Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Re: Atapi.sys infected - Trojan Horse Packed.Protector.C  (Read 4465 times)

0 Members and 1 Guest are viewing this topic.

dzi

  • Guest
Re: Atapi.sys infected - Trojan Horse Packed.Protector.C
« on: December 11, 2009, 05:46:22 AM »
Hi, I have the same problem, or had. I used ComboFix, as is written up.

I had that Trojan and the same dile was infected and also I had svchost problem.

I will post a log file here, and thenk you in advance for assistence:

ComboFix 09-12-10.01 - goga 12/11/2009  12:56:21.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.767.498 [GMT 1:00]
Running from: c:\documents and settings\goga\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\goga\Start Menu\Programs\Startup\siszyd32.exe
c:\windows\system32\av_md.exe
c:\windows\system32\config\systemprofile\av_md.exe
c:\windows\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd
D:\la.txt

----- BITS: Possible infected sites -----

hxxp://www.rsiwarrior.com
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SKYNET
-------\Service_SKYNET


(((((((((((((((((((((((((   Files Created from 2009-11-11 to 2009-12-11  )))))))))))))))))))))))))))))))
.

2009-12-11 07:53 . 2009-12-11 08:04   --------   d-----w-   c:\windows\LastGood
2009-12-11 07:39 . 2004-08-03 21:31   20992   ----a-w-   c:\windows\system32\drivers\RTL8139.sys
2009-12-11 07:34 . 2001-08-23 15:00   24661   ----a-w-   c:\windows\system32\spxcoins.dll
2009-12-11 07:34 . 2001-08-23 15:00   13312   ----a-w-   c:\windows\system32\irclass.dll
2009-12-10 21:07 . 2009-12-10 21:07   --------   d-----w-   c:\documents and settings\goga\Local Settings\Application Data\PlentyofTorrents
2009-12-10 21:07 . 2009-12-10 21:07   --------   d-----w-   c:\program files\Conduit
2009-12-10 21:07 . 2009-12-10 21:07   --------   d-----w-   c:\documents and settings\goga\Local Settings\Application Data\Conduit
2009-12-10 20:58 . 2009-12-10 20:58   --------   d-----w-   C:\Nikoletina
2009-12-10 19:40 . 2009-12-10 19:40   --------   d-----w-   c:\documents and settings\goga\Application Data\Uniblue
2009-12-10 19:00 . 2009-12-10 19:27   --------   d-----w-   c:\documents and settings\goga\Application Data\Lavasoft
2009-12-10 18:42 . 2009-12-10 23:52   --------   d-----w-   c:\windows\LastGood.Tmp
2009-12-10 16:30 . 2009-12-10 18:53   --------   d-----w-   c:\program files\Enigma Software Group
2009-12-09 22:54 . 2009-12-09 22:56   --------   d-----w-   C:\Nights.In.Rodanthe.2008.DVDRiP.XViD
2009-12-07 23:38 . 2009-03-30 08:33   96104   ----a-w-   c:\windows\system32\drivers\avipbb.sys
2009-12-07 23:38 . 2009-02-13 10:29   22360   ----a-w-   c:\windows\system32\drivers\avgntmgr.sys
2009-12-07 23:38 . 2009-02-13 10:17   45416   ----a-w-   c:\windows\system32\drivers\avgntdd.sys
2009-12-07 23:38 . 2009-12-07 23:38   --------   d-----w-   c:\program files\Avira
2009-12-07 23:38 . 2009-12-07 23:38   --------   d-----w-   c:\documents and settings\All Users\Application Data\Avira
2009-12-06 21:13 . 2009-12-06 21:13   --------   d--h--w-   c:\windows\PIF
2009-12-03 17:59 . 2004-08-03 22:56   221184   ----a-w-   c:\windows\system32\wmpns.dll
2009-11-28 14:40 . 2009-11-28 14:40   152576   ----a-w-   c:\documents and settings\goga\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-28 14:39 . 2009-11-28 14:39   79488   ----a-w-   c:\documents and settings\goga\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-27 21:30 . 2009-11-27 21:30   --------   d-----w-   c:\documents and settings\goga\Application Data\Acoustica
2009-11-27 21:09 . 2009-11-27 21:09   --------   d-----w-   c:\documents and settings\goga\Local Settings\Application Data\Help
2009-11-27 18:16 . 2009-11-27 18:16   --------   d-----w-   c:\documents and settings\goga\Application Data\Corel
2009-11-27 18:00 . 2009-11-27 18:00   --------   d-----w-   c:\windows\Corel
2009-11-26 23:06 . 2009-11-26 23:29   --------   d---a-w-   c:\documents and settings\All Users\Application Data\TEMP
2009-11-25 00:11 . 2009-11-25 00:11   --------   d-----w-   C:\PROBA
2009-11-22 00:29 . 2009-11-22 00:29   14911   ----a-w-   C:\Calculator.zip
2009-11-22 00:29 . 2009-11-22 00:29   --------   d-----w-   C:\Calculator
2009-11-20 12:45 . 2009-12-04 19:39   --------   d-----w-   c:\documents and settings\goga\Application Data\DC++
2009-11-20 12:45 . 2009-11-20 12:45   --------   d-----w-   c:\documents and settings\goga\Local Settings\Application Data\DC++
2009-11-20 12:34 . 2009-11-20 12:34   --------   d-----w-   c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2009-11-19 19:34 . 2009-11-23 18:34   --------   d-----w-   C:\java
2009-11-19 18:59 . 2009-11-19 18:59   --------   d-----w-   c:\documents and settings\goga\workspace
2009-11-16 08:49 . 2009-11-23 18:33   --------   d-----w-   C:\Kalkulator kopija 1
2009-11-14 14:16 . 2009-11-14 14:20   --------   d-----w-   c:\documents and settings\goga\Application Data\ZoomBrowser EX
2009-11-14 14:11 . 2009-11-14 14:16   --------   d-----w-   c:\documents and settings\goga\Application Data\CameraWindowDC
2009-11-14 14:11 . 2009-11-14 14:11   --------   d-----w-   c:\documents and settings\goga\Application Data\CANON INC
2009-11-14 14:11 . 2001-08-17 21:36   5632   ----a-w-   c:\windows\system32\ptpusb.dll
2009-11-14 14:11 . 2004-08-03 23:56   159232   ----a-w-   c:\windows\system32\ptpusd.dll
2009-11-14 14:11 . 2004-08-03 21:58   15104   ----a-w-   c:\windows\system32\drivers\usbscan.sys
2009-11-14 13:46 . 2009-11-14 13:47   --------   d-----w-   c:\program files\Canon
2009-11-14 13:46 . 2009-11-14 13:46   --------   d-----w-   c:\documents and settings\All Users\Application Data\ZoomBrowser
2009-11-14 13:40 . 2009-11-14 13:40   --------   d-----w-   c:\program files\Common Files\Canon

