legacycentral bbs

run this program and paste the log:

http://www.gmer.net/

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-22 00:37:05
Windows 5.1.2600 Service Pack 2
Running: 07pz6rni.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\axxoapog.sys


---- Kernel code sections - GMER 1.0.15 ----

? pkshbhxa.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe[1888] kernel32.dll!CreateThread + 1A 7C810661 4 Bytes CALL 0316A939 C:\Program Files\Spybot - Search & Destroy\Plugins\Chai.dll

---- EOF - GMER 1.0.15 ----

I'd have to say pkshbhxa.sys, 07pz6rni.exe, and the axxoapogo.sys files are what's causing your problems.

I have never heard of either of those system files, and they do not sound legitimate. Will it physically let you find and delete those system files? or disable that 07pz6rni.exe?

Right click my computer and go to properties.
Go to hardware tab and click on device manager. Under View click view hidden devices. Go to non plug and play drivers. Look for any of those instances that log found, and disable them if possible. See if Internet access returns.

The key indication of the problem is that .sys file sitting in a temp folder. Sys files don't sit there. Can you run CCleaner and delete it? Right click on my computer and go to the restore tab. Turn off ssytem restore for the time being.

Ok... I went to device manager andnits competely blank. Went to view hidden devices and still nothin

If I were you, I would just get your files off and reinstall windows. You probably could have done it twice in the amount of time you've spent chasing this thing around, and the fix is going to be complicated. A fresh install always runs faster anyway.

the only other program I could recommend running is combofix. Or install ms recovery console (or run from disk) and delete those .sys files mentioned in the GMER report along with that exe file.

Malware has gotten very complicated. as Fishbones states if you don't want to spend anymore time, you're almost better off reinstalling windows.

Ya. The only thing is I don't have the install disc anymore......

well run combo fix and see if it will delete those mentioned files. You can download recovery console. Or you could even try Microsoft Security Essentials program also.

at this point I would honestly rather save my music and pics to a CD and start from fresh. What exactly are recovery console and MSE?

recovery console allows deletion, copy, insertion, and Fixing of your OS before it loads aka like DOS...

MSE is a antivirus/malware free software suite.

hmmmm... well what do you thin would be the best way of "restoring" my computer without a recovery disc? I don't have ANY of the discs... this comp is like 8 years old, still runs good though when its not infected haha

without the disc you're pretty much hosed. You could download keyfinder and get your product key, and see if one of your friends will let you borrow their OS disc.

That or remove those files listed in the GMER report. They are more than likely the cause of your infection as stated earlier, because of their location, and oddball naming structure.

Yea. I searched for them to try and remove but no luck. I'll see what I can do

recovery console is about the only way to remove them or use combo fix, as they will hide themselves fairly well.

ok, i finally got ahold of my computer-smart buddy. He said it would be much easier to just re-format it, so I will just have him do that for me. Time to start moving all my pics/music to a disc!!

just make sure to use keyfinder to grab your product key off the PC before you re-format.

ok thanks will do. Thanks alot everyone for your help!! Malware FTL!!!!!!!

finally got my damn computer back, my friend reformatted it for me and put windows 7 on here. It should work fine until I can afford a new one!