Thursday 23 July 2015

Obedient House

I can't remember Windows Defender ever popping up to tell me it's detected a threat so I was surprised when it just did. Apparently I had a trojan called "Python/Blakamba.gen!". What was odd was it installed itself in a directory called program files/obedient house. This trojan seems to have only been discovered today which is perhaps why I can't find any mention of it on google but I'm confused as to how I got it because normally I'm very careful

Update: It seems like the folder name is variable, see comments for other variations.

I use Firefox and was watching a video on the BBC news website when Windows Defender alerted me.

10 comments:

  1. Same in every way for me. Defender had never caught a threat before until this popped up this morning. I'm running a full scan now.
    According to Microsoft, it allows the attacker to run pretty much whatever they want on your computer.

    ReplyDelete
  2. I got the same thing. Any information on how to remove it would be great.

    ReplyDelete
  3. I got it too! I saw the file on my TEMP folder. I have no idea how I got it, and yes pretty much a new threat.

    ReplyDelete
  4. I got it too in pretty much the same way. Tried to google it and all I got was the Microsoft article on it and this post. No idea how this thing installed itself.
    Also, instead of the folder being called "Obedient House", my folder was labeled "Selfish Hang".

    ReplyDelete
  5. I am not sure how I got it but I have been having trouble with a coupon malware lately. Tried to google it and all I got was the Microsoft article on it and this post. From what little I have managed to learn about it it is a very serious threat. Frustrating to say the least. I never had any problems with malware or viruses before this.
    Mine was in a folder called "Encouraging Efficiency"

    ReplyDelete
    Replies
    1. Was the coupon malware you had "UniDeals" or something? I had that removed off my computer about a month ago or so I thought since ads of it stopped appearing and my anti-viruses couldn't detect anything.

      Most likely there is a trace of the virus still on my computer and it acted as a sort of "backdoor" for this Trojan.

      I'm curious to know if anyone else here that got the Trojan had recently been infected by UniDeals or something similar.

      Delete
  6. Also got this yesterday, came together with BrowserModifier: win32/CouponRuc

    Pop up warning in Chrome saying if I'm a Comcast user and have popup ads enabled then should call a number before proceeding.

    Reinstalled chrome and it looked fine.

    Same thing happened again today. Running full scan now. No idea what I can do.

    ReplyDelete
  7. I've also noticed that Yahoo was made my default search engine in Firefox and Chrome warned me that some Yahoo add-on was trying to install itself. I wonder if that's just a coincidence. I haven't deliberately installed anything from Yahoo recently

    ReplyDelete
  8. I got a letter from Comcast Xfinity to unplug and replug my modem, which would install something to give me faster internet. Nothing happened until after I did that, could they be the culprit?

    ReplyDelete