MY wow account was hacked, restored, then hacked again the next day - upon running scans (only with WoW client OPEN do these virus's show up)
Upon running AVG I get 2 results - the same virus, one of which it says is cleared, the other incurrible, although repeated scans show BOTH every time * trojan horse agent2.bgqj *
in 2 different places -
c:\\windows\system32\svhost.exe (2588):\memory_00400000 AND
Upon running malwarebytes I get 1 result - rootkit.bubnix
which it cannot clear.
following the forums at http://forums.malwarebytes.org/index.php?s...6&hl=bubnix i download tdsskiller which only shows up as a suspicious file at jmjjyd.sys which I believe to be the virus itself, based on what was said in the posts about how this virus creates a service in that directory its in and randomly names it, and I can't find any jmjjyd.sys on google. but even TDSSKiller doesnt work, it only causes a bluescreen when i say Reboot now.
Also, having disabled avg and ran Combofix, I was certain that would fix it, but no such luck!
Including: Logs from the directions here http://www.bleepingcomputer.com/forums/topic34773.html and I was asked to include combofix logs since i ran it, but I don't know where those logs are exactly or which log to choose from in the folder for combofix, i have combofix2 combofix3 combofix4 etc to pick from not sure which one is the up to date.
as of writing this - GMER has been stuck on the scan for about 5 minutes, and causing a lot of lag in general, the first scan i tried to do i had to reboot from it freezing - I went ahead and saved the report and uploaded it.