Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

difficult to find and remove infections. now with added hotmail hacks


  • Please log in to reply
No replies to this topic

#1 ultma

ultma

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:49 PM

Posted 05 April 2010 - 12:11 AM

about a week ago I found some odd files in my shared folder and stupidly I ran them. I infected my self with dl.exe and tenga.a and probly more.
windows failed to boot normaly so I ran windows in safe mode with networking and ran kaspersky virus removal tool several times and thought i had fixed the system. Even though i still couldnt get msconfig to work.

So I turned off my computer and went away on holiday. when I retured I found that my hotmail account had been used to send dubiuos links to all in my contacts list with no trace in my sent messages.

so I upped my game and installed kaspersky pure and changed my passwords, kaspersky didnt find much. So then I ran spybot and malwarebytes they both found a trojan each. Now this Worried me as my computer seemed alittle sluginsh in the typing department and internet explorer was freezeing on ocassion. So i ran several online scanners they all found nothing.

I tried combofix in safe mode after it found infected files and system files

c:\windows\system32\sbcrreag.dll
c:\windows\system32\spoolsv.exe
c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk <-kaspersky told this was tryn to access password files :0
c:\documents and settings\User\Application Data\inst.exe
c:\windows\AppPatch\AcAdProc.dll

msconfig still doesnt work and i still suspect keyloggers,trojans or worse on my system.

its time to swallow my pride and ask for help :thumbsup:

edit: i have reinstalled superantispyware and am currently running a full scan already it has found 7 copies of trojan.agent/gen

edit: installed and running a-squared its has found quite few when the others no longer find any
win32.virut!IK
win32.virut.q!IK
win32.sality!IK
win32.small!IK
and the list goes on :flowers:

Edited by ultma, 05 April 2010 - 02:39 AM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users