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-11 12:27 . 2009-10-24 17:30   --------   d-----w-   c:\documents and settings\goga\Application Data\uTorrent
2009-12-11 07:50 . 2009-10-21 13:51   22780   ----a-w-   c:\windows\system32\emptyregdb.dat
2009-12-10 19:23 . 2009-12-10 19:23   16   ----a-w-   c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat
2009-12-10 11:58 . 2009-12-10 11:58   16   ----a-w-   c:\documents and settings\NetworkService\Application Data\fvgqad.dat
2009-12-10 11:58 . 2009-12-10 11:58   4   ----a-w-   c:\documents and settings\goga\Application Data\avdrn.dat
2009-12-09 22:23 . 2009-10-30 22:43   --------   d-----w-   c:\documents and settings\goga\Application Data\Skype
2009-12-09 20:44 . 2009-10-30 23:04   --------   d-----w-   c:\documents and settings\goga\Application Data\skypePM
2009-12-08 13:39 . 2009-10-21 19:03   56816   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2009-12-07 23:39 . 2009-10-21 19:55   30639   ----a-w-   c:\documents and settings\goga\Application Data\usrstats.dat
2009-12-07 23:36 . 2009-12-07 23:36   0   ---ha-w-   c:\documents and settings\All Users\Application Data\BIT7.tmp
2009-11-28 14:45 . 2009-10-30 13:58   --------   d-----w-   c:\program files\Java
2009-11-27 19:19 . 2009-10-21 19:53   42168   ----a-w-   c:\documents and settings\goga\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-27 18:02 . 2009-10-21 14:15   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-11-27 17:37 . 2009-10-21 14:15   --------   d-----w-   c:\program files\Common Files\InstallShield
2009-11-25 18:03 . 2009-10-21 14:37   --------   d-----w-   c:\program files\Common Files\Adobe
2009-11-20 21:46 . 2009-11-03 18:35   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple Computer
2009-11-19 10:52 . 2009-10-21 19:31   --------   d-----w-   c:\documents and settings\goga\Application Data\Yahoo!
2009-11-13 13:01 . 2009-10-22 18:51   --------   d-----w-   c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-05 10:17 . 2009-10-21 15:12   --------   d-----w-   c:\documents and settings\goga\Application Data\AdobeUM
2009-11-03 18:42 . 2009-11-03 18:39   --------   d-----w-   c:\documents and settings\goga\Application Data\Media Player Classic
2009-11-02 23:01 . 2009-11-02 23:01   --------   d-----w-   c:\program files\DVBViewerTE
2009-11-02 21:54 . 2009-11-02 21:54   --------   d-----w-   c:\documents and settings\goga\Application Data\DivX
2009-11-01 14:30 . 2009-10-21 19:41   --------   d-----w-   c:\documents and settings\goga\Application Data\Ahead
2009-10-31 16:28 . 2009-10-31 16:28   --------   d-----w-   c:\program files\Common Files\Apple
2009-10-31 16:27 . 2009-10-31 16:27   --------   d-----w-   c:\program files\Apple Software Update
2009-10-31 16:27 . 2009-10-31 16:27   --------   d-----w-   c:\documents and settings\All Users\Application Data\Apple
2009-10-30 23:04 . 2009-10-30 23:04   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
2009-10-30 22:43 . 2009-10-30 22:42   --------   d-----w-   c:\program files\Skype
2009-10-30 22:43 . 2009-10-30 22:42   --------   d-----w-   c:\documents and settings\All Users\Application Data\Skype
2009-10-30 22:42 . 2009-10-30 22:42   --------   d-----w-   c:\program files\Common Files\Skype
2009-10-30 13:58 . 2009-10-30 13:58   152576   ----a-w-   c:\documents and settings\goga\Application Data\Sun\Java\jre1.6.0_16\lzma.dll
2009-10-27 23:30 . 2009-10-27 23:30   --------   d-----w-   c:\program files\Hewlett-Packard
2009-10-24 23:31 . 2009-10-21 19:06   --------   d-----w-   c:\documents and settings\goga\Application Data\BSplayer Pro
2009-10-22 23:49 . 2009-10-21 19:19   --------   d-----w-   c:\documents and settings\goga\Application Data\Winamp
2009-10-22 19:26 . 2009-10-22 19:26   --------   d-----w-   c:\documents and settings\goga\Application Data\ACD Systems
2009-10-22 19:24 . 2009-10-22 19:10   --------   d-----w-   c:\program files\Microsoft SQL Server
2009-10-22 19:19 . 2009-10-21 16:49   --------   d-----w-   c:\program files\Microsoft.NET
2009-10-22 16:32 . 2009-10-22 16:32   --------   d-----w-   c:\documents and settings\goga\Application Data\Teleca
2009-10-21 19:57 . 2009-10-21 19:56   --------   d-----w-   c:\program files\Common Files\Teleca Shared
2009-10-21 19:57 . 2009-10-21 19:57   --------   d-----w-   c:\program files\Sony Ericsson
2009-10-21 19:56 . 2009-10-21 19:56   --------   d-----w-   c:\documents and settings\goga\Application Data\Sony Ericsson
2009-10-21 19:56 . 2009-10-21 19:54   --------   d-----w-   c:\documents and settings\All Users\Application Data\Teleca
2009-10-21 19:56 . 2009-10-21 19:54   --------   d-----w-   c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-10-21 19:56 . 2009-10-21 19:56   --------   d-----w-   c:\program files\Common Files\Sony Ericsson Shared
2009-10-21 19:41 . 2009-10-21 19:39   --------   d-----w-   c:\program files\Common Files\Ahead
2009-10-21 19:33 . 2009-10-21 19:33   --------   d-----w-   c:\documents and settings\All Users\Application Data\ACD Systems
2009-10-21 19:33 . 2009-10-21 19:09   --------   d-----w-   c:\program files\ACD Systems
2009-10-21 19:31 . 2009-10-21 19:29   --------   d-----w-   c:\program files\Yahoo!
2009-10-21 19:31 . 2009-10-21 19:29   --------   d-----w-   c:\documents and settings\All Users\Application Data\Yahoo!
