Attn: Rock or anyone else that can help

R

Rachel K

From: "Rachel K" <[email protected]> Sent: 9/19/2004
9:37:59 AM



-----Original Message-----


Where are these files and what are file names? You mean you downloaded
and ran Trend Micro's sysclean in safe mode, and you turned of system
restore? What were the results of the scan?
_____________________________________________________
The folder and file names are...
Click to expand...
(1)Folder: C\Documents and Settings\kyker\Local
Settings\temp
File: conscorr...ini
Status: Free memory
Detected: TR/Dldr.Stubby.C

(2)Folder: C\Documents and Settings\kyker\..\THI10BA.tmp
File: multimpp.cap...prelnsmm.exe
Status: Free memory
Detected: TR/Hijack.mulltiPP

(3)Folder: C\Documents and Settings\kyker\..\THI163A.tmp
File: multimpp.cap...prelnsmm.exe
Status: Free memory
Detected: TR/Hijack.mulltiPP

(4)Folder: C\Documents and Settings\kyker\..\THI22EA.tmp
File: localNRd.cab...polall1I.exe
Status: Free memory
Detected: TR/Dldr.Krepper.3

(5)Folder: C\Documents and Settings\kyker\..\THI6CF0.tmp
File: multimpp.cap...prelnsmm.exe
Status: Free memory
Detected: TR/Hijack.MulltiPP

I did download TM's sysclean and I ran it in safemode
with system restore off. I rebooted in Normal mode,
turned system restore back on, and ran AntiVir XP. The
same 5 files showed up. The results from sysclean showed
that there were errors for some of the files it couldnt
get into (like yahoo or aol messenger), but it wasn't any
of my files above. When sysclean was running I noticed
if it couldnt clean something it deleted it. Maybe it
couldn't do either for these? It may be easier to email
any more suggestions because sometimes my IE shuts down
before I can get to this page.
My email is (e-mail address removed). I really appreciate your
help.
Rachel
 
R

Rock

Rachel said:
From: "Rachel K" <[email protected]> Sent: 9/19/2004
9:37:59 AM






you downloaded


turned of system


(1)Folder: C\Documents and Settings\kyker\Local
Settings\temp
File: conscorr...ini
Status: Free memory
Detected: TR/Dldr.Stubby.C

(2)Folder: C\Documents and Settings\kyker\..\THI10BA.tmp
File: multimpp.cap...prelnsmm.exe
Status: Free memory
Detected: TR/Hijack.mulltiPP

(3)Folder: C\Documents and Settings\kyker\..\THI163A.tmp
File: multimpp.cap...prelnsmm.exe
Status: Free memory
Detected: TR/Hijack.mulltiPP

(4)Folder: C\Documents and Settings\kyker\..\THI22EA.tmp
File: localNRd.cab...polall1I.exe
Status: Free memory
Detected: TR/Dldr.Krepper.3

(5)Folder: C\Documents and Settings\kyker\..\THI6CF0.tmp
File: multimpp.cap...prelnsmm.exe
Status: Free memory
Detected: TR/Hijack.MulltiPP

I did download TM's sysclean and I ran it in safemode
with system restore off. I rebooted in Normal mode,
turned system restore back on, and ran AntiVir XP. The
same 5 files showed up. The results from sysclean showed
that there were errors for some of the files it couldnt
get into (like yahoo or aol messenger), but it wasn't any
of my files above. When sysclean was running I noticed
if it couldnt clean something it deleted it. Maybe it
couldn't do either for these? It may be easier to email
any more suggestions because sometimes my IE shuts down
before I can get to this page.
My email is (e-mail address removed). I really appreciate your
help.
Rachel
Click to expand...

Rachel, for one thing keep all posts in one thread. Don't create
multiple threads. Second, maybe those are false positives for viruses?
That does happen. Try running several of the on line scans.

Online and Downloadable Virus Scanning:

Panda ActiveScan
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Bit Defender Online Virus Scan:
http://www.bitdefender.com/scan/license.php

Symantec Online Virus and Security Scan:
http://security.symantec.com/ssc/home.asp

TrendMicro:
http://housecall.trendmicro.com/housecall/start_corp.asp

McAfee Online Virus Scan:
http://www.mcafee.com/myapps/mfs/default.asp

RAV AntiVirus - Scan Online
http://www.ravantivirus.com/scan/

F-Secure:
http://support.f-secure.com/enu/home/ols.shtml

Did you run adaware and spybot in safe mode too?

The last thing you can try is run HijackThis and post the log to one of
the specialty forums along with the history of what you have done, _NOT_
this one. They are the experts in removing nasties.

HijackThis
http://www.majorgeeks.com/download.php?det=3155

Forums to Interpret HijackThis Logs:

http://computercops.biz/
http://www.spywareinfo.com/forums/
http://forum.aumha.org/viewforum.php?f=30
http://forums.tomcoyote.org/
http://www.wilderssecurity.com/

Good luck.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Subject: IE7, OR?? Is there anyone there that can help? :-/ 1
WTD: Nvidia Videocard for 4x AGP Slot 0
WBEM_E_OUT_OF_MEMORY Error 0
APPLICATION ERRORS - HELP ME PLEASE!! 14
adware spyware not detected by microsoft 2
Application Errors - Tried EVERYTHING - PLEASE HELP!!!! 8
NEED HELP DESPERATELY! - APPLICATION ERRORS 3
Adware found this 6

Top