Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with packed.rolex and injecter.


  • This topic is locked This topic is locked
1 reply to this topic

#1 fragglerocks

fragglerocks

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 16 June 2009 - 05:29 AM

Hi all i realised why i had no replies as i added another post to my other topic and from reading other posts it can make you miss it as you think a member of the team is already helping.

Sorry if ive done something wrong, but this is also my work laptop that i write all my recruits reports on etc etc.

The story again lol, i noticed somethings going wrong on the laptop like taking even longer to boot up, a message would pop up saying my windows activation is no longer working due to a software missmatch. and general freezing from time to time. So i installed avg should of done it earlier i know but i was a idiot.
It keeps popping up with multiple threats found they both start with

skynetqulmrpke.dll then after ether say packed.rolex or injecter.eh

Ihope you can help and i wont add to this post so hopefully someone can help.

Many thanks all.

Steve

here is the dds dile


DDS (Ver_09-05-14.01) - NTFSx86
Run by ibo at 21:34:46.00 on 15/06/2009
Internet Explorer: 8.0.6001.18783
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.955.70 [GMT 1:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\oembios.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Transcode360\Transcode360.exe
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\WinTV\EPG Services\System\EPGClient.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\Samsung\EmoDio\SMSTray.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Users\ibo\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\3\3Connect\AutoUpdateSrv.exe
C:\Windows\system32\igfxext.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\ConfigFree\CFWAN.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\ibo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ibo\Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.sky.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\oembios.exe,
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ISUSPM] "c:\programdata\macrovision\flexnet connect\6\ISUSPM.exe" -scheduler
uRun: [PcSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
uRun: [Google Update] "c:\users\ibo\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [Google EULA Launcher] c:\program files\google\google eula\GoogleEULALauncher.exe IE PA
mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
mRun: [EPGServiceTool] c:\progra~1\wintv\epg services\system\EPGClient.exe
mRun: [NSLauncher] c:\program files\nokia\nokia software launcher\NSLauncher.exe /startup
mRun: [SMSTray] c:\program files\samsung\emodio\SMSTray.exe
mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autost~1.lnk - c:\program files\wintv\Ir.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\update~1.lnk - c:\program files\3\3connect\AutoUpdateSrv.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4
IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {0BF88E98-7ADC-44d6-8242-0BF87CD1BC14} - {A6125182-0570-4C84-BE88-61190C09112D} - c:\program files\orb networks\orbthis for ie\OrbIE.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL,avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-15 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-15 108552]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2009-1-5 25896]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-15 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-15 298776]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
R2 EPGService;EPGService;c:\progra~1\wintv\epg services\system\EPGService.exe [2009-1-5 437248]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2008-2-6 126976]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-3-13 24576]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-8-7 7168]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-5-10 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-8-7 29744]
S3 HauppaugeTVServer;HauppaugeTVServer;c:\progra~1\wintv\HCWTVS~1.EXE [2009-1-5 823296]
S3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\drivers\hcw95bda.sys [2009-1-5 560640]
S3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\drivers\hcw95rc.sys [2009-1-5 15616]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2009-1-13 346112]

