scan completed successfully hidden files: 0

Cookiegal, Jan 13, 2006 #12 TheAnonymous Thread Starter Joined: Jan 7, 2006 Messages: 7 Okey dokey. ComboFix log that ran with script blocking on ComboFix 07-11-07.3 - Number1 2007-11-06 20:42:47.1 - NTFSx86 Running from: C:\Documents and Settings\Number1\Desktop\ComboFix.exe * Created a new restore point .

Delete the contents of that, then copy/paste into that box the contents of your myfile.txt. Click on the Next button, to remove Trojan.BHO adware.

Solved: "Pmnno.dll" from Downloader.ASN problem and/or WINFIXER Discussion in 'Virus & Other Malware Removal' started by TheAnonymous, Jan 7, 2006. Download Link -> [76.2 KB]MD5 SUM: a210c12a8264c024da5e0b05cb082a14 Then run your antivirus to remove any left over files Post a fresh HJT log & the report from this tool please. Now you should turn system restore off to flush out all previous system restore points, then turn it back on and create a new restore point: To turn off system restore,

Although this application is not malware itself, the files downloaded with it are often a major source of infection. Put a check by "Delete Offline Content" and click OK.

Cookiegal, Jan 9, 2006 #6 TheAnonymous Thread Starter Joined: Jan 7, 2006 Messages: 7 Alright. I hope I didn't mess this up, I really don't think of myself as a noob but, well, I had Norton Internet Security off and set to start manually and auto TheAnonymous, Jan 8, 2006 #3 Cookiegal Administrator Malware Specialist Coordinator Joined: Aug 27, 2003 Messages: 105,556 It's not a zipped file, it's a direct download.

I'm sure you know there was only one other line in that hosts file before I changed it and verified it again before I ran it.

  3. Attempting to delete C:\WINDOWS\system32\jkhhf.dllC:\WINDOWS\system32\jkhhf.dll Has been deleted!
  Reboot your computer normally, start HijackThis and perform a new scan.
  After reviewing your log I see a few items that require our attention.
  Advertisement TheAnonymous Thread Starter Joined: Jan 7, 2006 Messages: 7 So my computer is really slow.

The tool ends an important Windows Process that was protecting the file and NT Security STOPS the system as soon as it detects this is happening. Anyway I saved off that first log before I ran it a second time, so I'll paste them both in here, the first unsuccesful one in this message and the second Then we'll run a scan to see if anything is hiding out. Please submit the following files for analysis. Jotti File Submission: Please go to Jotti's malware scan Copy and paste the following file Your computer should now be free of the Trojan.BHO infection.

When the Malwarebytes Anti-Malware scan has finished, click on the Show Results button.

In the wild, Trojan:Win32/BHO.BO may be present as the following: \lib.dll The registry is modified to run the trojan as a BHO when a Web browser is launched.

C:\WINDOWS\system32\deptahks.dllbox . ((((((((((((((((((((((((( Files Created from 2007-10-07 to 2007-11-07 ))))))))))))))))))))))))))))))) . 2007-11-06 21:18 2,397 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2007-11-06 20:40 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-11-06 15:59 87,104 --a------ C:\WINDOWS\system32\tonexebx.dll 2007-11-06 15:59 81,472 --a------ C:\WINDOWS\system32\ndfather.dll Please use them so that others may benefit from your questions and the responses you receive. Post that log in your next reply Note: Do not mouseclick ComboFix's window whilst it's running.

My mcafee security thing keeps saying that "pmnno.dll" in Windows/System32 is infected. Please perform all the steps in the correct order. There are several dll's and some .ini and .bak files created at the same time and since in system32 I got infected at 5 a.m.

Please be patient as this can take a while to complete (up to 10 minutes) depending on your system's specifications. If you would like help with any of these fixes, you can ask for free malware removal support in the Malware Removal Assistance forum. A few years ago, it was once sufficient to call something a 'virus' or 'trojan horse', however today's infection methods and vectors evolved and the terms 'virus and trojan' no longer provided What is the exact error message you got?

Attempting to delete C:\windows\system32\ssqrs.dllC:\windows\system32\ssqrs.dll Has been deleted! Attempting to delete C:\windows\system32\gebcy.dllC:\windows\system32\gebcy.dll Has been deleted!