Tech Support Forum - View Single Post - google redirects/ibm300002.exe error and cant run trend micro w/o error

Ried · 10-06-2006, 08:10 PM

Ahhh...I see it, and a couple others.

Let's get rid of the error at bootup first.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

************************************************

Run StartDreck with the same options checked like before. Click on the following and hit the Delete button in the program:

*SHELL=explorer.exe ibm00003.exe

That line is a little more than half way down the log, under this category:

»SYSTEM.INI\[boot]

Shortly before you see all those lines of xxxxxxxxxxxxxxxxxxxxxxx's.

-----------------------------------------------------

Now we need to take care of the others that do not belong.

Download CWShredder and run it. Click on 'I Agree' button if you agree and check for updates. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit.

------------------------

Next, download win32delfkil.exe.

Save it on your desktop.
Close all windows.
Double click on win32delfkil.exe to start the removal tool.
The computer will reboot automatically.
After reboot a logfile will open: c:\windelf.txt
Post the contents of the logfile in your next reply.

------------------------

Please run both the SilentRunners and Stardreck tools again and post the logs here once more, along with the windelf.txt and a new HijackThis log.

How is the system behaving now?

10-06-2006, 08:10 PM	#23 (permalink)
Ried Assistant Manager, TSF Academy; Moderator/Analyst Security Team Join Date: Jan 2005 Location: Ohio Posts: 27,043 OS: WinXP and Vista	Ahhh...I see it, and a couple others. Let's get rid of the error at bootup first. Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions. ********************************************** Run StartDreck with the same options checked like before. Click on the following and hit the Delete** button in the program: SHELL=explorer.exe ibm00003.exe That line is a little more than half way down the log, under this category: »SYSTEM.INI\[boot]* Shortly before you see all those lines of xxxxxxxxxxxxxxxxxxxxxxx's. ----------------------------------------------------- Now we need to take care of the others that do not belong. Download CWShredder and run it. Click on 'I Agree' button if you agree and check for updates. Click on 'Fix' (it will automatically fix anything it finds for you) and then click OK. If it asks if you want to delete a certain random file, choose No and post that filename here. Let it finish the scan and then hit Next and Exit. ------------------------ Next, download win32delfkil.exe. Save it on your desktop. Close all windows. Double click on win32delfkil.exe to start the removal tool. The computer will reboot automatically. After reboot a logfile will open: c:\windelf.txt Post the contents of the logfile in your next reply. ------------------------ Please run both the SilentRunners and Stardreck tools again and post the logs here once more, along with the windelf.txt and a new HijackThis log. How is the system behaving now? __________________ Member of ASAP since 2005 Member of UNITE since 2006 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."