Options
Help Required - 2 unremoveable Trojans?
Hi all - I have got two issues I need some help with.
Firstly, my internet explorer home page has been hi jacked with a dll I cannot access or remove (res://C:\WINDOWS\system32\shdocsv.dll/API32.htm#ID=347;065D) - it displays an advert for spyware. (Evidence Eliminator)
Secondly, my desktop has also been hi-jacked by another spyware system(http://www.antivirus-gold.com/?wm=&swm=), which has loaded a screen.html document into my C:\Windows.
I have tried using Hi-Jacksoftware (as presented in these threads) but tono avail. Can anybody help?
Firstly, my internet explorer home page has been hi jacked with a dll I cannot access or remove (res://C:\WINDOWS\system32\shdocsv.dll/API32.htm#ID=347;065D) - it displays an advert for spyware. (Evidence Eliminator)
Secondly, my desktop has also been hi-jacked by another spyware system(http://www.antivirus-gold.com/?wm=&swm=), which has loaded a screen.html document into my C:\Windows.
I have tried using Hi-Jacksoftware (as presented in these threads) but tono avail. Can anybody help?
0
Comments
The issue remaining is the home page for IE - I have since downloaded firefox as a temporary solution - but obviously not perfect.
Anyway...
Do you use Adaware? I think that Adaware may let you delete it.
The IE problem.. is a little tougher... Do you know the name of the program that causes this problem? Do you know where it is located on you computer?
EDIT: I hope that I don't get into trouble for this...
EDIT AGAIN: I wonder why Buckeye-Sam hasn't posted here yet...
It is also calling an API called API32.htm. But is cannot locate this (ive performed a search, and found one in the Temp directory, deleted it, but the problem was still there.)
I can locate the dll through the command line, but it is read only. I have started the computer in safe mode, but it is still in read only mode there aswell.
Im confused!
http://www.short-media.com/forum/showpost.php?p=172584&postcount=2