Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Concerned if my Workstation is infected.


  • Please log in to reply
3 replies to this topic

#1 sow001

sow001

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:17 AM

Posted 31 March 2017 - 01:04 AM

Hey!

I am not sure, but I have concerns if my workstation is affected with some sort of malware or spyware. I haven't told the IT administrator yet, but will once if the issue is confirmed. If I confirm, IT administrator will conduct a complete cyber security assessment. If nothing is found, I can get in trouble. 

My workstation is a Windows 10 x64 PC installed with Kaspersky Internet Security 2017. I am getting continuous warning messages from the Kaspersky Software about suspicious files that should be removed. I clicked on the disinfect button for many of those. But most of the disinfections fail and ask me to delete those files. I oblige and does what it asks me to do. I thought it ended there. Later I accessed my personal email from the workstation and a few hours later, I got a message in my Gmail saying it blocked a sign in attempt from Amsterdam. I got scared and immediately changed the password. I was worried if some spyware or trojan in the workstation might have leaked my email credential to the some hackers.

Is this is a clear cut sign of spyware/malware/trojan infection?



BC AdBot (Login to Remove)

 


#2 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:01:47 PM

Posted 31 March 2017 - 02:06 AM

Kaspersky fails to delete files that are detected in many cases, especially on IMAP or other 3rd party servers it can scan but cannot access. Not uncommon, and as you probably don't have admin rights you will need someone who does to remove that stuff. These files often even get caught in Windows directories that are very difficult to remove manually by administrators. Have a look at the detection paths and try and delete them manually as well as clearing the quarantine.

 

As to the attempted gmail hijack, that could be unrelated. It's not definitive sign of infection.

 

If you'd get in trouble for putting forward a machine for checking that's not infected (what sort of insanity is this), there's always the option to deliberately infect it first. :smash:



#3 sow001

sow001
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:17 AM

Posted 31 March 2017 - 03:53 AM

Thank you TsVk! I'll talk to the admins. When I said I may get in trouble, I meant that I will get a mouthful. Nothing serious. I won't try that deliberately infecting thing as I prefer to keep the job. :) 



#4 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,234 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:01:47 PM

Posted 31 March 2017 - 08:00 AM

You're welcome :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users