Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. CableInstaller

    wVnlogin.exe, or w?nlogin.exe

    ??plorer.exe etc are quite common, they are using characters from the russian alphabet as replacements for originals(because they look similar). Windows will show the characters when browsing so it is hard to spot, other than "explorer.exe" not being sorted by name properly. Do file find and...
  2. CableInstaller

    VX2 problem

    Updated Killbox will remove those vx2 files, as long as the specified removal technique is used. See: http://www.lavasoftsupport.com/index.php?showtopic=54511 for description and usage, as well that was to remove the base dll's, there is much more damage to the system that will need to be cleaned.
  3. CableInstaller

    can't find infected file

    Windows hides user TIF content while logged into the profile. If you login to a different account you will have access to those files in the Administrator profile providing the files were not made private. If you know the actual path you can copy and paste into Killbox and delete it that way, it...
  4. CableInstaller

    vx2 here ?

    never tried on Win9x system yet... I imagine though with limited processes to hook, removal cant be all that hard hmm i will see..
  5. CableInstaller

    vx2 here ?

    I wrote up some removal info, as well I updated killbox to deal with this new version. http://www.lavasoftsupport.com/index.php?showtopic=54511 New killbox is available from : http://www.downloads.subratam.org/KillBox.exe only so far (new version) I've played with this new L2M a bit and...
  6. CableInstaller

    Norton 2004 on xp

    Well, there are alot of half truths in those reports.. i have it installed on a couple of my machines and i will give you my honest opinion.. -It works well providing you disable the excess bloat like recycle bin protecting, and those bloodhound scans, also disabling a couple of the services...
  7. CableInstaller

    Cannot remove "SearchTheWeb" Toolbar

    msimtf and msctf are for MS Office installations. the log must have been bigger than that?? Most times the dll file will only be hooked with iexplore.exe or explorer.exe. you get an eye for spotting crap files after awhile. If you do a quick once over on a full log, at first glance, look for...
  8. CableInstaller

    Cannot remove "SearchTheWeb" Toolbar

    MakeItSo there is a batchfile written by one of the Spyware experts @ SWI called pv.zip http://tools.zerosrealm.com/pv.zip I would download and unzip..run the "runme.bat" and select the #2 option to list Iexplore dll files. Post that log here.
  9. CableInstaller

    How to kill Cool Web Search

    Would be nice to see a followup HiJackThis log... I'm not sure if About Buster tool will remove AD Streams yet??
  10. CableInstaller

    evkionbu.exe, polall1r.exe, set12.tmp keep coming back

    O2 - BHO: (no name) - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll O2 - BHO: (no name) - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll These are your...
  11. CableInstaller

    How to kill Cool Web Search

    You realize you are victim of alternate data streams as well? C:\WINNT\sapdoccd.log:tgnqc these are somewhat tricky to detect and remove, involves some third party tools and removal techniques. Seems this thread died :( I was waiting to see the outcome or chance to suggest some cleaning methods
  12. CableInstaller

    HiJack This log

    these 2 LSPs O10 - Unknown file in Winsock LSP: c:\windows\system\cdlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system\lspak.dll Are usually related to Look2Me and may be still infecting your computer as it is not recognized with HiJackThis. For 9x systems you can try...
  13. CableInstaller

    how to remove d3d.dll

    The file "C:\WINNT\system32\d3d.dll" is a mystery without doing file properties on it. It would seem it is either a library used in Unreal Tournament or it is an actual trojan.. Why it would need to load in AppInit_DLLs is suspicious at most. Perhaps find this d3d.dll in system32 and see what...
  14. CableInstaller

    how to remove d3d.dll

    jadoogar I made up this scanner based on some other programs to scan for files related to that virus or better know as cws. http://download.broadbandmedic.com/DllCompare.exe *Not all files listed will be trojan, but if you have the trojan dll it will be listed there. If you leave it at...
  15. CableInstaller

    Pocket Killbox

    http://download.broadbandmedic.com/Killbox.exe Killbox File and Process killer Since the older version was becoming outdated this one will take its place. -Paste file paths from HiJackThis logs or Browse for file to kill. -Functions to delete on reboot. -Running Process list and "Task Ender"...
  16. CableInstaller

    How to Get Rid of VX2-BetterInternet-Look2Me

    Gabriel714 Theres a little more to it than just deleting the file(s). You still have a reg key under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify called Guardian<something> that will attempt to load a now, non-existent dll file. Those VX2 files also remove...
  17. CableInstaller

    Smiley Central and other fun programs

    carrr the Kill2Me tool only works with windows 9x versions and was not upgraded to remove the version124 of the current Look2me threat. Smiley Central is directly related to the whole "FunWebProducts/Bundleware" install which is a known host for the Look2Me trojan. Troubles with Nt Admin...
  18. CableInstaller

    Smiley Central and other fun programs

    mwesol You have Look2Me trojan installed, as it's current version alters policy for Administrators so removal utilities will not work. It also resets the policy every reboot, so even if you fix it once, it will be changed by next reboot. Current Look2Me trojan is ver 124 and can be found...
  19. CableInstaller

    Plz Check My HiJackThis Log - Suspected Bug

    Since no-one is gonna ask..I will the entry "C:\Program Files\Spybot_AdWare\SpybotSD.exe" I never seen Spybot install to a directory like that, and where is the usual SDHelper.dll that would also show in the HiJackThis log as a BHO? Maybe you did this on purpose or maybe you got some bogus...
  20. CableInstaller

    IE keeps trying to open SAFESEARCH

    With Ad-aware the key to removing objects is to scan with an updated reference file, as so many just download the program and scan with a reference file thats a year old. So far Ad-aware takes the lead in removal of these types of Hijackers and data miners, updates are as common as 2 - 3 per...

Part and Inventory Search

Back
Top