1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Serious virus, able to retrieve data while modem unplugged

Discussion in 'Virus & Other Malware Removal' started by redeemed777, Nov 13, 2014.

Thread Status:
Not open for further replies.
  1. redeemed777

    redeemed777 Thread Starter

    Joined:
    Nov 13, 2014
    Messages:
    2
    >> Requested to remove devices controlled by the "FBIKB_NT" service. - (00000025)
    << Failed to complete the request!
    [email protected]_Get_Device_ID_List_Size
    >> Requested to remove a specific device ("Root..LEGACY_FBIKB_NT..0000").

    Root..*ISATAP
    Root..*ISATAP..0000
    Root..*ISATAP..0001
    Root..ACPI_HAL
    Root..ACPI_HAL..0000
    Root..COMPOSITE_BATTERY
    Root..COMPOSITE_BATTERY..0000
    Root..ISCSIPRT
    Root..ISCSIPRT..0000
    Root..LEGACY_ADP94XX
    Root..LEGACY_ADP94XX..0000
    Root..LEGACY_ADPAHCI
    Root..LEGACY_ADPAHCI..0000
    Root..LEGACY_ADPU160M
    Root..LEGACY_ADPU160M..0000
    Root..LEGACY_ADPU320
    Root..LEGACY_ADPU320..0000
    Root..LEGACY_AFD
    Root..LEGACY_AFD..0000
    Root..LEGACY_AIC78XX
    Root..LEGACY_AIC78XX..0000
    Root..LEGACY_ALIIDE
    Root..LEGACY_ALIIDE..0000
    Root..LEGACY_AMDIDE
    Root..LEGACY_AMDIDE..0000
    Root..LEGACY_ARC
    Root..LEGACY_ARC..0000
    Root..LEGACY_ARCSAS
    Root..LEGACY_ARCSAS..0000
    Root..LEGACY_ATAPI
    Root..LEGACY_ATAPI..0000
    Root..LEGACY_BEEP
    Root..LEGACY_BEEP..0000
    Root..LEGACY_BOWSER
    Root..LEGACY_BOWSER..0000
    Root..LEGACY_CDFS
    Root..LEGACY_CDFS..0000
    Root..LEGACY_CLFS
    Root..LEGACY_CLFS..0000
    Root..LEGACY_CMDIDE
    Root..LEGACY_CMDIDE..0000
    Root..LEGACY_CRCDISK
    Root..LEGACY_CRCDISK..0000
    Root..LEGACY_DFSC
    Root..LEGACY_DFSC..0000
    Root..LEGACY_DXGKRNL
    Root..LEGACY_DXGKRNL..0000
    Root..LEGACY_ECACHE
    Root..LEGACY_ECACHE..0000
    Root..LEGACY_ELXSTOR
    Root..LEGACY_ELXSTOR..0000
    Root..LEGACY_FILEINFO
    Root..LEGACY_FILEINFO..0000
    Root..LEGACY_FLTMGR
    Root..LEGACY_FLTMGR..0000
    Root..LEGACY_FS_REC
    Root..LEGACY_FS_REC..0000
    Root..LEGACY_HPCISSS
    Root..LEGACY_HPCISSS..0000
    Root..LEGACY_HTTP
    Root..LEGACY_HTTP..0000
    Root..LEGACY_I2OMP
    Root..LEGACY_I2OMP..0000
    Root..LEGACY_IASTORV
    Root..LEGACY_IASTORV..0000
    Root..LEGACY_IIRSP
    Root..LEGACY_IIRSP..0000
    Root..LEGACY_INTELIDE
    Root..LEGACY_INTELIDE..0000
    Root..LEGACY_ISAPNP
    Root..LEGACY_ISAPNP..0000
    Root..LEGACY_ITEATAPI
    Root..LEGACY_ITEATAPI..0000
    Root..LEGACY_ITERAID
    Root..LEGACY_ITERAID..0000
    Root..LEGACY_KSECDD
    Root..LEGACY_KSECDD..0000
    Root..LEGACY_LLTDIO
    Root..LEGACY_LLTDIO..0000
    Root..LEGACY_LSI_FC
    Root..LEGACY_LSI_FC..0000
    Root..LEGACY_LSI_SAS
    Root..LEGACY_LSI_SAS..0000
    Root..LEGACY_LSI_SCSI
    Root..LEGACY_LSI_SCSI..0000
    Root..LEGACY_LUAFV
    Root..LEGACY_LUAFV..0000
    Root..LEGACY_MEGASAS
    Root..LEGACY_MEGASAS..0000
    Root..LEGACY_MEGASR
    Root..LEGACY_MEGASR..0000
    Root..LEGACY_MOUNTMGR
    Root..LEGACY_MOUNTMGR..0000
    Root..LEGACY_MPSDRV
    Root..LEGACY_MPSDRV..0000
    Root..LEGACY_MRAID35X
    Root..LEGACY_MRAID35X..0000
    Root..LEGACY_MRXDAV
    Root..LEGACY_MRXDAV..0000
    Root..LEGACY_MRXSMB
    Root..LEGACY_MRXSMB..0000
    Root..LEGACY_MRXSMB10
    Root..LEGACY_MRXSMB10..0000
    Root..LEGACY_MRXSMB20
    Root..LEGACY_MRXSMB20..0000
    Root..LEGACY_MSDSM
    Root..LEGACY_MSDSM..0000
    Root..LEGACY_MSFS
    Root..LEGACY_MSFS..0000
    Root..LEGACY_MSISADRV
    Root..LEGACY_MSISADRV..0000
    Root..LEGACY_MUP
    Root..LEGACY_MUP..0000
    Root..LEGACY_NATIVEWIFIP
