PDA

View Full Version : tsiVideo



Driftwood
24-08-2013, 08:22 PM
Any one know what this is & why it would be in the startup list.

Speedy Gonzales
24-08-2013, 08:25 PM
Dont think it should be in startup. Looks like it may belong to a bitcoin mining / miner trojan. Delete it. Use ccleaner and delete the temp files too. Is skype installed?? Looks like you can get it through this (http://www.wired.co.uk/news/archive/2013-04/8/bitcoin-trojan)

If it is installed, try this (http://www.symantec.com/security_response/writeup.jsp?docid=2011-072002-1302-99&tabid=3)

Driftwood
24-08-2013, 09:19 PM
Deleted all.

No Skype.

Wonder where it came from.

Speedy Gonzales
24-08-2013, 10:44 PM
Looks like there maybe a few ways of getting this trojan

1. Pirated software / cracks

2. Java (if it's out of date)

3. Skype / spam

4. Zeroaccess trojan / rootkit

5. Video / maybe infected codecs

6. Facebook / twitter / pics are infected. You click on them it installs bitcoin

Driftwood
24-08-2013, 11:06 PM
Just ran Mbam

Found Bitcoin Miner & MSIL.Injector

Speedy Gonzales
24-08-2013, 11:18 PM
Looks like that msil.injector is a trojan and may steal information. I would check the firewall in/outgoing rules. See if there are any strange entries there, that may belong to one of those. If there is delete them

Driftwood
25-08-2013, 11:15 AM
Had a look & didn't see anything too dodgy looking.
Not all that familiar with firewall settings.
Would that type of thing be under "Windows Peer to Peer" or what?

Speedy Gonzales
25-08-2013, 11:24 AM
Might be an entry thats got a strange name. Dont think it'll be under anything like peer to peer. Since it may steal information. If you do online baking or something on this, check that the passwords etc havent changed

Driftwood
25-08-2013, 11:43 AM
Nothing at all that is non system looking.
Might have got rid of all the nasties.
Would you recommend another anti spyware program to run, just to make sure.

Driftwood
25-08-2013, 11:45 AM
Having said that, there is no reference to MSSE or Mbam either.
What does that come under.

wainuitech
25-08-2013, 11:58 AM
Having said that, there is no reference to MSSE or Mbam either.
What does that come under. They should show under their own names. Some infectons WILL kill the antivirus software if it doesn't detect it in the first place and antimalware as well.

Try running Hitman Pro - Download from http://www.surfright.nl/en/hitmanpro/ see if it detects anything.

Driftwood
25-08-2013, 12:27 PM
I must be looking in the wrong area.
Can't find any reference to MSSE, Mbam or SAS but they are all able to run.

Scanned with hitman.
Nothing found.