MyPC Backup ??????

Discuss Malware removal, techniques, trends, etc. and repairing Windows after removal.
Forum rules
1. Try to give more than you take, when possible.
2. Don't be a prick.

Re: MyPC Backup ??????

Postby Cc1 » Tue Aug 20, 2013 6:02 pm

Its a bit weird, all of the customers i have installed dss, the next hearbeat shows an install of my pc backup. so did my office. I had an alert saying my files are not backed up, the day after installing dss
Cc1
 
Posts: 44
Joined: Sat Aug 17, 2013 5:42 am

Re: MyPC Backup ??????

Postby Nick » Tue Aug 20, 2013 6:06 pm

I'll leave it booted sure - I usually do.

come to think of it, I'm pretty sure that sounds like something the wife got the other day when she ran a bogus google earth installer (haha) it also came with conduit 'search protec', whitesmoke, and something else I'm thinking was some junky backup app maybe of same name? Hmm... I still have the dropper she ran...
Author of d7x and other PC technician's tools. http://www.d7xTech.com

Image
User avatar
Nick
Site Admin
 
Posts: 2792
Joined: Mon Nov 19, 2012 7:54 pm

Re: MyPC Backup ??????

Postby Xander » Wed Aug 21, 2013 12:50 am

This has nothing to do with D7/dSS. This crapware is just a current plague that's being bundled left, right, and center in anything/everything.
User avatar
Xander
 
Posts: 660
Joined: Fri Feb 08, 2013 6:08 pm
Location: Near Niagara Falls

Re: MyPC Backup ??????

Postby Cc1 » Wed Aug 21, 2013 7:16 am

Xander wrote:This has nothing to do with D7/dSS. This crapware is just a current plague that's being bundled left, right, and center in anything/everything.


Yes I know but, i would question this when considering my customers. BUT seeing it come up on my office PC after I have installed nothing else, and only just installed windows on it last week? Causes me to ask this question.
Cc1
 
Posts: 44
Joined: Sat Aug 17, 2013 5:42 am

Re: MyPC Backup ??????

Postby Storm-E » Wed Aug 21, 2013 8:58 am

Cc1 wrote:Yes I know but, i would question this when considering my customers. BUT seeing it come up on my office PC after I have installed nothing else, and only just installed windows on it last week? Causes me to ask this question.


I got caught once when my USB stick got infected at a customers.

I cleared the infection went to the next customer and found the same infection....hmmm
Got suspicious and found the first infection had got to my USB before I'd cleaned it.
So the next customer got infection when I plugged in.

May be you've got a similar problem?

It's worth a look!

John Morrison
Storm-E
 
Posts: 57
Joined: Fri Mar 08, 2013 3:58 am

Re: MyPC Backup ??????

Postby Nick » Wed Aug 21, 2013 12:54 pm

That's exactly what it sounds like guys, except instead of a flash drive it is probably the system he is compiling the installers on that is infected.. viewtopic.php?f=21&t=668
Author of d7x and other PC technician's tools. http://www.d7xTech.com

Image
User avatar
Nick
Site Admin
 
Posts: 2792
Joined: Mon Nov 19, 2012 7:54 pm

Re: MyPC Backup ??????

Postby Cc1 » Wed Aug 21, 2013 3:15 pm

I compiled the dss on my laptop that again i re installed windows. I have just installed a new server at my office so i wiped all the computers and started again.

My customers are downloading the file from my website. Not all customer have the problem though???? I am stumped

I have D7 whats the best malware scanner on that to run a scan?
Cc1
 
Posts: 44
Joined: Sat Aug 17, 2013 5:42 am

Re: MyPC Backup ??????

Postby Nick » Wed Aug 21, 2013 3:34 pm

..all of them, and don't forget to also scan with proper a/v
Author of d7x and other PC technician's tools. http://www.d7xTech.com

Image
User avatar
Nick
Site Admin
 
Posts: 2792
Joined: Mon Nov 19, 2012 7:54 pm

Re: MyPC Backup ??????

Postby Cc1 » Thu Aug 22, 2013 7:32 am

Hi, I have just ran a scan with EmSISoft Emergency scanner, any one used this? While running this the My PC Check popped backup?? Any one used this? I wonder if MY PC Check is coming from Emsisoft software?
Cc1
 
Posts: 44
Joined: Sat Aug 17, 2013 5:42 am

Re: MyPC Backup ??????

Postby Marshall » Fri Aug 23, 2013 3:30 pm

Hello Cc1.

I would audit the system using OTL, or another auditing application to capture information from the system.
Remove all private information from the log file; licenses, user info, personal info, anything you wouldn't want to just outright give me. Then PM me the log file.

To me it sounds like one of the following is occuring.
1. A custom app you are using in d7 during service work, or dSS during maintenance, is installing crapware on these systems.
2. You have a network infection. (Also could be a USB drive like previously mentioned)

If you create a new user account, and install dSS with admin privileges, and run manual maintenance through dSS, what happens?
I would also like to suggest installing dSS on a clean VM, running Process Monitor so that you can capture installation data. Run dSS, and like you have stated, let it set for a while and see what happens. If and when the My PC Backup shows it's ugly face, you should have some details as to how it got there.

Good Luck!
Help Me With My Computer Tech
IT Services & IT Consulting Services In Southern IL and St. Louis MO
User avatar
Marshall
 
Posts: 509
Joined: Thu Feb 14, 2013 3:14 am

PreviousNext

Return to Malware Removal