Ready to scream. Spyware and Browser problems...

Hello.

First off, I have a Win2K machine hooked into a small network. I have been getting pop-up ads out the wazoo. And now, after many efforts with many differn't tools, most of which I read about hear, my IE Browser gives me a must shut down dialog box everytime I log on. I have long run Adaware SE, among other Anti-Virus software (Norton Corporate).

I have carefully followed the How to post, rebooted in Safe Mode with Networking Support b4 running:

1) Stinger
2) CC Cleaner
3) Ad-Aware SE
4) VX2 plug-in
5) Spybot S & D

They all found and removed various spyware and traces, yet the pop-ups continue, as does the browser malfunction.

I have a Hijack This log to post, and await permission to do so.

Please Help!

Thanks

Eric

 

Please run the alternative scans listed at the bottom of our how to. If you're still having problems then post your log.

 

10-4.

Just ran CWShredder. It removed the following:

CWS.Msinfo
CWS.Tapicfg
CWS.hiddenDll

On to Kill2me!

Thanks!

 

now post a new log file so we can see what's left.

 

OK,
HS Remove found nothing,
Kill2me found the Look2me infection (if it was present?),
and Aboutblaster found nothing

Rebooted after all this and ran a new HJT log, which is attached.

Can you point out what is left, and what do I do?

Thanks!

 

boot to safe mode..
see if you can find this and delete it

C:\Documents and Settings\eric\Application Data\trls.exe

Next, try to find the following and delete
C:\WINNT\web\related.htm

next go to start..run type
REGSVR32 /u C:\WINNT\system32\irvtrcp.dll

hit ok to any propmts including errors and then see if you can find the file and delete it.

boot to safe mode and delete these lines if found
O2 - BHO: (no name) - {3DFA622A-B847-7D9A-D202-10550E817C46} - C:\WINNT\system32\irvtrcp.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra ''Tools'' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O4 - HKCU\..\Run: [Auoa] C:\Documents and Settings\eric\Application Data\trls.exe

post a new log

 

Kodo,

Did it all, no problems except that I cannot find file trls.exe

My browser no longer pops up a dialog box warning it has an error and will close. You did it!

Here is a new log, is there anything else?

Thanks for all your help, this has driven me crazy! What was it, if you don't mind my asking? And will Spybot keep it from coming back?

Thanks a million!

Eric