    Root..LEGACY_NATIVEWIFIP..0000
    Root..LEGACY_NAVENG
    Root..LEGACY_NAVENG..0000
    Root..LEGACY_NAVEX15
    Root..LEGACY_NAVEX15..0000
    Root..LEGACY_NDIS
    Root..LEGACY_NDIS..0000
    Root..LEGACY_NDISUIO
    Root..LEGACY_NDISUIO..0000
    Root..LEGACY_NDPROXY
    Root..LEGACY_NDPROXY..0000
    Root..LEGACY_NETBIOS
    Root..LEGACY_NETBIOS..0000
    Root..LEGACY_NETBT
    Root..LEGACY_NETBT..0000
    Root..LEGACY_NFRD960
    Root..LEGACY_NFRD960..0000
    Root..LEGACY_NPFS
    Root..LEGACY_NPFS..0000
    Root..LEGACY_NSIPROXY
    Root..LEGACY_NSIPROXY..0000
    Root..LEGACY_NTFS
    Root..LEGACY_NTFS..0000
    Root..LEGACY_NULL
    Root..LEGACY_NULL..0000
    Root..LEGACY_NVRAID
    Root..LEGACY_NVRAID..0000
    Root..LEGACY_NVSTOR
    Root..LEGACY_NVSTOR..0000
    Root..LEGACY_PCIIDE
    Root..LEGACY_PCIIDE..0000
    Root..LEGACY_PEAUTH
    Root..LEGACY_PEAUTH..0000
    Root..LEGACY_PSCHED
    Root..LEGACY_PSCHED..0000
    Root..LEGACY_QL2300
    Root..LEGACY_QL2300..0000
    Root..LEGACY_QL40XX
    Root..LEGACY_QL40XX..0000
    Root..LEGACY_RASACD
    Root..LEGACY_RASACD..0000
    Root..LEGACY_RDBSS
    Root..LEGACY_RDBSS..0000
    Root..LEGACY_RDPCDD
    Root..LEGACY_RDPCDD..0000
    Root..LEGACY_RDPENCDD
    Root..LEGACY_RDPENCDD..0000
    Root..LEGACY_RSPNDR
    Root..LEGACY_RSPNDR..0000
    Root..LEGACY_SBP2PORT
    Root..LEGACY_SBP2PORT..0000
    Root..LEGACY_SECDRV
    Root..LEGACY_SECDRV..0000
    Root..LEGACY_SISRAID2
    Root..LEGACY_SISRAID2..0000
    Root..LEGACY_SISRAID4
    Root..LEGACY_SISRAID4..0000
    Root..LEGACY_SMB
    Root..LEGACY_SMB..0000
    Root..LEGACY_SPLDR
    Root..LEGACY_SPLDR..0000
    Root..LEGACY_SRTSP
    Root..LEGACY_SRTSP..0000
    Root..LEGACY_SRTSPX
    Root..LEGACY_SRTSPX..0000
    Root..LEGACY_SRV
    Root..LEGACY_SRV..0000
    Root..LEGACY_SRV2
    Root..LEGACY_SRV2..0000
    Root..LEGACY_SRVNET
    Root..LEGACY_SRVNET..0000
    Root..LEGACY_SYMC8XX
    Root..LEGACY_SYMC8XX..0000
    Root..LEGACY_SYM_HI
    Root..LEGACY_SYM_HI..0000
    Root..LEGACY_SYM_U3
    Root..LEGACY_SYM_U3..0000
    Root..LEGACY_TCPIP
    Root..LEGACY_TCPIP..0000
    Root..LEGACY_TCPIPREG
    Root..LEGACY_TCPIPREG..0000
    Root..LEGACY_TDX
    Root..LEGACY_TDX..0000
    Root..LEGACY_ULIAHCI
    Root..LEGACY_ULIAHCI..0000
    Root..LEGACY_ULSATA
    Root..LEGACY_ULSATA..0000
    Root..LEGACY_ULSATA2
    Root..LEGACY_ULSATA2..0000
    Root..LEGACY_VGASAVE
    Root..LEGACY_VGASAVE..0000
    Root..LEGACY_VIAIDE
    Root..LEGACY_VIAIDE..0000
    Root..LEGACY_VOLMGRX
    Root..LEGACY_VOLMGRX..0000
    Root..LEGACY_VOLSNAP
    Root..LEGACY_VOLSNAP..0000
    Root..LEGACY_VSMRAID
    Root..LEGACY_VSMRAID..0000
    Root..LEGACY_WANARPV6
    Root..LEGACY_WANARPV6..0000
    Root..LEGACY_WD
    Root..LEGACY_WD..0000
    Root..LEGACY_WDF01000
    Root..LEGACY_WDF01000..0000
    Root..LEGACY_XAUDIO
    Root..LEGACY_XAUDIO..0000
    Root..MS_L2TPMINIPORT
    Root..MS_L2TPMINIPORT..0000
    Root..MS_NDISWANBH
    Root..MS_NDISWANBH..0000
    Root..MS_NDISWANIP
    Root..MS_NDISWANIP..0000
    Root..MS_NDISWANIPV6
    Root..MS_NDISWANIPV6..0000
    Root..MS_PPPOEMINIPORT
    Root..MS_PPPOEMINIPORT..0000
    Root..MS_PPTPMINIPORT
    Root..MS_PPTPMINIPORT..0000
    Root..MS_SSTPMINIPORT
    Root..MS_SSTPMINIPORT..0000
    Root..RDP_KBD
    Root..RDP_KBD..0000
    Root..RDP_MOU
    Root..RDP_MOU..0000
    Root..SYSTEM
    Root..SYSTEM..0000
    Root..SYSTEM..0002
    Root..UMBUS
    Root..UMBUS..0000
    Root..volmgr
    Root..volmgr..0000
    << Successfully completed the request!
    >> Requested to remove a specific device ("Root..LEGACY_FBIKB_NT")

