Thanks!
Something nasty...
Started by
waterwork
, May 07 2005 03:06 PM
#16
Posted 17 May 2005 - 01:34 PM
Thanks!
#17
Guest_nommork_*
Posted 17 May 2005 - 07:42 PM
Please go here and read teh instructions, run DLLCompare and post a log file
#18
Posted 17 May 2005 - 09:07 PM
Done - here is the log file:
* DLLCompare Log version(1.0.0.125)
Files Found that Windows does not See or cannot Access
*Not everything listed here means you are infected!
________________________________________________
O^E says: "There were no files found "
________________________________________________
1,208 items found: 1,208 files, 0 directories.
Total of file sizes: 218,728,015 bytes 208.59 M
Administrator Account = True
--------------------End log---------------------
* DLLCompare Log version(1.0.0.125)
Files Found that Windows does not See or cannot Access
*Not everything listed here means you are infected!
________________________________________________
O^E says: "There were no files found "
________________________________________________
1,208 items found: 1,208 files, 0 directories.
Total of file sizes: 218,728,015 bytes 208.59 M
Administrator Account = True
--------------------End log---------------------
#19
Guest_nommork_*
Posted 18 May 2005 - 05:01 AM
Appears all have been removed
How is your machine running
How is your machine running
#20
Posted 18 May 2005 - 06:29 AM
Still got the little red circle with the X in it in the system tray, and still getting popups. Computer crashes after running for 30-45 min.
By the way - thanks again for all your help, I know this thing is a real pain in the [bleep]!
By the way - thanks again for all your help, I know this thing is a real pain in the [bleep]!
#21
Guest_nommork_*
Posted 18 May 2005 - 09:49 AM
HAve HJT remove this in Safe Mode
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.specialgo...info/ad/ad0058/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.specialgo...info/ad/ad0058/
#22
Posted 18 May 2005 - 08:48 PM
Went and re-reviewed the instruction above, re-ran Silent Runners and realized that that [bleep] param32.dll file was hiding out in the C:\WINNT directory instead of the C:\WINDOWS\System32\param32.dll
I killed it with Killbox, and seems like we are looking good!
I killed it with Killbox, and seems like we are looking good!
#23
Guest_nommork_*
Posted 19 May 2005 - 04:04 PM
Could you post a new HJT log file
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users