honey_sucker7814

Can someone change the title topic - with Resolved word.

i ran MAMB and deleted the spyware in safemode.Used CCCLeaner to clean the registry. In safe mode i restored my pc to a week before and the virus is gone. I ran MAMB to clean up the System Volume Information drive as the spyware is still showing up in the system restores. Used AVG and MAMB to clean up everything. This spyware comes back when started in normal mode along with the Windows Security center. Windows security center doesnt start in safe mode. I can access the System restore in safe mode. Now my system is spyware free. Thaanks for your help my friend. Much appreciated.

It doesnt tell the dll name. There are weird characters like @#$bxo....dll in the "Unable to Locate Component" box.

Hi, I cannot run KillBox on the infected PC. The application failed to start because !@#$%^&*(.dll was not found.Re-installation the app will fix the problem.

Looks like it is stuck at the Registry. Looks like it is not able to unregister the vmreg.dll. If it helps - I tried to unregister the vmreg.dll earlier.But i could not. Maybe your application is also not able to uninstall. I am comfortable with unregistering dll's,playing with regedit etc. Let me know

When i pasted into the yellow box and clickde on MoveIt button. I am waiting for the past 10 mins and nothing seems to be happening. I saw the Process explorer.exe killed successfully. After that there is REGISTRY and it is staying there for the past 10 mins. Should this be taking so long.

Here you go my friend.... task.txt Export SharedTaskScheduler key ------------------------------ REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:36:39, on 12/29/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\

I cannot find BFU.exe in the link that you provided me.

Thanks a lot for your help... SmitFraudFix v2.387 Scan done at 23:16:16.89, Sun 12/28/2008 Run from C:\Documents and Settings\M157236.DNNA\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1

Here is the output from Smitfraudfix SmitFraudFix v2.387 Scan done at 15:38:17.23, Sat 12/27/2008 Run from C:\Documents and Settings\M157236.DNNA\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.ex

Here is the requested log.. ******************************************************************************** * * * FixIEDef Log * * Version 1.7.20.7201 * * * ******************************************************************************** Created at 13:30:22 on Saturday, December 27, 2008 Time Zone : (GMT-05:00)

I installed MAMB..Ran full scan...rebooted...no luck. Tried in safe mode...deleted the reg entries given in other forums...no luck. I am posting my hizackthis log...Please help. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:34:33, on 12/27/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svcho