you are awsome.
I just emptied and deleted what you told me to and ran Spybot and my Anitvirus with no detections.
When I was infected i would get pop-ups from my AV saying detection in...
Type: Posts; User: sicklittleone2; Keyword(s):
you are awsome.
I just emptied and deleted what you told me to and ran Spybot and my Anitvirus with no detections.
When I was infected i would get pop-ups from my AV saying detection in...
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Thursday, October 11, 2007 11:14:21 PM
Operating System: Microsoft Windows XP...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:54:03 PM, on 10/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
Dumb question,
Which program is Kaspersky?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:41:31 PM, on 10/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
...
----a-w 14,048 2005-02-25 04:35:06 C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll
----a-w 209,632 2005-02-25 04:35:06 C:\WINDOWS\$hf_mig$\KB901214\spuninst.exe
----a-w ...
((((((((((((((((((((((((((((( snapshot@2007-10-06_23.44.17.76 )))))))))))))))))))))))))))))))))))))))))
.
----a-w 14,048 2005-02-25 03:35:06 C:\WINDOWS\$hf_mig$\KB901214\spmsg.dll...
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-08-26 19:14 --------- d-----w C:\Program Files\MSTpscre
2007-08-23...
ComboFix 07-10-11.1 - Scot 2007-10-10 19:30:40.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.660 [GMT -7:00]
Running from: C:\Documents and...
Avenger Log
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\nykiyeal
*******************
Script file located...
HJT Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03:49 PM, on 10/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot...
ComboFix 07-10-06.5 - Scot 2007-10-09 20:08:46.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.473 [GMT -7:00]
Running from: C:\Documents and...
I have posted the files for you on spykiller.
thanks for the help with this nasty little bugger
Here are the results:
bwoncqcb.sys
A-Squared Found Trojan.Win32.BHO.gy
AntiVir Found TR/Rootkit.Gen
ArcaVir Found Trojan.Bho.Gy
Avast Found nothing
AVG Antivirus Found nothing ...
NEW HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:56 PM, on 10/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)...
let it sit for a few hours and it finally ran.
Combo fix log file
ComboFix 07-10-06.5 - Scot 2007-10-06 23:35:44.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.663...
Here is the new HJT Log just in case it helps
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:58:24 PM, on 10/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet...
O.K.
When i run combofix it gives me this message and tries to run again & again & again & You get the point.
"The COMSPEC environment variable was found to be corrupt. Combofix has attempted...
Here is the log from Vundofix.
I work all day so I am going to post at night when I get home. Thanks for the help on this
VundoFix V6.5.9
Checking Java version...
I have already run Vundofix.exe and here is my HJT log with HTJ renamed scanner.exe.
Thanks
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:08 PM, on 10/1/2007
Platform:...