Jump to content

pskelley

Trusted Malware Techs
  • Content Count

    1,759
  • Joined

  • Last visited

Everything posted by pskelley

  1. Thanks for returning your information and the feedback you said: You will read about those in the information I post in closing. Since I see nothing else remove by Smitfraudfix, it must have been the infected hosts file causing your problems. You may delete Smitfraudfix from your computer. C:\Program\Notepad++\notepad++.exe <<< this is unusual, know anything about it? If not scan that file in red here: http://virusscan.jotti.org/ and post the results. Please download ATF Cleaner by Atribune http://www.atribune.org/public-beta/ATF-Cleaner.exe Save it to your Desktop. We will use this later. Open HijackThis and choose "Do a system scan only" then check the box in front of these line items: O20 - Winlogon Notify: iifeCstt - iifeCstt.dll (file missing) Close all programs but HJT and all browser windows, then click on "Fix Checked" Run ATF Cleaner Double-click ATF-Cleaner.exe to run the program. Click Select All found at the bottom of the list. Click the Empty Selected button. Click Exit on the Main menu to close the program. Download Malwarebytes' Anti-Malware to your Desktop http://www.besttechie.net/tools/mbam-setup.exe * Double-click mbam-setup.exe and follow the prompts to install the program. * Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform FULL SCAN, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt * Please post contents of that file & a new HJT log in your next reply. How's the computer running? Thanks
  2. Nunis, I apologize for the member who posted in your topic. Please do not quote my instructions, it is a waste of space. Scroll to them if you need to read them. Thanks for returning your information, Smitfraudfix found the infection and it also found this: »»»»»»»»»»»»»»»»»»»»»»»» hosts hosts file corrupted ! After we clean, in the next C:\rapport.txt, there may be a very large hosts file (items starting with 127.0.0.1) and I do not need to see it. Edit (remove) it from the C:\rapport.txt before you post it. Clean: Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually) Double-click SmitfraudFix.exe Select 2 and hit Enter to delete infect files. You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection. The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file. A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt Optional: To restore Trusted and Restricted site zone, select 3 and hit Enter. You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone. Note, if you use SpywareBlaster and/or IE-SPYAD, it will be necessary to re-install the protection both afford. For SpywareBlaster, run the program and re-protect all items. For IE-SPYAD, run the batch file and reinstall the protection. Post the C:\rapport.txt and a new HJT log. Thanks
  3. I am just a bit puzzled here, I posted instructions in this link: http://forums.pcpitstop.com/index.php?showtopic=158313 Please post where I suggested: http://forums.pcpitstop.com/index.php?showforum=3 If you can not get help there, then try here: http://www.techsupportforum.com/microsoft-...ows-xp-support/ or here: http://www.bleepingcomputer.com/forums/forum56.html Where you can get help for your Operating System issues. Thanks
  4. Please don't copy my instructions, it is a waste of space. You can simple scroll back if you wish to see what I said. http://www.google.com/ >> http://www.google.com/search?hl=en&q=r...G=Google+Search Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml http://www.malwarecomplaints.info/ Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  5. Welcome to PCPitStop, please be aware that All advice given is taken at your own risk. For your information: O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Program\Enigma Software Group\SpyHunter\SpyHunter3.exe ttp://www.spywarewarrior.com/viewtopic.php?t=24810 http://www.castlecops.com/t187654-free_spy...estionable.html Instructions start here: 1) We need first to disable TeaTimer that it doesn't interfere with fixes. You can re-enable it when you're clean again: * Run Spybot-S&D in Advanced Mode. * If it is not already set to do this Go to the Mode menu select "Advanced Mode" * On the left hand side, Click on Tools * Then click on the Resident Icon in the List * Uncheck "Resident TeaTimer" and OK any prompts. * Restart your computer. (leave TT disabled until we finish) 2) http://siri.geekstogo.com/SmitfraudFix.php <<< download Smitfraudfix from here and follow ONLY these directions. Search: Double-click SmitfraudFix.exe Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt Note: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. http://www.beyondlogic.org/consulting/proc...processutil.htm Post only the C:\rapport.txt using Add Reply. That's just a start, this will take a while. Thanks
