Jump to content

pskelley

Trusted Malware Techs
  • Content Count

    1,759
  • Joined

  • Last visited

Everything posted by pskelley

  1. Thanks for posting the feedback, some good information: Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml http://www.malwarecomplaints.info/ Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  2. Good job installing RC that may come in very handy in an emergency, a little Microsoft information: http://support.microsoft.com/kb/314058 http://support.microsoft.com/kb/307654 Remove combofix from your computer like this: Click START then RUN Now type or copy Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there. Clean those infected System Restore files like this: Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot Turn ON System Restore, On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check *Turn off System Restore*. Click Apply, and then click OK. Run a last MBAM scan to make sure you got it all, then post to let me know how the computer is running. No need to post a clean scan. Thanks...Phil
  3. Thanks for returning your information and the feedback, MBAM found some rouge junk but mostly infected System Restore files which are protected and will be cleaned shortly. Since all seems to be running as it should, this is the next bridge we must cross. I am sure you saw this: WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! http://www.bleepingcomputer.com/combofix/how-to-use-combofix Review that information to understand Recovery Console. Installation is optional but if you do not have the CD's needed, as is explained, it can be installed before we remove combofix. If you do not have access to Recovery Console via a Windows CD, I strongly advise you to install this tool. If you do not wish to install RC, let me know so I can continue with the cleanup. If you install RC, post the C:\*CF-RC.txt*. Since we do not need to scan with combofix, click NO Thanks
  4. Did you post a new HJT log after you ran SDFix? C:\Program Files\vzajrb <<< do you know what this program is? If not, remove it. Open notepad and copy/paste the text in the codebox below into it: File:: C:\WINDOWS\system32\gzqfevot.exe Folder:: C:\Documents and Settings\All Users\Application Data\zkpepqxy C:\Program Files\vzajrb Save this as CFScript Referring to the picture above, drag CFScript into ComboFix.exe. This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new HijackThis log. (wait until you finish to post the logs) (wait until you finish to post logs) Download Malwarebytes' Anti-Malware to your Desktop http://www.besttechie.net/tools/mbam-setup.exe * Double-click mbam-setup.exe and follow the prompts to install the program. * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform FULL SCAN, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt * Please post contents of that file, the combofix log from CFScript and a new HJT log in your next reply. How is the computer running? Thanks
  5. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. Sorry for the wait, the logs are many, and the volunteers are few. When you reply, please use the "Add REPLY" button, not the Quote or New Topic buttons. I think you are infected and I suggest you keep this computer offline except when troubleshooting, the junk may download more. If you have any tool I use, delete it and download it new from the link I provide. Read and follow the directions carefully, the tools will not work unless you do. A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use. Remove any old copies of combofix before you proceed. Thanks to sUBs and anyone else who helped with this fix. It is important that it is saved directly to your Desktop Download ComboFix from Here to your Desktop Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall Post the combofix log and a new HJT log. Tutorial http://www.bleepingcomputer.com/combofix/how-to-use-combofix Thanks
  6. Topic is resolved and closed. Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  7. No response since 5:13am Mon Jul 7 2008 closing the topic as resolved. Thanks
  8. Thanks for returning your information and the feedback. I will request that you do not quote my instructions, I know what I said and you can scroll back to the original if you need to read them or print them. I rarely deal with anyone who has a paid verion of AVG, and never with one that is showing two version of the program in the same HJT log so I will have to take your word that you know what you are doing and if you do not, refer you to Grisoft for instructions. Please update to the newest version located here: http://www.safer-networking.org/en/spybotsd15/index.html Update the new program and make sure it is fully immunized, then run a complete scan and let me know the results. We are about removing malware here, my best suggestion would be to seek user to user help with this issue here:http://forums.pcpitstop.com/index.php?showforum=3 C:\Program Files\Java\jre1.6.0_05\ <<< update your Java program, see this information: http://forums.spybot.info/showpost.php?p=1...amp;postcount=2 I see no evidence of malware in this HJT log. Thanks
