Helpp

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 7:14 pm

im running the scan now. I restarted before and a screen came up had windowsxp on top and it was aborting stuff and deleting stuff, is that normal??

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 7:22 pm

On the avengers run?

The rootkit can be stubborn, as you very well know now, so the avenger has to be one step ahead. Wink


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 7:23 pm

i just finshed the scan how do i get the log to come back??

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 7:24 pm

There's a logs tab, open that and there's the log. Just double click it to open it again.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 7:26 pm

Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 2

5/11/2009 3:21:37 PM
mbam-log-2009-05-11 (15-21-37).txt

Scan type: Quick Scan
Objects scanned: 76685
Time elapsed: 5 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a26503fe-b3b8-4910-a9dc-9cbd25c6b8d6} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\APR\Local Settings\Temp\sacrmwoenx.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\APR\Local Settings\Temp\winvsnet.tmp (Rogue.Installer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSllca.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\APR\Local Settings\Temp\TDSS3b67.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSkjai.log (Trojan.TDSS) -> Quarantined and deleted successfully.

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 7:27 pm

Hello.
I need you to update MBAM, you have an old database.

Database version: 1945

Go into the update tab and run "Check for updates", once you have the newest database, re-run the scan.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 7:38 pm

sorry,

Malwarebytes' Anti-Malware 1.36
Database version: 2109
Windows 5.1.2600 Service Pack 2

5/11/2009 3:37:02 PM
mbam-log-2009-05-11 (15-37-02).txt

Scan type: Quick Scan
Objects scanned: 86513
Time elapsed: 5 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\UACmancsvfticmqoba.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UAConqxkptalkktkra.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACqxofkkdlsqtkytp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACvmenvfmxkvkhscw.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UACgxdlycymmjloyts.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\UACuckunupaeprfdgv.sys (Trojan.Agent) -> Quarantined and deleted successfully.

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 7:41 pm

Okay, still more to do though.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste DDS.txt back here, I don't need to see attach.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 7:44 pm

DDS (Ver_09-03-16.01) - NTFSx86
Run by APR at 15:45:26.60 on Mon 05/11/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.437 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
FW: Norton Internet Worm Protection *disabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Adobe Media Player\Adobe Media Player.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\APR\My Documents\dds.scr

============== Pseudo HJT Report ===============

uStart Page = [You must be registered and logged in to see this link.]
uSearch Page = [You must be registered and logged in to see this link.]
uSearch Bar = [You must be registered and logged in to see this link.]
uDefault_Page_URL = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = [You must be registered and logged in to see this link.]
BHO: Mouse Gestures: {a6a49249-57ae-4295-8d4d-18a9502c7d8e} - c:\program files\internet explorer\plugins\drowse\MouseGestures.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Oldface Toolbar: {afcedbfe-7a6d-44c6-9f1d-664d608aecea} - c:\program files\oldface\tbOld1.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
TB: Oldface Toolbar: {afcedbfe-7a6d-44c6-9f1d-664d608aecea} - c:\program files\oldface\tbOld1.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe
mRun: [AVG7_CC] c:\progra~1\grisoft\avg7\avgcc.exe /STARTUP
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
StartupFolder: c:\docume~1\apr\startm~1\programs\startup\adobem~1.lnk - c:\program files\adobe media player\Adobe Media Player.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\americ~1.lnk - c:\program files\america online 9.0\aoltray.exe
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {4E660F19-E91E-41e1-88EF-D1DFAB118F67} - {42981F9D-0C9E-4131-BFC7-8FFE874C6AAC} - c:\program files\internet explorer\plugins\drowse\MouseGestures.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {31435657-9980-0010-8000-00AA00389B71} - [You must be registered and logged in to see this link.]
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [You must be registered and logged in to see this link.]
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\apr\applic~1\mozilla\firefox\profiles\spc7pilk.default\
FF - prefs.js: browser.search.defaulturl - [You must be registered and logged in to see this link.]
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbarff\components\vmAVGConnector.dll
FF - plugin: c:\documents and settings\apr\application data\mozilla\firefox\profiles\spc7pilk.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071303000004.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-7 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-9-24 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-7 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-7 298776]
R2 SlingAgentService;SlingAgentService;c:\program files\sling media\slingagent\SlingAgentService.exe [2009-3-10 93960]
S3 rootrepeal;rootrepeal;\??\c:\windows\system32\drivers\rootrepeal.sys --> c:\windows\system32\drivers\rootrepeal.sys [?]

