Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firefox Virus Scanner


  • Please log in to reply
27 replies to this topic

#1 Jove

Jove

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 17 May 2008 - 09:51 PM

Hello Everybody,

What I have here is I was queried to use a Firefox scanner and di, I received a report of 43 virus infections etc.

I recently scanned with SuperAntiSpy, free edition and came up with zero.

I'm curious are these the run of the mill viruses if so what would you recommend, as they have warned me that I have the type of viruses that steal passwords and credit card informations.

TThis scan was free but to clean out the viruses it was forty something, I am hoping there is a freeware that will do this.

Appreciate your views.


Antivirus 2008 system scan report.
Report generated 5/14/2008 2:36:22 PM
Infections found: 43

Trojan
C:\Program Files
Trojan-Downloader.Win32.Small.arf
This Trojan program is a Windows PE EXE file.

Spyware
autorun
Trojan-Spy.HTML.Bankfraud.jk
This Trojan program utilizes spoofing technology. It is made as a fake HTML page. It is designed to steal information from Postbank clients.

Trojan
C:\WINDOWS\system32
Trojan.SymbOS.Skuller.a
This Trojan program infects mobile phones running Symbian. Any mobile running Symbian is potentially vulnerable.

Spyware
autorun
Trojan-Spy.Win32.KeyLogger.p
This Trojan tracks the user's keystrokes, and is designed to steal confidential information.It is a Windows PE EXE file. It is 136,192 bytes in size.It is not packed in any way.

Trojan
autorun
Trojan-Dropper.Win32.Agent.vw
This Trojan downloads other malicious programs to the victim machine without the user's knowledge or consent. The Trojan is a Windows PE EXE file an is 262717 bytes in size.

Trojan
C:\WINDOWS
Trojan.BAT.KillAV.aj
This primitive Trojan is written in BAT. The file is approximately 800 bytes in size.The Trojan terminates the services listed below:...

Trojan
C:\WINDOWS\system32
Trojan-PSW.Win32.Coced.215
This Trojan steals user passwords. It is designed to steal a range of confidential information.It is a Windows PE EXE file.It is 10,240 bytes in size. It is written in Visual C++.

Trojan
C:\WINDOWS\system32
Trojan.Win32.AnnoyingSaver
This text was written by Alexey Podrezov, F-Secure Corp.This Trojan horse installs a screensaver and doesn't allow it to be removed.

Trojan
C:\WINDOWS\system32
Trojan.VBS.Runner.y
This Trojan program is an HTML page which contains Visual Basic Script and Java Script scenarios. It is 2947 bytes in size.

Trojan
C:\WINDOWS\system32
Trojan.VBS.Runner.y
This Trojan program is an HTML page which contains Visual Basic Script and Java Script scenarios. It is 2947 bytes in size.

Trojan
C:\Program Files
Trojan-Downloader.Win32.Small.yk
This Trojan downloads files via the Internet without the user's knowledge or consent.

Trojan
C:\WINDOWS\system32
Trojan-Downloader.VBS.Agent.fe
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.

Trojan
autorun
Trojan-Dropper.MSWord.Lafool.h
This Trojan is designed to install other Trojan programs to the victim machine without the knowledge or consent of the user.

Trojan
C:\WINDOWS\system32
Trojan-IM.Win32.Faker.a
Programs in this family steal MSN Messenger passwords with the help of a fake dialogue box, where the MSN password should be entered.

Trojan
autorun
Trojan-Dropper.Win32.ExeBundle
This program is an "improved" version of the TrojanDropper.In addition to "ExeStealth" is is able to carry and drop files with following filenameextensions: COM,BAT,CMD,VBS.

Trojan
C:\Program Files
Trojan-Downloader.Win32.Tiny.abt
This Trojan downloads another program via the Internet and launches it on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file.

Trojan
C:\Program Files
Trojan-Downloader.Win32.Agent.bvz
This Trojan is a Windows PE EXE file. It is 41,472 bytes in size.

Trojan
C:\WINDOWS\system32
Trojan.SymbOS.Skuller.a
This Trojan program infects mobile phones running Symbian. Any mobile running Symbian is potentially vulnerable.

Trojan
C:\WINDOWS\system32
Trojan-Downloader.VBS.Agent.fe
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.

Trojan
C:\WINDOWS\system32
Trojan-Downloader.VBS.Agent.fe
This Trojan downloads other files via the Internet and launches them for execution on the victim machine without the user's knowledge or consent.

Spyware
autorun
Trojan-Spy.Win32.Banker.asq
This Trojan will steal confidential user data when the user visits certain websites. It is a Windows PE EXE file.

