Personally, I prefer Kerio or Sygate to the XP firewall. Both work great!
Spy Sheriff [RESOLVED]
#31
Posted 21 June 2005 - 10:27 PM
Personally, I prefer Kerio or Sygate to the XP firewall. Both work great!
#32
Posted 22 June 2005 - 08:08 AM
1) Since I downloaded the Sygate firewall, I've been figuring out what processes should be running and which shouldn't (with the help of processlibrary.com) and it turns out I have this svchost.exe file which shouldn't be running (so I blocked it with the firewall) but I would like to get rid of it. Is it as simple as just finding the file and deleting it? It is in the system32 folder.
2) Ewido has been giving me an alert about a file called msclock32.dll, also in system32 folder, which it identifies as a "dialer.generic". Ewido keeps telling me it will clean this after reboot, but when I reboot I get another warning about the same thing. Again, should I just find the file and delete it?
I hope these are easy questions! Thanks.
#33
Posted 22 June 2005 - 10:02 AM
OK, if you don't mind, I have a few more questions! But then that should be it!
1) Since I downloaded the Sygate firewall, I've been figuring out what processes should be running and which shouldn't (with the help of processlibrary.com) and it turns out I have this svchost.exe file which shouldn't be running (so I blocked it with the firewall) but I would like to get rid of it. Is it as simple as just finding the file and deleting it? It is in the system32 folder.
svchost.exe is a legitimate system file which should be running. There is no need to block this and definitely do NOT delete that file!
It needs to go. Let's make sure that's the only one (we will take care of it!)2) Ewido has been giving me an alert about a file called msclock32.dll, also in system32 folder, which it identifies as a "dialer.generic". Ewido keeps telling me it will clean this after reboot, but when I reboot I get another warning about the same thing. Again, should I just find the file and delete it?
please download RKFiles from here:
http://skads.org/special/rkfiles.zip
Unzip it to the desktop but please do NOT run it yet.
Next, please reboot your computer in Safe Mode.
Once in Safe Mode, please run RKFiles.bat. It may take a while. When it is finished a windows should appear with a log.
Restart your computer in normal mode, and please post the contents of the logfile, which should be at c:\log.txt.
#34
Posted 22 June 2005 - 08:07 PM
Here is the contents of the log.txt file:
C:\Documents and Settings\Owner\Desktop
PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Files Found in system Folder............
------------------------
C:\WINDOWS\system32\msclock32.dll: UPX!
C:\WINDOWS\system32\dfrg.msc: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAwGpEc213
Files Found in all users startup Folder............
------------------------
Files Found in all users windows Folder............
------------------------
C:\WINDOWS\tsc.exe: UPX!
C:\WINDOWS\vsapi32.dll: UPX!t4
Finished
bye
#35
Posted 22 June 2005 - 08:25 PM
* Run Killbox.exe.
* Select "Delete on Reboot".
* Copy the file name below to the clipboard by highlighting it then press CTRL + C
C:\WINDOWS\system32\msclock32.dll
* Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
* Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. If your computer does not restart automatically, please restart it manually.
After your computer reboots, Post a new HiJackThis log and let me know if Ewido is still finding it (this will kill the file, I'm just making sure it doesn't come back!)
Edited by bananafanafo, 22 June 2005 - 08:26 PM.
#36
Posted 23 June 2005 - 05:50 AM
Here is my lasted HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 7:42:51 AM, on 6/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\tp4mon.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\AEIWLSTA.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [TrackPointSrv] tp4mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AEIWLSTA.EXE] AEIWLSTA.EXE START
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC1.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17....es/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1094669078428
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://evite.kodakga..._1/axofupld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://sympatico.zon...ro.cab34246.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/...aploader_v6.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
#37
Posted 23 June 2005 - 10:42 AM
Please go here: Kaspersky Web Scanner
Fill out the info and click OK. Follow the instructions on the screen to download the ActiveX and run the scan (it will take a while!) After it's done, please give me the list of the infected files it finds and delete them as well.
#38
Posted 23 June 2005 - 07:45 PM
Here are the results from the kaspersky scan - it looks like everything is in the norton quarantine - should I still delete the files?
