Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Something nasty...


  • Please log in to reply

#16
waterwork

waterwork

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Is there something else I need to do to confirm the files are gone? I just looked using explorer after booting in safe mode, and I ensured that hidden and system files are displayed.

Thanks!
  • 0

Advertisements


#17
Guest_nommork_*

Guest_nommork_*
  • Guest
Please go here and read teh instructions, run DLLCompare and post a log file
  • 0

#18
waterwork

waterwork

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Done - here is the log file:

* DLLCompare Log version(1.0.0.125)
Files Found that Windows does not See or cannot Access
*Not everything listed here means you are infected!
________________________________________________

O^E says: "There were no files found :tazz:"
________________________________________________

1,208 items found: 1,208 files, 0 directories.
Total of file sizes: 218,728,015 bytes 208.59 M

Administrator Account = True

--------------------End log---------------------
  • 0

#19
Guest_nommork_*

Guest_nommork_*
  • Guest
Appears all have been removed

How is your machine running
  • 0

#20
waterwork

waterwork

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Still got the little red circle with the X in it in the system tray, and still getting popups. Computer crashes after running for 30-45 min.

By the way - thanks again for all your help, I know this thing is a real pain in the [bleep]!
  • 0

#21
Guest_nommork_*

Guest_nommork_*
  • Guest
HAve HJT remove this in Safe Mode

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.specialgo...info/ad/ad0058/
  • 0

#22
waterwork

waterwork

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Went and re-reviewed the instruction above, re-ran Silent Runners and realized that that [bleep] param32.dll file was hiding out in the C:\WINNT directory instead of the C:\WINDOWS\System32\param32.dll

I killed it with Killbox, and seems like we are looking good!
  • 0

#23
Guest_nommork_*

Guest_nommork_*
  • Guest
Could you post a new HJT log file
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP