Protection- Troian 'XP Ativirus 2012'
In my company we have a problem with this Troian. We have got now only two accident. OS on computer is Windows XP. We use F-Secure 9.11 in company. F-Secure find this Troian but can't delete, reper etc. We to be afraid he can attacked more computers. Us IT support must used ComboFix but when we use this program the shortcut from deskop don't react and we must delete the User profil and creat a new. This was first accident. In the second ComboFix and another program do nothing with this and us IT must delete this Troian in Windows register. Have you hear about this? Someone people or company have similary problems? Have you got any solution?
If the 9.11 product with latest databases in place is unable to remove this particular malware, kindly submit a sample to our analysis system through this web form: http://www.f-secure.com/en_EMEA-Labs/submit-samples/sample-analysis-system/
Not sure if it is a newer variant, but we had a computer screwed up by this one too. It's quite frustrating that F-secure didn't stop or undo the Registry modifications. Definitions were up to date. At the moment I removed the trojan there were a couple of other detections. I assume the "antivirus" trojan caused the other infections. If it happened the other way around, then that would be quite a detection delay.
After I removed the trojan, the computer was left in an unusable state because of the registry modifications (dozens of "shell\open\command" entries).
This one was named dna.exe