Hi Rob

 

I just did a full scan of my system and no sign of those files, but I guess it could depend on what Adobe software you have on your system, and possibly what operating system (Windows 7 64Bit here) you are running.

 

Sorry I couldn’t help any further with this one.

 

Jim Hodkinson

Thanks Jim,

 

I don't think part of Adobe... after running ESET in Normal Mode (Win XP x64) I still had those 3 files. I could not delete them either. I have IE8 btw.

 

On a system reboot... rxsupply.sys caused a BSOD (just before entering Windows in Normal Mode) so that is when I re-ran ESET / Spybot (in Safe Mode)... files still weren't removed but I could delete them. Also found (and deleted) a couple registry entries referring to rxsupply.sys.

 

This is a link I found re: rxsupply.sys http://www.threatexpert.com/report.aspx?md5=24e5ba364afcaa1a4754a8902301c312 (couldn't find a.cmd btw).

 

Rob

Am coming late to this party but just wanted to mention that I wound up with a nasty sirefef infection on Wednesday afternoon. ESET NOD 5 was able to flag it but not delete it, and after many unsuccessful attempts to strip out the offending files, I wound up having to reinstall windows. I can't say for sure that Avsim was the source of the infection, but I did visit on Wednesday so I thought I'd call it to everyone's attention just to be safe. I've now upgraded to the full ESET Smart Security suite and turned on a bunch of Windows security settings that I'd stripped out, and I was able to delete the sirefef files from the windows.old folder after the reinstall, so things are looking better. It's been a lively couple of days, though.

It's been a lively couple of days, though.

 

Yeah I had one machine after ESET cleaning BSODing on rxsupply.sys until deleting it myself (while in Safe Mode) and the other... did a bit more aggressive cleaning (i.e. deleting associated registry entries that I was SURE were connected to that malware) and initially could not boot back into Windows.

 

Just got done with a 12hr BAV flight (no problems) but am scared to death that I won't be able to boot back into either machine. Scared as I dread the thought of a reinstall :Worried:

 

stupid malware coders... and this java business drives me nuts why it cannot be more secure...

My good news/bad news was that the virus attacked my work computer, not my flightsim computer. Obviously put a dent in my productivity but that wasn't a huge issue over the U.S. holiday break, and the work computer is a lot easier to restore than the flightsim computer.

 

I'm left wondering whether it's a good idea to continue running a stripped-down Windows 7 on the flightsim computer per Nick N's instructions. I've always sworn by them, but the fact is that NOD alone couldn't deal with sirefef - I needed to upgrade to the full Smart Security suite. Also, in the course of the reinstall on the work computer I left most of the security features turned on. I don't know how helpful they are but I'm feeling better about their being there. So the question is, are we getting past the point where it's OK to run minimal security protection? Sirefef is a nasty customer - it spawns files that then keep re-infecting the system files, so it's extremely difficult to eradicate. Feels like a bad new world to me and I'm inclined to be more conservative. What do others think?

Feels like a bad new world to me and I'm inclined to be more conservative. What do others think?

 

I've switched from IE to Chrome and have done the same thing as you Alan in regards to security settings. I ran a stripped system up to Saturday, when I had to format the drive that was infected with Sirefef and reinstall Windows.

 

It may cost me some M&M's (megahertz and megabytes), but after this latest experience I'll put up with it to avoid hours spent formatting and reinstalling.