    http://answers.microsoft.com/en-us/...-this-is/66e602a4-f202-42a4-a03d-52c9fabd9f50


    This is my exact problem. I believe I am being targeted for trade secrets. I have had 2 PC's compromised and lost administrative rights to both. Went and bought new PC and router and moments after hooking everything up the same problem happened. I have been a bit more combative this time and believe I have stopped the transfer of my personal data. Problem is (I'm assuming) I can't change the settings under "services". The dcom server process launcher is what I am assuming is allowing all of this to take place. I am unable to change any of the settings when I go to its properties. The log on as section is all barely visible like a light grey and I can't make any changes. The same goes for the section under the general tab. I had to stop the fax on my system BC they were using that to retrieve data, its a used PC so I am feeling guilty but had no clue they would still be able to access the knew PC with a new router but I guess I should have figured so given that they were able to do things while router and modem were completely unplugged. According to the event viewer while asleep and everything unplugged they were able to get new special login credentials granted, wording may have been slightly different. Also, when I was able to run my spyware before they were able to set it to where only they can access the logs, one of the logs gave times that someone or some program was "listening on port 23xxx" not sure if that actually means someone has been listening to my families conversations or if it just PC lingo for something far off than that. There are logs that are in chineese and other coded languages, settings that i can only access in safe mode, settings unable to access in safe mode...this is seriously the biggest headache i have had to deal with in a long time. Back to the settings. I am unable to connect to the net on that PC b/c they have disabled my network settings under sytem , so I can't even download the propper software to get this craziness put to an end that I have been dealing with for almost two weeks.....someone, anyone, please help. Thank you!!!
     
  2. redeemed777

    redeemed777 Thread Starter

    Joined:
    Nov 13, 2014
    Messages:
    2
    If someone would need more info in order to assist me then please do not hesitate to ask. Thank you
     
  3. JSntgRvr

    JSntgRvr Moderator Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,551
    First Name:
    José
    Welcome :)

    Those legacy keys need special permissions to be accessed. Lets take a look.

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

    Once finished above, please continue as follows:

    Type the following in the edit box on FRST, after "Search:".

    FBIKB_NT*

    It then should look like:

    Search: FBIKB_NT*

    Click Search Files button and post the log (Search.txt) it makes on the USB drive in your next reply.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1137273

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice