Thread Info
  • Locked Locked
  • Replies 4 replies
  • Subscribers 20 subscribers
  • Views 5595 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

W32/Scribble-B Virus

Jaco Nel

Hi

 

I am new to the sophos family. I signed up for home premium. My computer did a scan and came up with the following virus

Malware detected: 'W32/Scribble-B' at 'C:\Xpress18\hidden\Documents\Labels\CustomerSupplier\CustomerSupplier.exe'

It seems the virus creates exe files. Been searching a while now to get info to remove this virus with no luck. Anybody had similar issues? Any help would be creatly apreciated



This thread was automatically locked due to age.
Parents

  • Hi Jaco,

    What is W32/Scribble-B?

    W32/Scribble-B is a family of polymorphic viruses for the Windows platform.

    • Members of W32/Scribble-B allow a remote attacker to gain access and control over the infected computer through IRC channels.
    • Members of W32/Scribble-B infect files with the EXE and SCR extensions when they are opened or run.
    • Members of W32/Scribble-B inject a malicious iframe into files whose extensions start with HTM, PHP or ASP, with affected files detected as Troj/Fujif-Gen. At the time of writing the iframe points to a site that hosts more malware.
    • Members of W32/Scribble-B also add a line to the Windows HOSTS file to redirect the infected computer to an infected website.

    What is the security status of your machine? Is it Green or Red?

    If you think the infection is not removed, you may try running the Sophos Clean from here.  Let me know if this helps resolve your query.

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply

  • Hi Jaco,

    What is W32/Scribble-B?

    W32/Scribble-B is a family of polymorphic viruses for the Windows platform.

    • Members of W32/Scribble-B allow a remote attacker to gain access and control over the infected computer through IRC channels.
    • Members of W32/Scribble-B infect files with the EXE and SCR extensions when they are opened or run.
    • Members of W32/Scribble-B inject a malicious iframe into files whose extensions start with HTM, PHP or ASP, with affected files detected as Troj/Fujif-Gen. At the time of writing the iframe points to a site that hosts more malware.
    • Members of W32/Scribble-B also add a line to the Windows HOSTS file to redirect the infected computer to an infected website.

    What is the security status of your machine? Is it Green or Red?

    If you think the infection is not removed, you may try running the Sophos Clean from here.  Let me know if this helps resolve your query.

    Haridoss Sreenivasan
    Technical Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Children
Unfiltered HTML