Trojan
autorun
Trojan-Dropper.Win32.Small.at
This Trojan is designed to install and launch other malicoius programs on the victim machine without the user's knowledge or consent.

Trojan
C:\WINDOWS\system32
Trojan.Win32.AVKill.c
This Trojan has a malicious payload. It is a Windows PE EXE file. It is packed using UPX. It is written in C++. The size of infected files may vary from 6KB to 80KB.

Trojan
C:\WINDOWS\system32
Trojan.Win32.Diamin.jn
This Trojan has a malicious payload. It is a Windows PE EXE file. It is 29392 bytes in size. It is packed using UPX. The unpacked file is approximately 52KB in size.

Spyware
autorun
Trojan-Spy.Win32.Banker.asq
This Trojan will steal confidential user data when the user visits certain websites. It is a Windows PE EXE file.

Trojan
autorun
Trojan-Dropper.VBS.Bomgen.f
This Trojan installs other malicious programs to the victim machine without the knowledge or consent of the user. It is written in Visual Basic Script.

Trojan
C:\WINDOWS\system32
Trojan.Win32.AnnoyingSaver
This text was written by Alexey Podrezov, F-Secure Corp.This Trojan horse installs a screensaver and doesn't allow it to be removed.

Trojan
C:\WINDOWS\system32
Trojan-PSW.Win32.QQPass.jf
This Trojan is designed to steal user passwords. It is a Windows PE EXE file. The Trojan has no self replication routine. It is written in Borland Delphi.

Trojan
autorun
Trojan-Dropper.Win32.Small.jh
This Trojan is designed to install and launch other malicious programs on the victim machine without the knowledge or consent of the user. It is a Windows PE EXE file.

Spyware
autorun
Trojan-Spy.HTML.Fraud.gen
This family of Trojans utilises spoofing technology. The Trojans themselves are contained in fake HTML pages.

Backdoor
C:\WINDOWS
Backdoor.Win32.Papi.a
This Trojan will provide a remote malicious user with access to the victim machine. The Trojan itself is a Windows PE EXE file.

Trojan
C:\WINDOWS\system32
Trojan-PSW.Win32.Lmir.a
This Trojan is designed to steal confidential data. It is a Windows PE EXE file. The size of infected files may vary from 147KB to 171KB. It is packed using AsPack.

Trojan
C:\WINDOWS
Trojan.JS.Seeker
This script written in JavaScript language quietly changes a browser's home page and search page without user confirmation.

Trojan
autorun
Trojan-Dropper.Win32.Small.es
This Trojan is designed to install and launch other malicious programs on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file..

Trojan
C:\WINDOWS\system32
Trojan.VBS.Runner.y
This Trojan program is an HTML page which contains Visual Basic Script and Java Script scenarios. It is 2947 bytes in size.

Trojan
C:\Program Files
Trojan-Downloader.Win32.Small.dsr
This malicious program downloads other programs from the Internet without the user's knowledge or consent and launches them on the victim machine.

Trojan
autorun
Trojan-Dropper.VBS.Bomgen.f
This Trojan installs other malicious programs to the victim machine without the knowledge or consent of the user. It is written in Visual Basic Script.

Trojan
C:\WINDOWS\system32
Trojan.Win32.Diamin.jn
This Trojan has a malicious payload. It is a Windows PE EXE file. It is 29392 bytes in size. It is packed using UPX. The unpacked file is approximately 52KB in size.

Spyware
autorun
Trojan-Spy.Win32.KeyLogger.p
This Trojan tracks the user's keystrokes, and is designed to steal confidential information.It is a Windows PE EXE file. It is 136,192 bytes in size.It is not packed in any way.

Spyware
autorun
Trojan-Spy.Win32.Banker.asq
This Trojan will steal confidential user data when the user visits certain websites. It is a Windows PE EXE file.

Backdoor
C:\WINDOWS
Backdoor.Win32.Ruledor.c
This program is part of the backdoor family of malicious programs intended for remote administration.

Trojan
C:\WINDOWS
Trojan.JS.WindowBomb.b
This Trojan is written in JavaScript. It is a HTML document. It is 312 bytes in size.

Backdoor
C:\WINDOWS
Backdoor.Agobot.gen
This is a classical backdoor and allows a 'master' to control the victim machine remotely by sending commands via IRC channels.




