Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i got infected ugh


  • Please log in to reply
3 replies to this topic

#1 kbmodigity

kbmodigity

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 17 May 2013 - 10:20 PM

About 2 months ago I had noticed internet explorer was opening itself by itself in the middle of me running gaming programs, was really annoying. My normal antivirus, Trend micro, had spotted over 1000 instances of detection and removal. I was shocked to see this as no warnings were given from the AV itself. I sat on the phone and though email chat for days if not weeks trying to remove through trendmicro, and they said I had no infection. Sadly too cause I know I was and I am a partner with them as an owner of a computer company that sells their product. Lost all faith. I ran combofix and problem solved (so I thought), which I have used many times in the past and always worked wonders. At least I thought so.

 

So today I'm running legit software verified games like GTA (paid for not torrented) and progs before like quickbooks and word/ outlook, things like that and I see the demon reoccur. All the sudden my comp starts freezing up and getting minor problems again. I run combofix,, it finds things and removes. I run malwarebytes, comes up clean. I run TrendMicro regular virus scanner,, comes up clean cept for some cookies. Run rookit buster from trendmicro, comes up clean, run tddskiller from Kaspersky and comes up clean. run combo fix again and finds the same things. run it yet again and finds and deletes the same things 3 times over. I obviously have a rootkit  that may have been here for a while that is regenerating this and even combofix isn't finding

 

I saw you do not want logs posted here, and am kind of ashamed as an IT person to ask for help, but any would be much appreciated. Please someone send help



BC AdBot (Login to Remove)

 


#2 kbmodigity

kbmodigity
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 17 May 2013 - 10:28 PM

sry, I have win 7 32 bit



#3 kbmodigity

kbmodigity
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 17 May 2013 - 10:39 PM

locations of deletions that reoccur are as follows (lot logs),

 

 

c:\programdata\boost_interprocess\20130517224352.375200

c:\users\marc\appdata\roaming\microsoft\network\connections\pbk\_hiddenpbk

c:\users\marc\appdata\roaming\microsoft\network\connections\pbk\_hiddenpbk\rasphone.pbk



#4 kbmodigity

kbmodigity
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:26 AM

Posted 19 May 2013 - 12:14 AM

its been about 24 hours now , wondering why there has been no reply.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users