Posted 06 March 2010 - 08:15 PM
It was requested that I help a client with an issue of their computer running slowly and showing many pop-ups when attempting to browse. I went onsite and verified the claim, and when viewing the task manager found hundreds if not thousands of rundll.exe processes running
I ran malwarebytes and it found over 8,000 files that were related and deleted them. However, after reboot the same behavior occured once a gain. Each subsequent time I have run malwarebytes it runs for over 10 hours and essentially freezes.
The only way I could get malware bytes to run is by changing the name of the program.
One of the times when mbam was frozen, I brought up the task manager and noticed a file named "catchme.cfxxe"
I am attaching the results of both gmer and dds
This is a winxp system running sp3 and the anti-virus is freeavg. I inherited this program installed on the system, it is not mine by choice. And since it appears to have allowed this 'xploit to take over, I question it's value compared to either another program or the paid version of avg.
This is one pesky bugger. I have not had quite as ellusive of malware in the past.
Thanks in advance,