Posted: Mon Mar 26, 2007 5:49 pm Post subject: Assistance with detecting computer infection
I had a workstation get infected with some type of virus, worm, Trojan (not sure what). The infection caused MS Office, text, PDF files to convert to "scandiskxxxx" files. All the converted (or infected files) were broken down in 98KB size files.
We have several layers of defense in place: firewall, IPS, proxy with AV, Trend AV on the desktop, Windows Defender on the desktop, etc. All defenses were up to date with latest patches and def file; however, none of the defenses stopped the infection.
The workstations are pretty lockdown, and users don't have local permissions to execute/install anything. The workstation is Windows XP SP2.
Trend had me install and run their in-house root kit and malware products to try to determine what caused this. Nothing was found. In addition to Trend products, I tried Hi-jack this, some forensics tools, Norton's AV, etc. Nothing was found.
Any assistance with this matter is greatly appreciated.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum