I just don't get it
KilJaeden
USA
Everytime I think I get rid of this crap it just comes back. It is that about:blank crap again. I no longer find any coolweb stuff anymore. It is really getting on my nearves. I removed all instances that I could find from the registry. I deleted the dll in the system32 folder and some files in the temp folders. WERE IS IT COMING FROM! System resotre is off too. BLAST!
0
Comments
O2 - BHO: (no name) - {7bea8f78-98b7-4de4-87a2-f72e5d72a5c8} - (no file)
Not sure about those, make sure they're backed up before you get rid of them. Everything else looks legit however I would still get rid of a lot of them personally.
Along with spybot, have you also ran adaware?
How about regcleaner? Attack this beotch from all sides. http://www.worldstart.com/weekly-download/archives/reg-cleaner4.3.htm
I think HJT 1.98 will show appinit dll entries. Try updating HJT and post a new log.
If you were wondering what Hot Sync is, it is how I syncronise my palm pilot with the virtual one on my computer
Here is the new log:
http://www.commandondemand.com/ and run the Command On Demand online scanner. These folks are actually integrating good BOT and TROJAN defs into thier AV online scanner. Provide the info requested, you will get an email with the online scanner specific URL. Go to that place, then scan. By defs, it can tell you more of teh trojans than any US AV mfr, and can also by Heuristics tell you if some things are acting strangely. The defs there can ID many bots also, especially those of type SpyBot.
It is sponsored by Authenium's Command Software division. Command AV is ICSA, and EICAR, and Virus Bulletin approved. It is one of the best in the world. Period. Kaspersly Lab's AV and F-Prot AV are close to it in quality. Symantec's consumer AV is not detecting Trojans real well, and is detecting spybot droppers so poorly I no longer recommend it.
I found the cure was to boot into safe mode (hit F5 upon boot up before the XP boot screen shows) disable System Restore on any hard drive then run your removal software.
After that reboot into normal mode and re-enable System Restore and you should be good to go.
Some of that scumware goes into System Restore and when it sees it's been removed under normal running will slip itself back into the folders it was in.
The programs for killing the scumware can't get into the System Restore files while it's enabled so you keep having it magically re-appear.
This is also helpful for trojans and certain worms as well.
I hope this helps.
I have run Norton before, but my definitions are 3 months old and my license expired.
Worse comes to worse, I will format.
I guess I will try it again in safe mode.
EDIT:// odd, I still can't seem to find the dll. The virus scanner keeps picking it up every minute or so, but I just can't find it. Does anyone have any ideas?
Thanks prime. That program did the trick. That thing just didn't want to be deleted.