From: <betty889125@hotrmailnospam.org>

| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in
| news:EIT_g.80249$073.23051@trnddc01:
|
>> I have more confidence in Gnmer that RootKit Revealer so I suggest
>> using it first.
|
| I just used it and can't make head or tail from it.
| Secondly, Drwatson appears about 2nd use and closes it.
|
| Right now, I see that the gmer.exe file is still running in my task
| manager, yet I can't see the program, nor can I close it.
|
| The same goes for sysinternals.com Process Explorer.
|
| When I ran the Rootkit scan, I saw a load of things scrolling by,
| but I didn't see anything marked "hidden" like his FAQ's show (unless I'm
| reading the FAQ's wrong). I did see some of the MJ's and some TCP/IP
| things floating by. I thought I was getting very advanced, but I'm not
| sure what boxes s/b checked, nor how many of the 50+ services in the other
| tab I see that I should research. There's quite a few I'm not sure about.
|
| I'm going to delete all references to the "keylogger(?)" in my registry
| now, and then run a multitude of security programs - including Multi-AV.
|
| I hope that whatever it is is only in my system partition or registry,
| because I have a very large hard drive, and also use a large, multi-
| partitioned external drive on occasion.
|
| To scan all those partitions with Multi-AV might take the rest of the
| winter - LOL! Usually, these bugs are in the OS directory, registry,
| documents and settings, or program files on the main partition.

The MOST important areas to scan with Multi AV...

C:\Documents and Settings

C:\Program Files

%windir%

You can have it selectively scan those specific areas.

Delete those Registry entries. Exit Regedit and then go back into Regedit and see if they
still exist.

If they still exist, the malware is still running.
If they don't still exist, reboot the PC and then run selectyive area scan using the Multi
ACV Scanning Tool.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm