Doing the read and run me steps...

Discussion in 'Malware Help (A Specialist Will Reply)' started by RadicalAG, Mar 9, 2007.

  1. RadicalAG

    RadicalAG Private E-2

    Webroot Spy sweeper picked up a high risk thing names Spyanytime PCSpy on my somputer, so I am being cautious and going through the steps again. I ran AVG antispyware, and I did read that you want it to fix everything, but I was unsure on how to proceed when many, many trend micro antivirus files came up with two trojan.Vlob downloaders. My question is this: DO I do the recommended action, deleting them, or leave them as I may be gimping my anti-virus by deleting all those files. You're the expert, I figured it would be best to ask. Log attached below.
     

    Attached Files:

    RadicalAG, Mar 9, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Since I don't use TrendMicro, I don't know what all those files are. Are they quarantines of previous problems or are they definitions/pattern files used to detect malware? If they are either of those, it is rather stupid of TrendMicro not to put them into an appropriately named folder, and it is just irresponsible not to advertise what they are. Many people report the samething you are having but no one has ever answered what those file are needed for. I seriously doubt they are real infections, but it really would be nice to know what they heck they are and why TrendMicro is saving them in a form that is not encrypted which causes other scanners to detect them as problems.

    You may want to find out exactly what these files are from TrendMicro. If you do find out, please come back and tell us what you found out. This way everyone will have a real answer for this issue rather than just a pile of guesses. ;)
     
    Last edited: Mar 10, 2007
    chaslang, Mar 9, 2007
    #2
  3. RadicalAG

    RadicalAG Private E-2

    Well, I've talked to a couple tech support people (at least thats what they call themselves) and they know about as much as we do...companies should getmore people that know what they're talking about! Hopefully the emails will go better than the phone calls, but I doubt it. I'm about to just uninstall trend micro and be done with it. It has caused me more worry that it's worth! :) :D :p
     
    RadicalAG, Mar 10, 2007
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Thanks for coming back with the additional info even though they did not give you any real answers. ;)

    Here is a suggestion for you.
    • Create a Temp folder somewhere
    • Move all of those file names from the TrendMicro folder into this temp folder (if you don't know how to move files it is basically the same operation as first doing a copy and then deleting the originals)
    • reboot your PC and see if TrendMicro complains about anything. Also check see that the files did not reappear in the TrendMicro folder
    • then run a scan with TrendMicro and make sure it does not have any problems running. After the scan again check see that the files did not reappear in the TrendMicro folder
    • Let me know your results. If the files are not missed and do not come back, then perhaps you can just delete them.
     
    chaslang, Mar 10, 2007
    #4
  5. RadicalAG

    RadicalAG Private E-2

    I moved everything infected into a folder on my desktop and restarted. Trend Micro ran fine and the files were not restored. I'm going to keep an eye on it and get beck to you for sure. I nade a note that the earliest infected file was around mid-december: 5 months after getting trend micro, so I don't think this is coming from updates. Latest was 3/10, so whatever is doing it is still around. I'll keep an eye on things and tell you when a new file appears and whether it is after an update or not.
     
    RadicalAG, Mar 10, 2007
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay but did you run a full system scan and were any malware items detected?
    If those files are related to some form of quarantine, they would only show up if malware was found and quarantined. If you don't have any malware then obviously the files would not be created either. Again this is just a theory. I'm still not really sure what those files are but it seems unlikely that any true malware would create the files in one of TrendMicro's folders......but then again malware is always coming up with new ways to confuse everyone. ;)
     
    chaslang, Mar 10, 2007
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds