Sorry about comf - should have read ms.dll I reuse text and forgot to modify a bit there :( Post a fresh HJT log file Additionally, post...
If you run this http://www.spywareinfoforum.com/~merijn/files/CWShredder.exe do they show up again? You could also download (right click)...
it's too bad I can't see anything there From the sites involved there is no doubt that it is cool web search related I'm worried that I...
The problem with lop is that once it's present - it installs even more stuff which installs ... From "Add/Remove Programs" - Uninstall...
Post the scan log from HijackThis Unzip it somewhere to keep and run hijackthis.exe - press Scan - the Scan button changes to a Save Log button...
I'd like you to try AboutBuster on this one Download it from http://tools.zerosrealm.com/AboutBuster.zip Unzip it to somewhere for use later...
Could you please download appinit.zip Extract the contents to a folder and double click the runread.exe (not the regread.exe) - this will produce...
This one is going to be a pain :( I think we really need to delete the C:\WINDOWS\SYSTEM32\MS.DLL file first, and do the rest of the cleanup...
looks ok to me 8)
It's a form of CWS infection Fry these ith the browsers closed R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =...
..... 8) keep an eye on it - post back if ...
Last step(s): -Open the FINDnFIX\Files2< Subfolder: Run the -> "ZIPZAP.bat" file. It will quickly clean the rest and will create a zipped...
If you can - zip and email msonma.dll Send it to jack_macaulay @ telu.net ( remove the spaces around the @ ) If you can't -- post back
glad to hear it 8) After frying the files - what you should probably do is wipe your restore points and make a new one so that it can't come...
Looking at the file sizes all these are involved ( 57,344 = 56.00 K ) (all in C:\WINDOWS\SYSTEM32\ ) comjba.dll comk.dll kbdhmhk.dll res.dll...
************************************* Last step(s): -Open the FINDnFIX\Files2< Subfolder: Run the -> "ZIPZAP.bat" file. It will quickly...
I hate to put you through more stuff - but Can you download http://download.broadbandmedic.com/VX2Finder(126).exe Press the Click to Find VX2...
The worst culprit is C:\WINDOWS\System32\wdmb.dll This will take couple or more steps to fix. Be sure to Follow the next set of steps...
Use Taskmanager (Ctrl-Alt-Del) to end these running processes if you can (or use Process Explorer) C:\WINDOWS\IPGR.EXE Download CWShredder...
probably partial and some stuff missing ? FAL says this about it ---------------------- Created 'services.exe' under user account, munged...
If in notepad edit > select all Edit > copy In the reply box on the board - click into it - right click and paste -------------- If you...
In addition to the hotkiss dialler you have a SDBOT.KN infection Use Taskmanager (Ctrl-Alt-Del) to end these running processes if you can (or...
Download FindnFix http://downloads.subratam.org/FINDnFIX.exe Double Click on the FindnFix.exe you downloaded earlier and it will install into...
msonma.dll - i was thinking CWS but that's why I was asking about R0 and R1 entries Could you please download appinit.zip Extract the contents...
Separate names with a comma.