-------------------------------------------------------------------------------
KASPERSKY ANTI-VIRUS WEB SCANNER REPORT
Thursday, June 23, 2005 21:41:47
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Anti-Virus Web Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 24/06/2005
Kaspersky Anti-Virus database records: 127525
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
C:\
D:\
Scan Statistics:
Total number of scanned objects: 33420
Number of viruses found: 11
Number of infected objects: 31
Number of suspicious objects: 2
Duration of the scan process: 3358 sec
Infected Object Name - Virus Name
C:\Program Files\Norton AntiVirus\Quarantine\039B6A93.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\0846337D.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\084A5D79.exe Infected: Trojan-Downloader.Win32.IstBar.gen
C:\Program Files\Norton AntiVirus\Quarantine\08503172.exe Infected: Trojan-Downloader.Win32.Agent.hw
C:\Program Files\Norton AntiVirus\Quarantine\08503172.php Infected: Trojan-Downloader.JS.IstBar.k
C:\Program Files\Norton AntiVirus\Quarantine\08545B6E.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\0857056B.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\0C904EC5.htm Suspicious: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\124C0753.exe Infected: Trojan-Downloader.Win32.Small.alr
C:\Program Files\Norton AntiVirus\Quarantine\14FB3619.php Infected: Trojan-Downloader.JS.IstBar.k
C:\Program Files\Norton AntiVirus\Quarantine\1925652E.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\207C2274.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\299E24DC.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\2F3471A2.exe Infected: Trojan-Downloader.Win32.IstBar.ir
C:\Program Files\Norton AntiVirus\Quarantine\2F381B9F.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\307D3E2F.exe Infected: Trojan.Win32.Dialer.gx
C:\Program Files\Norton AntiVirus\Quarantine\32AE5745.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\3DA91509.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\3DB06902.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\3DB312FE.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\4F325819.exe Infected: Trojan-Downloader.Win32.Dyfuca.dx
C:\Program Files\Norton AntiVirus\Quarantine\51F33391.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\51F9078A.dll Infected: Trojan.Win32.P2E.bt
C:\Program Files\Norton AntiVirus\Quarantine\53B608BA.exe Infected: Trojan-Downloader.Win32.Small.alr
C:\Program Files\Norton AntiVirus\Quarantine\5948361C.php Infected: Trojan-Downloader.JS.IstBar.j
C:\Program Files\Norton AntiVirus\Quarantine\75772557.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\76C44E61.php Infected: Trojan-Downloader.JS.IstBar.k
C:\Program Files\Norton AntiVirus\Quarantine\77560366.dll Infected: Trojan.Win32.P2E.bt
C:\Program Files\Norton AntiVirus\Quarantine\77A03386.htm Suspicious: Exploit.HTML.Mht
C:\Program Files\Norton AntiVirus\Quarantine\7B9C4FB6.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\7B9F79B3.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\7BA323AF.exe Infected: Trojan.Win32.P2E.br
C:\Program Files\Norton AntiVirus\Quarantine\7F926D42.exe Infected: Trojan-Downloader.Win32.Small.alr
Scan process completed.
#39
Posted 23 June 2005 - 07:49 PM
#40
Posted 23 June 2005 - 10:43 PM
I think that should just about do it - I must have the cleanest computer in all of Canada. Thank you once again for all your help!
#41
Posted 23 June 2005 - 10:47 PM
#42
Posted 24 June 2005 - 01:55 AM
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
#43
Posted 24 June 2005 - 05:22 PM
Copy everything in the code box below and paste it into notepad. Go up to "File > Save As..." and click the drop-down box to change the "Save As Type" to "All Files". Save it as wininet.bat on your desktop.
dir %Systemdrive%\wininet.dll /a h /s > files.txt start notepad files.txt
Double click wininet.bat and when it is ready it will open files.txt
Copy the content of files.txt and paste it here.
Thank you!!
#44
Posted 28 June 2005 - 05:38 PM
Everything is still running great - still a few pop-ups, and that weird ewido message about msclock32.dll still shows up every once in a while - but that file doesn't seem to be anywhere on my computer, so it must just be an ewido blip or something. Compared to what was going on before, this is perfection!!!
Anyway, here is the text from the files.txt file - hope it's helpful!
Volume in drive C has no label.
Volume Serial Number is 8480-4E0D
Directory of C:\WINDOWS\$hf_mig$\KB883939\SP2QFE
05/02/2005 04:57 PM 658,944 wininet.dll
1 File(s) 658,944 bytes
Directory of C:\WINDOWS\$NtServicePackUninstall$
02/18/2005 04:19 PM 592,384 wininet.dll
1 File(s) 592,384 bytes
Directory of C:\WINDOWS\$NtUninstallKB883939$
08/04/2004 03:56 AM 656,384 wininet.dll
1 File(s) 656,384 bytes
Directory of C:\WINDOWS\$NtUninstallKB890923-IE6SP1-20050225.103456$
02/06/2004 07:05 PM 588,288 wininet.dll
1 File(s) 588,288 bytes
Directory of C:\WINDOWS\ServicePackFiles\i386
08/04/2004 03:56 AM 656,384 wininet.dll
1 File(s) 656,384 bytes
Directory of C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819
08/04/2004 03:56 AM 656,384 wininet.dll
1 File(s) 656,384 bytes
Directory of C:\WINDOWS\SoftwareDistribution\Download\c18f704c05de93348e71fb7005eeea05\sp2gdr
05/02/2005 04:52 PM 657,920 wininet.dll
1 File(s) 657,920 bytes
Directory of C:\WINDOWS\SoftwareDistribution\Download\c18f704c05de93348e71fb7005eeea05\sp2qfe
05/02/2005 04:57 PM 658,944 wininet.dll
1 File(s) 658,944 bytes
Directory of C:\WINDOWS\system32
05/02/2005 04:52 PM 657,920 wininet.dll
1 File(s) 657,920 bytes
#45
Posted 28 June 2005 - 10:56 PM
I don't like that Ewido is popping up about msclock especially when the real-time protection will only last for 2 weeks from download. If this scan doesn't find it, then Ewido is probably finding the file in System Restore (which we can fix!)
*Please download DLLCompare.
*Save it to the desktop and run it by double-clicking DLLCompare
*Put a check next to "Include SubDirectories"
*Click "Run Locate.com" to scan for DLL files.
*When the scan is finished (it will say "Completed the Scan" in blue), click "Compare".
*Finally, when it's done comparing (It will say "Completed" in blue), click "Make a Log of What Was Found".
*Click YES at the prompt.
*Copy the entire contents of the notepad and paste it here.
Edited by bananafanafo, 29 June 2005 - 01:46 AM.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users