Edited by Jove, 17 May 2008 - 10:02 PM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,078 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:30 AM

Posted 17 May 2008 - 09:56 PM

Is the name of the product you ran called Antivirus 2008?
If so where did you get it?
Are you using XP or another?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 mommabear

mommabear

  • Members
  • 492 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 18 May 2008 - 12:06 PM

I've never heard of a "Firefox scanner" and I've used FF for several years. That sounds very suspect to me.

#4 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 19 May 2008 - 10:33 PM

Yes, I think it was scanner 2008, I checked my history it isn't listed there, When this happened I went to BC, and tried to D/L Stopzilla but I could not get it to download, so I still am not sure if all these viruses and malware are really there, what about 2008 ?

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#5 TheEndX

TheEndX

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 20 May 2008 - 12:04 AM

It looks like a rogue antispyware program.
AntiVirus 2008 is a name used by a rogue program and the way it reports the malware makes it more obvious:

Trojan
C:\WINDOWS\system32 <----------------------------------------{No direct filename mentioned.}
Trojan-IM.Win32.Faker.a
Programs in this family steal MSN Messenger passwords with the help of a fake dialogue box, where the MSN password should be entered.

Trojan
autorun <----------------------------------------{No direct filename mentioned.}
Trojan-Dropper.Win32.ExeBundle
This program is an "improved" version of the TrojanDropper.In addition to "ExeStealth" is is able to carry and drop files with following filenameextensions: COM,BAT,CMD,VBS.

Trojan
C:\Program Files <----------------------------------------{No direct filename mentioned.}
Trojan-Downloader.Win32.Tiny.abt
This Trojan downloads another program via the Internet and launches it on the victim machine without the user's knowledge or consent. It is a Windows PE EXE file.

#6 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 25 May 2008 - 05:14 AM

Hi TheEndX,

Appreciate your time efforts, skills and knowledge, . . I have been mentally exhausted lately, and it's great that someone is out there that can help restore my will and enthusiasim to move on.

(BTW, fishing everyday and nothing to brag about yet, except sore and tired.)

Are you saying that I clicked into to a rouge fraudulent service, that uses firefox's name and it detected these viruses that are actually really there ?

I guess I should D/L some other virus scanners, I have just updated Super Antispyware, and scanned, but found nothing ?

BTW thanks MamaBear, I think I remember, we have met along the line somewhere before ? It can't be a CD you sent me could it ?

Anyway, I have others in the household who use a wireless DSL, I dont have it I have a dialup, but a repair person showed up the other day and put a home filter in my outdoor connection box and said that one of the problems their DSL was having may have been caused by the need for a new filter ?

My computer was working lousy afterwards, my Internet connections were crawling, so I used SAS, as stated found nothing, also tried to restore and found that since I restored about two weeks ago, for some reason the only restore point I had was the 23rd, yesterday, I could not go back in time to last month and there were no other restore days, I gave that up, re-started and crashed a couple of times and now it seems to be working again, I need to get after the cxrashes, (Blue Screen( and think it must be my RAM, and a driver fault somewhere, I'll get time to check this out and see what I can find.

In the meantime thanks again.

Jove

Edited by Jove, 25 May 2008 - 05:43 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 AM

Posted 25 May 2008 - 07:03 AM

Antivirus 2008 is a rogue security application that purports to scan for spyware and then uses false scan reports as a scare tactic to goad you into purchasing a program to fix it.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Acan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 mommabear

mommabear

  • Members
  • 492 posts
  • OFFLINE
  •  
  • Local time:03:30 AM

Posted 25 May 2008 - 01:09 PM

BTW thanks MamaBear, I think I remember, we have met along the line somewhere before ? It can't be a CD you sent me could it ?


Hey, Jove...

I'm kinda old and I've slept a lot. I need more than that to go on. :thumbsup:

Actually, 'sending a CD', is ringing a very distant bell in this old head of mine, but I can't quite tie it all together. There might have been illness involved and/or other problems making downloading of what the person needed very difficult, so I sent it by snail mail....? And if we have met, it was maybe at another forum....?

If I'm jogging your memory any, feel free to PM me to compare notes.

#9 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 25 May 2008 - 03:09 PM

For some reason MommaBear I think I might have mixed you up with another, unless your from Georgia, thats where the Cd came from. but, thanks for jogging my memory it just that, I have been away from the forum for a while, busy with other configurations, but I am hoping this beautiful spring weather brings you a new outlook and restores your health, forget your troubles for a while, and dwell on the good things and better days.