  9. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. Sorry for the wait, the logs are many, and the volunteers are few. When you reply, please use the "Add REPLY" button, not the Quote or New Topic buttons. Help me out here, you said this: My question is, I run the free version of AVG 8, I know little about the licensed version. I am wondering how you are running both: AVG7 and AVG8 at the same time. If you do not know, contact Grisoft tech support for an answer. Since you pay for your version tech support is available. This is almost always caused by an out of date program or a program that is not updated and immunized. Provide this information: Open Spybot S&D then click "Help" at the top, then click About. Post for me the version of Spybot S&D you are running and just under it post the Latest detection update. If you have to post another HJT log, you are running System Configuration Utility in Selective Startup mode. I need to see all HJT logs with it running in Normal mode. Thanks
  10. I Traci, this is a hard one to call but I believe we have cleaned junk, but if you read the information I posted at the start, reformat it the only way to be 100% positive with a backdoor trojan. http://netsecurity.about.com/od/frequently...faq_rootkit.htm http://www.google.com/search?hl=en&q=w...G=Google+Searchhttp://www.google.com/search?hl=en&q=R...amp;btnG=Search As you can see we are not talking about reinstalling the Operating System, hackers can hide their junk anywhere so the hard drive has to be wiped clean to be 100% sure. http://spyware-free.us/tutorials/reformat/ http://www.cyberwalker.net/faqs/how-tos/reinstall-faq.html http://helpdesk.its.uiowa.edu/windows/inst...ns/reformat.htm I think we cleaned it but there is no way I can be 100% sure. I would change all of your passwords: Strong passwords: How to create and use them http://www.microsoft.com/athome/security/p...y/password.mspx and I would still monitor any secure online activities carefully, but you should do that all of the time anyway and not only the online activities. The report I asked for was what you have just given me. I wish you safe surfing and security. Thanks
  11. Please do not quote my instructions, it is a waste of space and not necessary. If you wish to see what I said, scroll back to it. Your HJT log looks to be clean of malware here are a couple of things I see. 1) Optional removal > O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE See this > http://www.castlecops.com/startuplist-5306.html 2) C:\Program Files\Java\jre1.6.0_05\ <<< check Java for an update, see this: http://forums.spybot.info/showpost.php?p=1...amp;postcount=2 I would like to see you update and run Windows Defender and AVG 8, if all is well then you are good to go. Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml http://www.malwarecomplaints.info/ Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  12. Please don't do it now, wait until we are finished. Let's please fisish with our work, you can print this and do it once we know you are clean of malware, which should be very close now. SuperAntiSpyware file version 3.9.0.1008 file size 5.64 MB SAS is a valid program, and a good one. It is used a lot in malware removal because of the free trial. I am not seeing it in the uninstall list, so that might just be an icon, right click and delete it. I also do not see it in the HJT log anywhere. Uninstall list, and I see some challenges for you. I am after malware and security issues. You can look for junk that is no longer needed to uninstall and give the computer a break. Here is what I see. Adobe Acrobat 5.0 <<< valid program, but you should keep all programs updated, this appears to be a very old version Java 2 Runtime Environment, SE v1.4.2 <<< this is a VERY old version of Java and that is very dangerous, read this: http://forums.spybot.info/showpost.php?p=1...amp;postcount=2 Mozilla Firefox (2.0.0.15) new version in the link: http://www.mozilla.com/en-US/firefox/ MSN Messenger 6.2 <<< if you use it use the newest version: http://get.live.com/messenger/overview Spybot - Search & Destroy 1.4 <<< old version, here is the new one: http://www.safer-networking.org/en/spybotsd15/index.html That's my home forum I will post this information for you now, and you give me a report as soon as possible. If all is well, I will close you. Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml http://www.malwarecomplaints.info/ Thanks...pskelley PCPitStop http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  13. Potentially unwanted program RemAdm-procLaunch!171 Loction C:\327882R2FWJFW\PSexec.cfexe This is called a PUP and I have a feeling it is part of combofix, see the cfexe. sUBs tool is close to a miracle with all it does and since we are uninstalling, I think this will go with it. Let's wait and see. IE6...You can check here: http://support.microsoft.com/ I am under the impression that if you use it or not, you should update to the newest version. Hackers exploit old versions of program to infect you and things are especially dangerous at websites just now: http://www.google.com/search?hl=en&q=I...amp;btnG=Search Understand that the days of kids playing pranks are gone, anymore it is about $$$ and organized crime. Here is one look: http://en.wikipedia.org/wiki/Russian_Business_Network http://rbnexploit.blogspot.com/ Thanks...I will be down for the night, I start early, and will likely not respond again before AM EST
  14. Oops I missed the HJT log...sorry OK Traci, let me know if you get more information. I asked this: and I asked this: Please communicate when I request it. Let's move on until we get more information. Here is what I would like you to do now. MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) <<< could you tell me the reason you are still running Internet Explorer 6? 1) Remove C:\SDFix from your computer 2) Remove combofix from your computer like this: Click START then RUN Now type or copy Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there. 3) MBAM is your call, it does not run using resources and is a good free on demand scanner, you may keep it if you wish. 4) Clean infected System Restore files like this: Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot Turn ON System Restore, On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check *Turn off System Restore*. Click Apply, and then click OK. 5) Let me have a look at your uninstall list: Open Hijackthis. Click the "Open the Misc Tools" section Button. Click the "Open Uninstall Manager" Button. Click the "Save list..." Button. Save it to your desktop. Copy and paste the contents into your reply. (You may edit out Microsoft, Hotfixes, Security Update for Windows XP, Update for Windows XP and Windows XP Hotfix to shorten the list) Image: Post any information I asked for and the uninstall list. Thanks
  15. I need to know exactly what McAfee is showing you. Are you using a popup blocker? We have moved a load of malware off your computer. Post a new HJT log along with that information. Thanks
  16. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. Sorry for the wait, the logs are many, and the volunteers are few. When you reply, please use the "Add REPLY" button, not the Quote or New Topic buttons. We will try this first and see what happens. Follow the directions carefully and in the numbered order. http://www.castlecops.com/clsid-37438.html <<< see this, I'll remove this, if you want to take that chance, leave it. 1) How to make files and folders visible: Click Start > Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders. Uncheck: Hide file extensions for known file types Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. You may reverse this for safety when we are finished. 2) Please download ATF Cleaner by Atribune http://www.atribune.org/public-beta/ATF-Cleaner.exe Save it to your Desktop. We will use this later. 3) Windows Defender Click on "Tools" Click on "General Settings" Scroll down to "Real-time protection options" Uncheck "Turn on Real-time protection (recommended)" Click "Save" Make sure to turn your protection back on when you finish. 4) From within Spyware Doctor, click the "OnGuard" button on the left side. Uncheck "Activate OnGuard". Turn it back on when you finish 5) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items: R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com R3 - URLSearchHook: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbs1.dll (the next item is damaged, install it again after we finish if you use it) O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file) O2 - BHO: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbs1.dll O3 - Toolbar: Absolutist Games Toolbar - {631ac2d4-57b3-42b0-a148-da33b462c1a3} - C:\Program Files\Absolutist_Games\tbAbs1.dll O4 - HKLM\..\Run: [lphcjkwj0egej] C:\WINDOWS\system32\lphcjkwj0egej.exe Close all programs but HJT and all browser windows, then click on "Fix Checked" 6) Right click Start > Explore and navigate to these files/folders and delete them if there. C:\WINDOWS\system32\lphcjkwj0egej.exe <<< delete that file 7) Run ATF Cleaner Double-click ATF-Cleaner.exe to run the program. Click Select All found at the bottom of the list. Click the Empty Selected button. Click Exit on the Main menu to close the program. 8) Download Malwarebytes' Anti-Malware to your Desktop http://www.besttechie.net/tools/mbam-setup.exe * Double-click mbam-setup.exe and follow the prompts to install the program. * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform FULL SCAN, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt * Please post contents of that file & a new HJT log in your next reply. Tell me how the computer is running. Thanks
  17. This was the one I was worried about in the combofix log: 2008-06-30 00:04 . 2008-06-30 00:04 86,144 --a------ C:\WINDOWS\system32\drivers\bthusbb.sys That's the rootkit!! MBAM removed it on Reboot: Files Infected: C:\WINDOWS\system32\drivers\bthusbb.sys (Rootkit.Agent) -> Delete on reboot. I needed this information from you? And did not get it... Your HJT log is clean and it looks like the tools did their job. This is next before we remove the tools we used. I am sure you saw this: WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! http://www.bleepingcomputer.com/combofix/how-to-use-combofix Review that information to understand Recovery Console. Installation is optional but if you do not have the CD's needed, as is explained, it can be installed before we remove combofix. If you do not have access to Recovery Console via a Windows CD, I strongly advise you to install this tool. If you do not wish to install RC, let me know so I can continue with the cleanup. If you install RC, post the C:\*CF-RC.txt*. Since we do not need to scan with combofix, click NO Thanks...Phil
  18. Thanks for returning your information, let's clean and run one more scan and see where we are. Run Clean Manager http://spyware-free.us/tutorials/cleanmgr/ I think MBAM will remove the item and driver combofix is havng trouble with: C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete Download Malwarebytes' Anti-Malware to your Desktop http://www.besttechie.net/tools/mbam-setup.exe * Double-click mbam-setup.exe and follow the prompts to install the program. * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform FULL SCAN, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt * Please post contents of that file & a new HJT log in your next reply. Please let me know how the computer is running. Thanks...Phil
  19. Thanks for returning your information, read and follow all directions carefully. A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use. Remove any old copies of combofix before you proceed. Thanks to sUBs and anyone else who helped with this fix. It is important that it is saved directly to your Desktop Download ComboFix from Here to your Desktop Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall Post the combofix log and a new HJT log. Tutorial http://www.bleepingcomputer.com/combofix/how-to-use-combofix Thanks
  20. Hi Traci, I am not familiar with wireless, having never used it. I will have to assume if the computers were all on the same network it is very possible they are are infected but I can't be positive of that. You could ask your questions here: http://forums.pcpitstop.com/index.php?showforum=3 Where other users who have wireless could tell you. If you intend to clean the infected computer, isolate it from the rest of the network and then you can take it online long enough to download the tools you need to use. You may be able to do what you are suggesting, keep in mind some tools are large, combofix which would be used is 1.88 MB's. If you wish to continue we will start like this. You are infected, I suggest you keep this computer offline except when troubleshooting, the junk may download more. If you have any tool I use, delete it and download it new from the link I provide. Read and follow the directions carefully, the tools will not work unless you do. This can be a tough infection to remove so do not expect fast or easy. Thanks to andymanchesta and anyone else who helped with the fix. Download SDFix and save it to your Desktop http://downloads.andymanchesta.com/RemovalTools/SDFix.exe Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally post the contents of the Report.txt back on the forum with a new HijackThis log That is only the first step Thanks
  21. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. Sorry for the wait, the logs are many, and the volunteers are few. When you reply, please use the "Add REPLY" button, not the Quote or New Topic buttons. Your friend did not do you any favors: http://www.castlecops.com/tk54500-XTTBPos00.html http://forums.spybot.info/showthread.php?t=7344 You understand if you are accessing the internet in safe mode, you have absolutely no security running? I need to see the HJT log in normal mode, this is not going to be easy, but I am wiling to try as long as you follow directions. Start by getting me an updated HJT log. Download Trend Micro Hijack This™ to your Desktop http://download.bleepingcomputer.com/hijac.../HJTInstall.exe Doubleclick the HJTInstall.exe to start it. By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut. HijackThis will open after install. Press the Scan button below. This will start the scan and open a log. Copy and paste the contents of the log in your next reply. Thanks
  22. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. Sorry for the wait, the logs are many, and the volunteers are few. When you reply, please use the "Add REPLY" button, not the Quote or New Topic buttons. I hate to be the bearer of bad news, but you have backdoor trojans on this computer as well as a Vundo infection. See these: http://www.prevx.com/filenames/X1141133265...TUYSZV.EXE.html http://www.greatis.com/appdata/d/r/rwwnw64d.exe.htm I believe, for your security, you need this information: A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user. One or more of the identified infections is a backdoor trojan. This allows hackers to remotely control your computer, steal critical system information and Download and Execute files I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation. Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? http://www.dslreports.com/faq/10451 When Should I Format, How Should I Reinstall http://www.dslreports.com/faq/10063 Let us know what you have decided to do in your next post. Thanks
  23. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. Sorry for the wait, the logs are many, and the volunteers are few. When you reply, please use the "NEW REPLY" button, not the Quote or New Topic buttons. Looks like you are saying it's fixed, and you no longer have a problem. If that's the case, that's great. If you should still need help, post a HJT log in NORMAL mode and provide more information about your issue. Thanks
  24. Looks good, if you are having no malware issues, you are good to go. Great job with the complex instructions. I notice only Symantec leftovers: C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE http://basconotw.mvps.org/SymRem.htm Safe surfing Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml http://www.malwarecomplaints.info/ Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  25. Thanks for the feedback, MBAM takes generally 30 to 60 minutes. Enjoy your weekend Phil
×
×
  • Create New...