  6. Hello and welcome to PCPitStop, please understand that all advice given is taken at your own risk. Please understand that we remove malware in this forum and that does not appear to be your problem. I found information at Google: http://www.google.com/search?hl=en&q=a...G=Google+Search If that does not help, try posting here: http://forums.pcpitstop.com/index.php?showforum=3 If that is not where they want you they will redirect you. I will point out one thing in your HJT log: O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL http://securitygarden.blogspot.com/2007/12...-zonealarm.html http://www.benedelman.org/spyware/installa...kjeeves-banner/ http://www.malwarebytes.org/forums/index.php?showtopic=3143 Thanks
  7. Thanks for the feedback, safe surfing Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  8. Thanks...good job getting that scan posted KASPERSKY ONLINE SCANNER REPORT Tuesday, January 08, 2008 11:13:00 PM C:\Documents and Settings\Phil\Desktop\PC Tools\SmitfraudFix\ <<< delete Smitfraudfix from your computer C:\WINDOWS\system32\wbetrcomm.exe <<< do you know why this is on your computer? If not delete that file. Info: http://www.google.com/search?hl=en&q=w...amp;btnG=Search http://www.google.com/search?hl=en&q=B...amp;btnG=Search Did you install this Keylogger? If not, uninstall it. G:\Program Files\KGB Keylogger\winlogon.dll http://www.google.com/search?hl=en&q=K...amp;btnG=Search You have infected email stored on the computer, delete it: C:\Documents and Settings\Phil\Local Settings\Application Data\Identities\{ED2DC33D-E5FE-482F-8B17-DEB302D0721E}\Microsoft\Outlook Express\E-Bay.dbx/[From "[email protected]" <[email protected]>][Date Fri, 02 Dec 2005 13:45:44 +0100]/html ------> Trojan-Spy.HTML.Bayfraud.kh C:\Documents and Settings\Phil\Local Settings\Application Data\Identities\{ED2DC33D-E5FE-482F-8B17-DEB302D0721E}\Microsoft\Outlook Express\E-Bay.dbx Mail MS Outlook 5: infected - 1 C:\Documents and Settings\Phil\Local Settings\Application Data\Microsoft\Outlook\outlook.pst/Personal Folders/E-Bay/02 Dec 2005 12:50 from [email protected]:Question from eBay me.html ------> Trojan-Spy.HTML.Bayfraud.kh C:\Documents and Settings\Phil\Local Settings\Application Data\Microsoft\Outlook\outlook.pst Mail MS Mail: infected - 1 Once you resolve the above issues, we need to clean infected System Restore files. Restart the computer and empty the Recycle Bin on the Desktop then do this: MANUAL INSTRUCTIONS FOR SYSTEM RESTORE Turn off System Restore. On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. Check Turn off System Restore. Click Apply, and then click OK. Reboot Turn ON System Restore, On the Desktop, right-click My Computer. Click Properties. Click the System Restore tab. UN-Check *Turn off System Restore*. Click Apply, and then click OK. Scan again and you should be clean if you followed the directions. Do not post a clean, scan, just let me know and I'll post valuable information and get you on your way. Thanks...Phil
  9. You may use HJT to remove that line if your wish. I just went through the instructions up to the point where I stopped prior to allowing the ActiveX. Look again, make sure you are clicking on "Kaspersky Online Scanner" Thanks
  10. Thanks for returning your information, do you have your browser Start Page set this way on purpose: R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank Your HJT log appears clean of malware, how is the computer running now? I would like to run a good scan to make sure nothing is hiding from us, should take about one hour. Before you start, delete C:\SDFix from your computer, it does not update, so do not keep it. Run this online scan using Internet Explorer: Kaspersky Online Scanner from http://www.kaspersky.com/virusscanner Next Click on Launch Kaspersky Online Scanner You will be prompted to install an ActiveX component from Kaspersky, Click Yes. * The program will launch and then begin downloading the latest definition files: * Once the files have been downloaded click on NEXT * Now click on Scan Settings * In the scan settings make that the following are selected: * Scan using the following Anti-Virus database: * Standard * Scan Options: * Scan Archives * Scan Mail Bases * Click OK * Now under select a target to scan: * Select My Computer * This will program will start and scan your system. * The scan will take a while so be patient and let it run. * Once the scan is complete it will display if your system has been infected. * Now click on the Save as Text button: * Save the file to your desktop. Then post it here. Thanks
  11. Thanks for the feedback, but since you asked for help here, I would appreciate it if you would run only the tools I request until we finish. Read and follow the directions carefully, the tools will not work unless you do. Thanks to andymanchesta and anyone else who helped with the fix. Download SDFix and save it to your Desktop http://downloads.andymanchesta.com/RemovalTools/SDFix.exe Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum with a new HijackThis log Thanks
  12. Juliet is sick and needs time to get well You sir are infected with this junk: http://research.sunbelt-software.com/threa...threatid=123565 http://fileinfo.prevx.com/spyware/qq3db310...KLGVSF.DLL.html All advice given is taken at your own risk. My advice is to stay offline except when troubleshooting, the junk may download more. Let's have a look for the infection first. http://siri.geekstogo.com/SmitfraudFix.php <<< download Smitfraudfix from here and follow ONLY these directions. Search: Double-click SmitfraudFix.exe Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt Note: process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user. http://www.beyondlogic.org/consulting/proc...processutil.htm Post only the C:\rapport.txt, use NEW REPLY, do not start New Topics. Thanks
  13. Hi Shawn, thanks for the feedback in the private message. Here is some information that may be handy: http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  14. That is what I would have done as soon as I saw this junk. I just sent you a private message, watch for it. Thanks...Phil
  15. I'll look at another HJT log if you wish, but once this junk gets on your computer you can never be sure that you got it all. Here are the reformat instructions if you wish to give it some thought: http://spyware-free.us/tutorials/reformat/ http://www.cyberwalker.net/faqs/how-tos/reinstall-faq.html http://helpdesk.its.uiowa.edu/windows/inst...ns/reformat.htm Let me know what you wish to do. Thanks...Phil
  16. Thanks for the feedback, I"ll try to answer these questions: These items would have been shown in a scan near the end to check for hidden stuff. Recover and Quarantine can not harm you but "Prefetch" could and we have cleaned that "Prefetch" folder twice with ATF-Cleaner? Open ATF-Cleaner and look at the seventh item down. Go ahead and click "Select All" and "Empty Selected" again. Keep in mind Prefetch does not need cleaned all of the time and it will slow your compouter until Windows repopulates it with stuff it needs to fetch quickly for you. http://www.windowsnetworking.com/articles_...refetch-XP.html Delete the contents of the Spybot S&D Recovery folder http://ict.cas.psu.edu/training/howto/util...ovespybot.htm#1 SDFix\backups\catchme.zip folder <<< delete SDFix completely from your computer. It does not update and needs to be downloaded new anytime it is needed. and we just covered that above, but now that Prefetch should be empty or close to it, navigate to that folder:C:\Windows\Prefetch\ and make sure that item in red is not there. I posted this information for you at the start: C:\WINDOWS\repair\smrs.exe http://www.sophos.com/virusinfo/analyses/w32agobotrc.html I personally dropped McAfee after using it for years because this new program is so hugh and slows the computer. There is little doubt the program has been compromised, but I would strongly suggest you seek the help of tech support just in case you have issues. Once you have McAfee up and running, check back with me (I will leave your topic open) so we can do a final online scan and take a final look at a HJT log. Thanks...Phil
  17. Thanks for returning your information and the feedback. You will need to take up McAfee issues with McAfee. They will probably have you uninstall and reinstall. I am wondering why this item is still in the HJT log: F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\ntos.exe, You said: Here in the SDFix log it is indicated as being deleted: C:\WINDOWS\system32\ntos.exe - Deleted Use Search companion, Start > Search > All Files and Folders and do a seatch for that file: ntos.exe <<< let's make sure it is not anywhere on the computer. Allow time for search to complete, there are a lot of files to search. Make sure all files and folders are enabled: http://www.xtra.co.nz/help/0,,4155-1916458,00.html Besides the McAfee issues, any other malware problems? http://service.mcafee.com/ Thanks
  18. Please read and follow the directions carefully. 1) Make sure files and folders are visible. 