[OPLINTECH] Spybot, Malwarebyte and a recent "Live Security Platinum" problem
Bob Neeper
neeperro at oplin.org
Thu Aug 30 12:21:59 EDT 2012
This AM a staff member had "Live Security Platinum" taking over her PC.
I think this is a relatively new variant.
Staff accounts don't have admin status.
Short story is:
Running as an Admin
Spybot didn't see it on a scan.
Downloaded Malwarebytes which found and fixed it.
Part of the log is:
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel
(Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel
Files Infected:
c:\programdata\7531cc92006afe3c0052668bf875ef60\7531cc92006afe3c0052668bf875ef60.exe
(Trojan.LameShield)
c:\Users\staffuser\AppData\LocalLow\Sun\Java\deployment\cache\6.0\51\18da3ab3-213c42ba
(Trojan.LameShield)
My point is, no s/w will find or protect against everything.
--
Email Signature
R. W. (Bob) Neeper
Community Library <http://sunbury.cool-cat.org>
44 Burrer Dr.Map <http://maps.google.com/maps?q=40.243961,+-82.863007>
Sunbury, Oh 43074
Tel: (740)-965-3901
cool-cat.org <http://info.cool-cat.org>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20120830/5949e1d3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: COOL.jpg
Type: image/jpeg
Size: 7840 bytes
Desc: not available
URL: <http://lists.oplin.org/pipermail/oplintech/attachments/20120830/5949e1d3/attachment.jpg>
More information about the OPLINTECH
mailing list