Hatios Amigo,

Good Tidings and Best Wishes

Jove

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#10 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 28 May 2008 - 09:09 AM

Antivirus 2008 is a rogue security application that purports to scan for spyware and then uses false scan reports as a scare tactic to goad you into purchasing a program to fix it.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Acan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Thanks Much Quiteman,

Before I do this I thought to ask you a question, I am having BS problems ;

Bug Check 0xD0: DRIVER_CORRUPTED_MMPOOL

and

SPECIAL_POOL_DETECTED_MEMORY_CORRUPTION

Should I attempt fixing this before I perform your process ?

also should I post this problem, elsewhere ?

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 AM

Posted 28 May 2008 - 09:16 AM

BSOD's could be malware related or they could be due to hardware or overheating problems caused by a failed processor fan, bad memory (RAM), failing power supply, underpowered power supply, CPU overheating, motherboard, video card, faulty drivers, BIOS and firmware problems, dirty hardware, etc. That error appears to be a separate issue. See Bug Check 0xD0: DRIVER_CORRUPTED_MMPOOL

See if you can complete a scan with MBAM. If not, then you probably will have to address that issue before continuing.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 28 May 2008 - 11:30 AM

Quietman,

Will do, am in the process, you should know that I have been using Exterior Drive, most of the time it is a FAT 32 file, my filing system here is a NTSF, I know I should have converted but delayed do to some mishap, I have not reviewed this, but, also have not run into any apparent problems, unless this could effectively be one of the drive mishaps or corruption problems, sorry to hold you up? Will this effect the scan ? I will turn it off for the first scan.

Edited by Jove, 28 May 2008 - 11:33 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#13 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 29 May 2008 - 06:44 AM

The MAM scan could not be completed, each time I engaged it the system crashed, most times I received a BSOD, relating to ;

A device driver attempting to corrupt the system has been caught. The faulty driver currently on the Kernel Stack must be replaced with a working version.

I do not know where this driver can be found or how to identify it.

Previously most BSOD, have related to uninstalling any new hardware, I always have a Safely remove Hardware icon in the notification window, when checking this it has one HW device listed in the selection window and that is the USB Mass Storage Device, I think this must be the plugged in Exterior HD, I have.

Other than that I have a driver related technical problem with a fax software, that may need to be reinstalled.

I have been prompted on occassion to look into driver verifier, to find possible bad drivers, etc.

I am now using Windows Internet Explorer, as Firefox has slowed abnormally, and the IE is slow especially in loading pictures, etc.

I am now going to check any informations I might acumulate concerning drivers and look into what is running on this computer as I may want to use selective startup, etc.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#14 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:30 AM

Posted 30 May 2008 - 07:36 AM

Downloaded a bunch of setup drivers, not sure if or how they installed.

No red checks in Device Manager

Went into msconfig and turned off Realplay and Registerbooster.

Computer seems to be working better, but have found ;

file sbp2port.sys is corrupted

Information obtained from;
http://www.file.net/process/sbp2port.sys.html

follows;


The free file information forum can help you find out if sbp2port.sys is a virus, trojan, spyware, adware which you can remove, or a file belonging to a Windows system or an application you can trust.

sbp2port.sys file information

The process SBP-2 Protocol Driver belongs to the software Microsoft® Windows® Operating System by Microsoft Corporation (www.microsoft.com).

Description: sbp2port.sys is located in the folder C:\Windows\System32\drivers. Known file sizes on Windows XP are 43136 bytes (85% of all occurrence), 43904 bytes.
The driver can be started or stopped from Services in the Control Panel or by other programs. The program has no visible window. It is a Microsoft signed file. There is no detailed description of this service. sbp2port.sys seems to be a compressed file. Therefore the technical security rating is 2% dangerous.

Important: Some malware camouflage themselves as sbp2port.sys, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the sbp2port.sys process on your pc whether it is pest.


Any advice regarding the above will be appreciated ?

Edited by Jove, 30 May 2008 - 07:41 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 AM

Posted 30 May 2008 - 08:01 AM

Anytime you come across a suspicious file, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to jotti's virusscan or virustotal.com. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
-- Then post back with the results of the file analysis.

If its legit, then it may well be corrupted.

Try running the the System File Checker (SFC) to scan all protected files to verify their versions. If SFC discovers that a critical system file has been damaged, altered or missing, it restores the correct version of the file from the cache folder.

To use System File Checker:
Go to Start > Run and type: sfc /scannow

Make sure that you include a space between the c and /. This command will initiate the Windows File Protection service to scan all protected files, verify their integrity, and replace any problem files. You must be logged on as an administrator or as a member of the Administrators group to run sfc and it may ask you to insert your XP Installation CD so have it available.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users