=============== Created Last 30 ================

2009-06-15 20:41 <DIR> --d----- c:\users\ibo\appdata\roaming\Malwarebytes
2009-06-15 20:41 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-15 20:41 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-15 20:41 <DIR> --d----- c:\programdata\Malwarebytes
2009-06-15 20:41 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-06-15 20:41 <DIR> --d----- c:\progra~2\Malwarebytes
2009-06-15 20:13 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-06-15 20:12 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-06-15 20:12 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-06-15 20:12 327,688 a------- c:\windows\system32\drivers\avgldx86.sys
2009-06-15 20:12 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-06-15 20:12 <DIR> --d----- c:\programdata\AVG Security Toolbar
2009-06-15 20:12 <DIR> --d----- c:\progra~2\AVG Security Toolbar
2009-06-15 20:11 <DIR> --d----- c:\program files\AVG
2009-06-15 20:11 <DIR> --d----- c:\programdata\avg8
2009-06-15 20:11 <DIR> --d----- c:\progra~2\avg8
2009-06-15 00:49 <DIR> --d----- c:\users\ibo\GPKMVv3
2009-06-13 10:31 158,537,619 a------- c:\windows\MEMORY.DMP
2009-06-13 00:00 <DIR> --d----- c:\programdata\Apple Computer
2009-06-12 19:25 <DIR> --dsh--- c:\windows\system32\sysproc64
2009-06-12 19:20 67 a------- c:\windows\Ahead DVD Ripper.INI
2009-06-12 19:18 <DIR> --d----- c:\program files\Ahead DVD Ripper
2009-06-12 19:12 <DIR> --d----- c:\users\ibo\appdata\roaming\GetRightToGo
2009-06-12 19:07 <DIR> --d----- c:\program files\Xilisoft
2009-06-12 18:03 <DIR> --d----- c:\program files\DVD Decrypter
2009-06-12 18:02 <DIR> --d----- c:\programdata\DVD Shrink
2009-06-12 18:02 <DIR> --d----- c:\program files\DVD Shrink
2009-06-12 01:07 11,264 a------- C:\Iexplor701.exe
2009-06-09 10:12 <DIR> --d----- c:\programdata\OrbNetworks
2009-06-09 10:12 <DIR> --d----- c:\progra~2\OrbNetworks
2009-06-09 10:12 <DIR> --d----- c:\program files\Orb Networks
2009-06-07 08:43 1,222 a------- c:\windows\system32\tversity.cookies
2009-06-07 02:29 26,624 a------- C:\Iexplor171.exe
2009-06-06 22:20 <DIR> --d----- c:\program files\TVersity Codec Pack
2009-06-06 22:19 <DIR> --d----- c:\program files\TVersity
2009-06-06 21:46 <DIR> --d----- c:\program files\Transcode360
2009-05-25 19:46 48,128 a------- C:\apnet.exe

==================== Find3M ====================

2009-05-16 10:05 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-16 10:05 86,016 a------- c:\windows\inf\infstor.dat
2009-05-16 10:05 51,200 a------- c:\windows\inf\infpub.dat
2009-05-15 19:36 60,273 a------- c:\windows\system32\pthreadGC2.dll
2009-05-10 23:12 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-05-10 21:17 1,301,304 a------- c:\users\ibo\WindowsXP-KB917021-v3-x86-ENU.exe
2009-05-09 06:50 915,456 a------- c:\windows\system32\wininet.dll
2009-05-09 06:34 71,680 a------- c:\windows\system32\iesetup.dll
2009-04-23 13:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 13:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-21 12:55 2,033,152 a------- c:\windows\system32\win32k.sys
2009-04-18 16:49 286,720 a------- c:\windows\iun504.exe
2008-08-07 11:01 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 03:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
1999-12-13 02:07 212,992 a------- c:\users\ibo\SOFTFSB.EXE
1999-12-13 02:07 36,864 a------- c:\users\ibo\SOFTFSB.DLL
1999-12-13 02:07 4,186 a------- c:\users\ibo\SOFTFSB.DAT
1999-12-13 02:07 2,304 a------- c:\users\ibo\SOFTFSB.SYS

============= FINISH: 21:35:54.45 ===============


and the attach file

once again many thanks.

Attached Files



BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,011 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:23 PM

Posted 16 June 2009 - 09:34 AM

This topic is a duplicate of the one posted here: http://www.bleepingcomputer.com/forums/t/234102/infected-with-god-knows-what/ Posting more than one topic on the same issue is called double-posting and is not allowed on this forum because it can create massive confusion and in this case make the malware removal process more difficult and time consuming. Therefore, this topic shall be deleted.

I removed the response post you made to it as it didn't add any information, so the topic now has 0 replies.

That said, the self-reply wasn't the reason for not having a response yet. We work with hundreds of logs every day, so we have devised a means of seeing only those topics that don't have responses yet. At the moment, we have well over 400 unanswered topics, the oldest dated Fri Jun 05, 2009 11:44 pm Eastern Daylight Savings time in the U.S.A. Your HiJack This topic is dated June 15, 2009, 4:45 PM using the same time zone.

Our volunteer HJT team members have various levels of expertise and training, so while we try to take the oldest DDS/HJT logs, it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us would want someone to assist you who is not familiar with your issue and attempt to fix it.

Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.

This topic shall disappear in the next 24 hours or so.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users