Post the scan log from HijackThis to this thread Unzip it somewhere to keep and run hijackthis.exe - press Scan - the Scan button changes to a...
Yes Here are the usu. instructions: Post the scan log from HijackThis Unzip it somewhere to keep and run hijackthis.exe - press Scan - the...
Terminate this porcess C:\WINDOWS\C_PAN.EXE Run HijackThis again, push Scan and place a check mark next to the following items using your...
I would have preferred you to use the much newer version of HJT which I linked above Use Taskmanager (Ctrl-Alt-Del) to end these running...
Please do the following Use Taskmanager (Ctrl-Alt-Del) to end these running processes if you can (or use Process Explorer)...
Use Taskmanager (Ctrl-Alt-Del) to end these running processes if you can (or use Process Explorer) C:\WINDOWS\System32\mcc.exe Run HijackThis...
Can you account for the boot delay as a scan from TDS-3 ? I haven't used it in a while - but that used to be one of the options in it
Post the scan log from HijackThis Unzip it somewhere to keep and run hijackthis.exe - press Scan - the Scan button changes to a Save Log button...
Re: Recurring Trojan Horse Dialer Before you start, please unzip HijackThis to it's own folder somewhere. The program will make backups in the...
Looks ok I think - you could delete the findnfix folder as well as the c:\junkxxx one. If it comes back - let me know
Sorry - I'vebeen away for a while Before you begin - you should be aware of this possibility...
File identified! This will take couple or more steps to fix. Be sure to Follow the next set of steps carefully, in the exact order specified:...
Download and install APM from: http://www.diamondcs.com.au/index.php?page=apm Download FindnFix http://downloads.subratam.org/FINDnFIX.exe...
GLB1A2B.EXE is (I think) a fairly common name for a rather common installer (not viral) I think the info you found on google is likely wrong....
Re: HijackThis Log Inside I need help please For that one - I think you could try http://www.pchell.com/support/onlythebest.shtml after that...
The current uglies are: C:\WINDOWS\SYSTEM32\DLLXXX.TXT C:\WINDOWS\System32\COMIH.DLL My bad ? It's not service.msc it's services.msc and you...
These are the problem files C:\WINDOWS\System32\comih.dll is the appinit C:\WINDOWS\System32\hjg.dll is the bho Go through all of the...
It's brand new -- I just wrote it :D It's still a work in progress - still have to randomize filenames etc.
Did you ever use blowfish encryption - or run some encrypting utility for folders etc. ? Post the StartupList log In HJT use Config > Misc...
Not that I'm aware of - but have been noticing bios issues with some trojans lately Can you reload the bios defaults and then set it up again -...
If you had sasser - you really need to go to windows update and get all the critical updates. I think they are actively checking for sasser...
Ok - let's try it this way Determine the name of the appinit file using runread (I'll assume it's still wdmb.dll) Download FindnFix...
It's become this O2 - BHO: (no name) - {834EAFD4-9B4F-4786-87F2-13FAC1759931} - C:\WINDOWS\System32\ejj.dll You can add these to the list of...
nothing obvious - are u noticing something ?
I guess so - but have a look for a new one of the same form using HJT - they some 'morph' if you've tried to remove them
Separate names with a comma.
