So i was doing my Virus scan this morning. and Found out this in the image So Im gussing now uo Is stealing accounts now maby???
Attachments
-
19.1 KB Views: 172
uosasetup_105.exe is the enhanced client download.So i was doing my Virus scan this morning. and Found out this in the image So Im gussing now uo Is stealing accounts now maby???
You may THINK you are being protected... but is time for you to start looking for another solution dude. Sophos has been protecting against that particular trojan since Dec. 2008... you've probably had this one for a very long time - but didn't even know it.Summary: IBM HAS TAKEN OVER WWW.ISS.NET. THIS PROGRAM IS NO LONGER AVAILABLE FOR SALE, NOR IS IT COMPATIBLE WITH MOST WINDOWS UPDATES FOR XP AND VISTA SINCE THE COMPANY NEVER BOTHERED TO MAKE SUCH UPDATES. IBM/ISS ONLY MAKES BUSINESS PROGRAMS NOW.
ISS NO LONGER MAKES PRODUCTS FOR CONSUMERS.
UOSASetup_105.exe is NOT the client, but the setup utility to get the client from Mythic server.
I just downloaded it about 5 minutes ago to my pc here in the office. We use the geekiest-most-expensive-enterprise-virus-and-security software/server/service on the planet... Sophos.
Scanning the above mentioned file and it comes up clean.
to the OP -
You may have that trojan hidden somewhere else on your computer and it attached to the downloaded file. questions I would have (being an admin & tech):
1 - what browser did you use
2 - are you on a wireless LAN
3 - what virus software are you using
The file itself is contaminated with an infection, not that the file is the infection. I seriously and highly doubt any business would want to steal its user's passwords.
I strongly suggest that you unplug from the internets, go into safe mode, and once again run your viral check but on a deep level and not a "quick" scan. Any virus software worth its salt (yes, even the freebie AVG) has a low level scan method. But you have to do it OFFLINE - I've seen nasties morph and change all within minutes after a scan starts and it gets its instruction via the connection.
*edit*
And here is what Sophos has to say about the infection:
http://www.sophos.com/search/search...te_search&submit.x=0&submit.y=0&action=search
You may find that infection in other things... icq files, msoutlook files and possibly mssql files (if you use those programs).
Of note, there are instructions for removing the trojan on the Sophos site as well... but if you are not failiar with editing your HKregistry, you will have issues.... so enlist the help of a neighborhood geek and make sure you have a good supply of Mt. Dew.
OK Here Ya go!!!ahh.. so you do know what you're doing. greetings fellow geek! *passes a Mt. Dew*
Of note, might wanna remove that link from your post... or change it so it is not a hotlink anymore....
We Geeks now have a NEW best friend better then dew.... ALL HAIL KEURIG COFFEE MAKERS!!!!!!!!!!!!nonono... no ale... geeks get Mt. Dew (mentioned in my first response!)
I will admit... I've not been drinking as much Dew lately as straight-black-home-brew has been easier (and cheaper) to get a hold of. ^.^We Geeks now have a NEW best friend better then dew.... ALL HAIL KEURIG COFFEE MAKERS!!!!!!!!!!!!
My salary is less than $35k US a year... I do not make the big money.Sometimes, IT people tend to fan flames in order to make themselves feel like they're actually worth their salary - like alchemists of old.