Jump to content


  • Content Count

  • Joined

  • Last visited

About Eyecu

  • Rank
  • Birthday 01/01/1970

Profile Information

  • Interests
  1. Awesome. Just as an update no further detection as of yet so looks lilke we nailed it. Thanks again for all your help.
  2. Already on it. Figured as much. I'm pretty computer literate on the hardware/software side of things. This one just had me stumped as no program I used found the base file...that msoflex.exe. Even though i saw it in the startup folder i should have googled it, but thought it was one of her graphics programs or something she uses. Anyways. Im on the passwrod changing. Thanks again.
  3. Thanks for al your help. The file is posted i think. Can't tell I attempted to attach it twice but its not showing up on the thread. Topic title is Attn: Fatdcuk. Thank you for all your help greatly appreciated...My fiance also says to say thank you as it was on her computer that the infection was.
  4. Ok well that seems to be the culprit. The virustotal site found that it had the TR/Crypt.XPACK.Gen as per Avira.
  5. Good day, For the past week or so I've been trying eradicate this Trojan.BZUB-IPV6 trojan that SAS keeps popping up a detection poppup on bootup. So far the three file names I can remember it saying it was is c:\windows\system32\skeys.dll c:\windows\system32\write.dll c:\windows\system32\twunk_16.dll The following is one of the scan logs with the registry entries it finds SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 08/29/2008 at 06:21 PM Application Version : 4.20.1046 Core Rules Database Version : 3551 Trace Rules Database Version: 1539 Scan type : Quick Scan Total Scan Time : 00:33:53 Memory items scanned : 429 Memory threats detected : 0 Registry items scanned : 477 Registry threats detected : 5 File items scanned : 18866 File threats detected : 1 Trojan.BZub-IPV6 HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36DBC179-A19F-48F2-B16A-6A3E19B42A87} HKCR\CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87} HKCR\CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}\InprocServer32 HKCR\CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}\InprocServer32#ThreadingModel C:\WINDOWS\SYSTEM32\SKEYS.DLL HKCR\CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87} So far I've run SAS, Malwarebytes, hijackthis, and trojan hunter to attempt to get rid of this pesky rodent. I've run all of these both in normal mode, safe mode, and safe mode with command prompt. Everytime it says it successfully removed it, and on the next start up I don't get the warning. But on following startups I do. Any help would be appreciated. P.S. for every other issue SAS has done extremely well. Good job on this product, I have been recommending it to everyone I know.
  • Create New...