It's located at C:\Users\Username\ according to task manager, but when I navigate
there, even though I have 'show hidden files' checked, the directory shows no
evidence of the file, so I can't run FileASSASSIN on it either.
It began as a malware infection that I got from my old XP machine. I plugged
in my HD enclosure to my Dell laptop that runs Vista (now SP2, which I updated
today hoping to solve this). Some symptoms (listed in detail below) sounded
similar to the one posted here: http://www.bleepingcomputer.com/forums/ind...p;#entry1016549
BEFORE Mbam and ComboFix, symptoms included:
- shady pop-ups when I visited my favorite websites, even with popup blocker turned on.
- attempts to open internet explorer against my will
- on startup, Adobe Distiller and/or Acrobat "have stopped working," and when I try to
open any other Adobe programs, they boot entirely, but then "stop working" and shut down.
- windows updates suspiciously present on some but not all reboots. this may be coincidence.
- processes I didn't recognize that carried either no description or their descriptions were
the same as their filenames (ex: jiobo.exe's decription is jiobo.exe; I can't remember any
of the other process names). Their filenames would also change with every boot-up, to
something that either a) google didn't recognize or b) took me to a fake virus removal
site riddled with popups and installers. There would be three or four of these gremlinesque
processes showing in TM at a time, and Malwarbytes recognized and took care of three
of them, and I thought ComboFix took care of the rest until a few more reboots.
AFTER Mbam and ComboFix
- I have gotten a few popups, since virus removal, but not reliably, and none today,
so this has improved considerably.
- no attempts at internet explorer, but the popups have instead appeared in firefox
(which has been and is set as the default browser)
- same as before with the Adobe programs not booting properly or at all.
- jiobo.exe is taking up to 54% of my CPU, causing video playback to skip relentlessly.
- recently got a blue screen and several spontaneous (some failed) reboots, but that could
have been from running my laptop on my bed, so I think it's safe to say this was unrelated
and due to overheating (since that's what one of the blue screens said, and the machine
was way too hot at the time).
Is it possible that my blackberry has a virus on its media card, and is reinfecting
my system? The way my external HD did? [sidenote: Will also be posting shortly
re: how to transfer old design files to a new hard drive without transferring viruses,
since this is bound to happen again soon when I upgrade to a network storage device]
Either way, Mbam and ComboFix just were not enough. I have HijackThis installed,
and it sees the process, but I haven't tried hitting "Fix" there yet. Waiting for your
input on this one. :)
The only process still running that I can see is jiobo.exe.
I can't end it in Task Manager (nothing happens).
I unchecked it in the Boot tab of msconfig, but it was running at the next startup anyway.
It eats my CPU.
And kills my CS3 programs.