21. května 2012 21:51Dear all,
I need some help with this new tojan, see http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3aJS%2fBlacoleRef.BC
Published: May 16, 2012 <--- NEW
MSE can find the infected files, index.html, default.aspx, login.aspx etc. By scanning the system by MSE and Microsoft Safety Scanner and Avast the problem remains and the infected files are coming back. My server configuration is Windows 2008 R2 SP1 64 bit, all updates done.
Thanks in advance,
22. května 2012 12:04Try to scan using other antivirus vendors, like ESETNod32 or Kaspersky. If is still not working, remove the drive from the server and connect it to your technician PC and scan the drive using an up-to-date antivirus.
Adrian Costea - MCP, MCTS, MCSA 2003, MCITP: Windows 7
My Blog: www.vkernel.ro/blog
- Označen jako odpověď Vincent HuModerator 8. června 2012 7:54
9. listopadu 2012 16:54
So your reply, from Microsoft, is to use another antivirus vendor other than your own Forefront - interesting. I have a problem with the same Trojan and we use Forefront. Finds it and quarantines but does not find root cause and keeps reinstalling and latest effect is starts hiding everyones profiles and making them inaccessible. Maybe you could come up with a better solution since you've had at least since May 22 to fix it with your own antivirus program?