Posted 16 September 2009 - 07:10 PM
Well, my brother-in-law has a computer that recently got a nasty trojan.zlob infection, as well as a rogue.agent infection, which (as far as he is concerned) he's been able to battle with moderate success (he loves them p2p's). Anyway, his only remaining problem now is that he is not able to connect via his wireless network adapter. It seems the wireless connection has been hijacked (I think): it keeps connecting to an unknown computer (no matter what we do). It's the same connection profile, same SSID every single time. It's annoying. Now he is out of town, and will not be able to look into the matter in depth, so I told him I'd hold down the fort. What do you guys think could be the issue?? Could it be a hijacked connection, and if so, how do we take back control of the situation?
Things we have done:
-Run MBAM. Several logs exist, beginning from 8-27-09 onwards. The last scan ran on the computer was today, it is still running as of this post.
-Run ATF-Cleaner. Purged everything, including browser (Mozilla Firefox)
-Run RootRepeal. (Did not wipe anything, just ran the scan several times. Showed several hidden modules, they look like they're from dell. Also showed several hooked SSDT's, apparently by a file called iksysflt.sys)
-Run Microsoft's FixIt tool to gain back control of permissions, as we could not get automatic updates turned on.
My B-I-L is running Windows XP SP3, it's a Dell Inspiron 1501 notebook.
All help will be greatly appreciated, by my B-I-L as well as both my wife and I. We have wedding pictures on his computer that we have not yet been able to back up, and I am afraid that whatever is trying to connect to his computer might trash his system before we can do so. Thanks, and God bless you all!!
P.S.: Also tried connecting via wired connection just now, and it is showing the same SSID trying to connect to the computer .. WTF do I do??
"Danger = Crisis + Opportunity" - Chinese character