2009-10-21 19:31 . 2009-10-21 19:31   --------   d-----w-   c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-10-21 16:49 . 2009-10-21 16:49   --------   d-----w-   c:\program files\Microsoft ActiveSync
2009-10-21 16:33 . 2009-10-21 16:33   --------   d-----w-   c:\documents and settings\All Users\Application Data\McAfee
2009-10-21 16:06 . 2009-10-21 16:06   --------   d-----w-   c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-10-21 15:31 . 2009-10-21 15:31   --------   d-----w-   c:\documents and settings\All Users\Application Data\CMUV
2009-10-21 15:07 . 2009-10-21 15:07   --------   d-----w-   c:\documents and settings\All Users\Application Data\Technisat
2009-10-21 15:06 . 2009-10-21 15:06   --------   d-----w-   c:\program files\MainConcept
2009-10-21 14:55 . 2009-10-21 13:55   86327   ----a-w-   c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-10-21 14:47 . 2009-10-21 14:33   --------   d-----w-   c:\program files\ProgDVB
2009-10-21 14:21 . 2009-10-21 14:21   0   ----a-w-   c:\windows\nsreg.dat
2009-10-21 14:15 . 2009-10-21 14:15   --------   d-----w-   c:\program files\Intel
2009-10-21 13:57 . 2009-10-21 13:57   --------   d-----w-   c:\program files\microsoft frontpage
2009-10-11 03:17 . 2009-10-30 13:59   411368   ----a-w-   c:\windows\system32\deploytk.dll
2009-09-25 16:42 . 2009-11-02 21:51   120056   ----a-w-   c:\windows\system32\pxcpyi64.exe
2009-09-25 16:42 . 2009-11-02 21:51   118520   ----a-w-   c:\windows\system32\pxinsi64.exe
2009-09-24 18:16 . 2009-10-21 19:29   607472   ----a-w-   c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208]
"uTorrent"="d:\programi\uTorrent\uTorrent.exe" [2009-12-09 289584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="d:\programi\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - d:\programi\TechniSat DVB\bin\Server4PC.exe [2009-11-3 338448]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RSI Warrior.lnk]
backup=c:\windows\pss\RSI Warrior.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:56   110592   ----a-w-   c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2009-11-10 14:39   5244216   ----a-w-   d:\programi\YAHOOM~1\MESSEN~1\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40   155648   ----a-w-   c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08   417792   ----a-w-   d:\programi\K-Lite Codec Pack\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-05-28 08:14   528384   ----a-r-   d:\programi\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2009-12-09 16:19   289584   ----a-w-   d:\programi\uTorrent\uTorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programi\\Yahoo messenger\\Messenger\\YahooMessenger.exe"=
"d:\\Programi\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/8/2009 12:38 AM 108289]
.
------- Supplementary Scan -------
.
uStart Page =
IE: E&xport to Microsoft Excel - d:\programi\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\goga\Application Data\Mozilla\Firefox\Profiles\gz6ssm5a.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - component: d:\programi\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: d:\programi\Mozilla *Blocked Russian URL*\components\KavLinkFilter.dll
FF - plugin: c:\documents and settings\goga\Local Settings\Application Data\Yahoo!\BrowserPlus\2.4.17\Plugins\npybrowserplus_2.4.17.dll
FF - plugin: d:\programi\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: d:\programi\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: d:\programi\Reader\browser\nppdf32.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - trued:\programi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{6a54b25b-4736-4fbd-bdb5-ce12dfc25e37} - c:\program files\PlentyofTorrents\tbPlen.dll
BHO-{6a54b25b-4736-4fbd-bdb5-ce12dfc25e37} - c:\program files\PlentyofTorrents\tbPlen.dll
Toolbar-{6a54b25b-4736-4fbd-bdb5-ce12dfc25e37} - c:\program files\PlentyofTorrents\tbPlen.dll
WebBrowser-{6A54B25B-4736-4FBD-BDB5-CE12DFC25E37} - c:\program files\PlentyofTorrents\tbPlen.dll
AddRemove-PlentyofTorrents Toolbar - c:\progra~1\PLENTY~1\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-11 13:29
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\imapi.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\\?\c:\windows\system32\WBEM\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2009-12-11  13:31:52 - machine was rebooted
ComboFix-quarantined-files.txt  2009-12-11 12:31

Pre-Run: 1,662,324,736 bytes free
Post-Run: 2,440,630,272 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - FF20F7077F51FCF155F7A5A5D1E21025
 
Logged

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: Atapi.sys infected - Trojan Horse Packed.Protector.C
« Reply #1 on: December 11, 2009, 11:53:54 AM »
dzi. Please don't hijack another person's thread. Start one of your own. Go to the first thread in this forum and follow the instructions. Someone will help you with your particular problem.
Logged
Windows 8 and Windows 10 dual boot with two SSD's

evilfantasy

  • Malware Removal Specialist
  • Moderator


    • Genius
  • Calm like a bomb
    • Thanked: 493
  • Experience: Experienced
  • OS: Windows 11
Re: Re: Atapi.sys infected - Trojan Horse Packed.Protector.C
« Reply #2 on: December 11, 2009, 01:30:11 PM »
Moved to new topic.
Logged
Pages: [1]   Go Up
« previous next »