mode, I would End the process office.exe if it is running and run an AntiVirus program. I would also suggest you run your Anti Malware software as well. One good measure to do before the scan is to turn off system restore as many viruses like to hide there because most anitvirus softwares cannot access those files. Try this and post back.

#3 roadclosed

roadclosed

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Local time:03:13 PM

Posted 15 January 2010 - 05:14 PM

I have run Malwarebytes and SuperAntispy and both came back clean.


Can you please fully update both these programs, reboot and run a full system scan in
Normal Mode with Malwarebytes and Safe Mode with Superantispyware

Once done please let us see those reports

I would also suggest you leave System Restore enabled as, if a scan goes wrong etc you do have a Restore Point to go back to even if it is infected; if you turn System Restore off you will not have that option available to you




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users