=============== Created Last 30 ================

2009-05-11 15:13 --d----- c:\docume~1\apr\applic~1\Malwarebytes
2009-05-11 15:11 --dsh--- C:\found.000
2009-05-11 14:25 0 a------- c:\documents and settings\apr\settings.dat
2009-05-08 15:54 --d----- c:\documents and settings\apr\DoctorWeb
2009-05-08 15:17 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-08 15:17 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-08 15:17 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-08 15:17 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-07 16:54 388,608 a------- c:\windows\system32\CF24843.exe
2009-05-07 16:53 388,608 a------- c:\windows\system32\CF24170.exe
2009-05-07 16:36 388,608 a------- c:\windows\system32\CF21323.exe
2009-05-07 16:28 388,608 a------- c:\windows\system32\CF19912.exe
2009-05-07 16:25 388,608 a------- c:\windows\system32\CF19291.exe
2009-05-07 16:22 388,608 a------- c:\windows\system32\CF18612.exe
2009-05-07 16:17 388,608 a------- c:\windows\system32\CF17613.exe
2009-05-07 16:13 388,608 a------- c:\windows\system32\CF16816.exe
2009-05-07 16:11 388,608 a------- c:\windows\system32\CF16493.exe
2009-05-07 16:11 388,608 a------- c:\windows\system32\CF16372.exe
2009-05-07 14:19 --d----- c:\program files\Trend Micro
2009-05-07 12:11 --d-h--- C:\$AVG8.VAULT$
2009-05-07 12:06 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-07 12:06 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-07 12:06 --d----- c:\windows\system32\drivers\Avg
2009-05-07 12:06 --d----- c:\docume~1\apr\applic~1\AVGTOOLBAR
2009-05-07 12:06 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-07 12:06 --d----- c:\program files\AVG
2009-05-07 12:06 --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-05-07 09:42 --d----- c:\documents and settings\apr\.housecall6.6
2009-05-05 12:59 224 a------- c:\windows\system32\UACkqrfipdexjwgyko.dat
2009-04-14 22:23 1,193,414 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-04-14 22:23 215,552 -------- c:\windows\system32\dllcache\wordpad.exe

==================== Find3M ====================

2009-04-20 16:55 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys
2009-04-07 15:17 312 a------- c:\docume~1\apr\applic~1\wklnhst.dat
2009-03-21 10:18 986,112 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-10 22:18 934,792 -------- c:\windows\system32\dllcache\WgaTray.exe
2009-03-10 22:18 239,496 -------- c:\windows\system32\dllcache\wgaLogon.dll
2009-03-06 10:00 284,160 a------- c:\windows\system32\pdh.dll
2009-03-06 10:00 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-03-02 20:18 826,368 a------- c:\windows\system32\wininet.dll
2009-03-02 20:18 826,368 a------- c:\windows\system32\dllcache\wininet.dll
2009-02-28 00:54 636,072 -------- c:\windows\system32\dllcache\iexplore.exe
2009-02-20 06:20 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 06:20 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-20 01:14 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2009-02-10 18:31 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll

============= FINISH: 15:45:46.10 ===============

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 8:00 pm

what now??

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 8:18 pm

Hello.
AVG is disabled, please enable it now.

Please download the [You must be registered and logged in to see this link.].

  • Save it to your desktop.
  • Please double-click OTMoveIt3.exe to run it.
  • Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose CopyCrying


    :files
    c:\windows\system32\UACkqrfipdexjwgyko.dat
    C:\found.*


  • Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.


Last edited by Belahzur on Mon May 11, 2009 8:35 pm; edited 1 time in total


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 8:20 pm

you want me to enable it then disable it???

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 8:24 pm

========== FILES ==========
c:\windows\system32\UACkqrfipdexjwgyko.dat moved successfully.
C:\found.000\dir0000.chk moved successfully.
C:\found.000 moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05112009_162537

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 8:35 pm

Sorry, my bad. Multitasking.

It's disabled, please enable it now.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 8:38 pm

so enable it then run that scan again??

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 8:59 pm

i am leaving my office for the day. What else do i need to do??

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 9:10 pm

Not much now, the trouble-maker is gone.

We can remove OTMoveIt now.

  • Please double-click OTMoveIt3.exe to run it again.
  • Press the green CleanUp! button.
  • Press Yes cleanup process prompt, do the same for the reboot prompt.
How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Helpp

Post by jarons1 on Mon May 11, 2009 9:15 pm

Machine is running fine now thank you. What program can i use to scan for virus without having to pay??

jarons1
Intermediate
Intermediate

Status :
Online
Offline

Posts : 55
Joined : 2009-05-07
OS : 98

View user profile

Back to top Go down

Re: Helpp

Post by Belahzur on Mon May 11, 2009 9:27 pm

MBAM is a good scanner, free and (unbelievablely) quick.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre

View user profile

Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum