A real Virus warning - not messing about...

d_brennen · 1 Sep 2012 at 00:54

bledd. said:
This is the problem. They should silently update.

Adobe Flash/Reader and Java are the main security holes on machines these days

They don't help for sure, it's mainly the squishy bit between desk and chair that is mostly to blame for virus propagation

Destination · 1 Sep 2012 at 08:06

Drneb said:
Malware bytes doesn't even find it.

I have been on the phone to symantec as our enterprise installation of endpoint protection couldn't even find it.

A rapid release has been created for anyone using a symantec product. contact support and they will ftp you to a location where you can either distribute it using SEPM or by updating the definitions locally and running SEPC for a full scan.

it picks up thumbs.db2. the other files such as thumbs.dbh/.fb etc aren't infected.

It's a nasty little bugger!

In six years our enterprise installation of endpoint has never managed to find anything or stop any infection.
Thats according to its stats.
In that time four machines have had to be cleaned, two infected directly from gumtree, not by adverts, but by the main site.

Really need to get xp off any remaining machines, but funds and time will not permit.

warren_1979 · 1 Sep 2012 at 10:42

Do you think its worth me uninstalling Java??

I only use it for Libre Office, and even then some parts of Libre don't need Java. Also, I hardly use Libre anyway.

I've just updated Java now.

I have also changed Chrome so that is runs plug ins on request and not automatically.

I'm on home computer with XP installed.

Infidelus · 1 Sep 2012 at 11:00

As far as I know (happy to be corrected), Libre Office only really uses Java for the database app. I'm sure there's a few other bits it's used for as well, but that I believe is one of it's main functions. It certainly doesn't seem to want to function without it, whereas the text and spreadsheet apps seem to function quite happily without it.

warren_1979 · 1 Sep 2012 at 11:12

Cool. I only use the text app.

I might uninstall Java then.

KIA · 1 Sep 2012 at 11:58

d_brennen said:
They don't help for sure, it's mainly the squishy bit between desk and chair that is mostly to blame for virus propagation

Blaming the user is always easier than blaming lazy IT staff.

warren_1979 said:
Do you think its worth me uninstalling Java??

YES!

quackers · 16 Nov 2012 at 21:38

Sorry for draggint this thread up, but we've had a few issues with this in the last week or two and we can't work out where it's coming from. It seems to be random machines, are the machines actually infected, is it via email, network share?

Nothing seems to pick it up, it's all very strange indeed.

Anyone else seeing this in the last couple of weeks?

KIA · 16 Nov 2012 at 21:49

quackers said:
Sorry for draggint this thread up, but we've had a few issues with this in the last week or two and we can't work out where it's coming from. It seems to be random machines, are the machines actually infected, is it via email, network share?

Nothing seems to pick it up, it's all very strange indeed.

Anyone else seeing this in the last couple of weeks?

Do the machines run Java?

quackers · 16 Nov 2012 at 21:55

I've just read that it's coming through on a java exploit, grrrr...

Nothing seems to pick this little bugger up

squarehead94 · 17 Nov 2012 at 02:33

glad you got sorted! i had a similar virus on my memory stick a while back, format and wiped

KIA · 17 Nov 2012 at 09:13

quackers said:
I've just read that it's coming through on a java exploit, grrrr...

Nothing seems to pick this little bugger up

It's incredibly easy to obfuscate Java exploits. http://security-obscurity.blogspot.co.uk/2012/11/java-exploit-code-obfuscation-and.html

Why do the machines run Java in the first place? Why aren't you patching it?

Deleted member 77746 · 17 Nov 2012 at 11:23

If anyone can get away with not using flash, java, shockwave, acrobat or silverlight then don't use them. We really need to have these things closed down and native solutions put in place.