Recent content by CableInstaller

??plorer.exe etc are quite common, they are using characters from the russian alphabet as replacements for originals(because they look similar). Windows will show the characters when browsing so it is hard to spot, other than "explorer.exe" not being sorted by name properly. Do file find and...

Updated Killbox will remove those vx2 files, as long as the specified removal technique is used. See: http://www.lavasoftsupport.com/index.php?showtopic=54511 for description and usage, as well that was to remove the base dll's, there is much more damage to the system that will need to be cleaned.

Windows hides user TIF content while logged into the profile. If you login to a different account you will have access to those files in the Administrator profile providing the files were not made private. If you know the actual path you can copy and paste into Killbox and delete it that way, it...

never tried on Win9x system yet... I imagine though with limited processes to hook, removal cant be all that hard hmm i will see..

I wrote up some removal info, as well I updated killbox to deal with this new version. http://www.lavasoftsupport.com/index.php?showtopic=54511 New killbox is available from : http://www.downloads.subratam.org/KillBox.exe only so far (new version) I've played with this new L2M a bit and...

Well, there are alot of half truths in those reports.. i have it installed on a couple of my machines and i will give you my honest opinion.. -It works well providing you disable the excess bloat like recycle bin protecting, and those bloodhound scans, also disabling a couple of the services...

msimtf and msctf are for MS Office installations. the log must have been bigger than that?? Most times the dll file will only be hooked with iexplore.exe or explorer.exe. you get an eye for spotting crap files after awhile. If you do a quick once over on a full log, at first glance, look for...

MakeItSo there is a batchfile written by one of the Spyware experts @ SWI called pv.zip http://tools.zerosrealm.com/pv.zip I would download and unzip..run the "runme.bat" and select the #2 option to list Iexplore dll files. Post that log here.

Would be nice to see a followup HiJackThis log... I'm not sure if About Buster tool will remove AD Streams yet??

O2 - BHO: (no name) - {AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344} - C:\WINDOWS\System32\nvms.dll O2 - BHO: (no name) - {CE188402-6EE7-4022-8868-AB25173A3E14} - C:\WINDOWS\System32\mscb.dll O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll These are your...

You realize you are victim of alternate data streams as well? C:\WINNT\sapdoccd.log:tgnqc these are somewhat tricky to detect and remove, involves some third party tools and removal techniques. Seems this thread died :( I was waiting to see the outcome or chance to suggest some cleaning methods

these 2 LSPs O10 - Unknown file in Winsock LSP: c:\windows\system\cdlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system\lspak.dll Are usually related to Look2Me and may be still infecting your computer as it is not recognized with HiJackThis. For 9x systems you can try...

The file "C:\WINNT\system32\d3d.dll" is a mystery without doing file properties on it. It would seem it is either a library used in Unreal Tournament or it is an actual trojan.. Why it would need to load in AppInit_DLLs is suspicious at most. Perhaps find this d3d.dll in system32 and see what...

jadoogar I made up this scanner based on some other programs to scan for files related to that virus or better know as cws. http://download.broadbandmedic.com/DllCompare.exe *Not all files listed will be trojan, but if you have the trojan dll it will be listed there. If you leave it at...

http://download.broadbandmedic.com/Killbox.exe Killbox File and Process killer Since the older version was becoming outdated this one will take its place. -Paste file paths from HiJackThis logs or Browse for file to kill. -Functions to delete on reboot. -Running Process list and "Task Ender"...