2) Disable the Service Click Start > Run and type services.msc Scroll down to aawservice and right click on it. Click Properties and under Service Status click Stop, then under Startup Type change it to Disabled. Do the same with these two: SrV-AOLv3 Sys_SM-Service 3) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items: (make sure you are checking each of these items) F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\ntos.exe, O23 - Service: aawservice - Unknown owner - C:\WINDOWS\TEMP\254656.exe (file missing) O23 - Service: SrV-AOLv3 - Unknown owner - C:\WINDOWS\System32\dllcache\aolserver.exe O23 - Service: Sys_SM-Service - Unknown owner - C:\WINDOWS\repair\smrs.exe Close all programs but HJT and all browser windows, then click on "Fix Checked" 4) RIGHT Click on Start then click on Explore. Locate and delete these items: C:\WINDOWS\system32\ntos.exe <<< be sure this file is gone, make me aware of that fact! C:\WINDOWS\System32\dllcache\aolserver.exe <<< delete that file C:\WINDOWS\repair\smrs.exe <<< delete that file C:\WINDOWS\TEMP\ <<< delete the contents of that TEMP folder 5) Run ATF Cleaner Double-click ATF-Cleaner.exe to run the program. Click Select All found at the bottom of the list. Click the Empty Selected button. Click Exit on the Main menu to close the program. Restart the computer and post a new HJT log. Tell me how the computer runs now. Thanks
  19. Please turn off "Word Wrap" in Notepad and leave it off until we finish when you post HJT logs. Notepad > Format > Word Wrap unchecked. Post a new HJT log. Thanks
  20. Thanks for returning your information: I need your to check a couple of files, your will need to enable all files and folders to do it: How to make files and folders visible: Click Start > Open My Computer. Select the Tools menu and click Folder Options. Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders. Uncheck: Hide file extensions for known file types Uncheck the Hide protected operating system files (recommended) option. Click Yes to confirm. Click OK. You may reverse this for safety when we are finished. Use one or more of these free online scan and post the results: http://virusscan.jotti.org/ http://www.kaspersky.com/scanforvirus http://www.virustotal.com/ These are the files to scan: C:\WINDOWS\repair\smrs.exe C:\WINDOWS\System32\rsvp.exe C:\WINDOWS\System32\dllcache\aolserver.exe 1) Please download ATF Cleaner by Atribune http://www.atribune.org/content/view/25/2/ Save it to your Desktop. We will use this later. 2) Disable the Service Click Start > Run and type services.msc Scroll down to acif3vaniqa7a and right click on it. Click Properties and under Service Status click Stop, then under Startup Type change it to Disabled. RasMan and TapiSrv <<< do the same thing for those two services in red. 3) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items: F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file) O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - (no file) O3 - Toolbar: File Print FedEx Kinko's - {9566395f-43d2-4c64-b525-b501ffa276e2} - mscoree.dll (file missing) O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - (no file) Close all programs but HJT and all browser windows, then click on "Fix Checked" 4) RIGHT Click on Start then click on Explore. Locate and delete these items: C:\WINDOWS\TEMP\ <<< delete the contents of that TEMP folder (not the folder) C:\WINDOWS\system32\ntos.exe<<< delete that file if there 5) Run ATF Cleaner Double-click ATF-Cleaner.exe to run the program. Click Select All found at the bottom of the list. Click the Empty Selected button. Click Exit on the Main menu to close the program. Post the information from the file scan and a new HJT log. Thanks
  21. You are doing fine now, just click on "New Reply" then copy/paste your information, do not quote or code. Read and follow the instructions carefully, the tools will not work unless you do. Thanks to andymanchesta and anyone else who helped with the fix. Download SDFix and save it to your Desktop http://downloads.andymanchesta.com/RemovalTools/SDFix.exe Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix) Please then reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Choose your usual account. Open the extracted SDFix folder and double click RunThis.bat to start the script. Type Y to begin the cleanup process. It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot. Press any Key and it will restart the PC. When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons. Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the forum). Finally paste the contents of the Report.txt back on the forum with a new HijackThis log Thanks
  22. For your information: http://www.microsoft.com/windowsxp/using/h...ps/mcgill1.mspx Some good information for you: http://users.telenet.be/bluepatchy/miekiem...owcomputer.html Here is some great information from experts in this field that will help you stay clean and safe online. http://users.telenet.be/bluepatchy/miekiem...prevention.html http://forums.spybot.info/showthread.php?t=279 http://russelltexas.com/malware/allclear.htm http://forum.malwareremoval.com/viewtopic.php?t=14 http://www.bleepingcomputer.com/forums/topict2520.html http://cybercoyote.org/security/not-admin.shtml Thanks...pskelley http://pcpitstop.com/about/supportus.asp If you are reading this information...thank a teacher, If you are reading it in English...thank a soldier.
  23. OK, we will proceed as you wish. I would appreciate it if you would not quote my instructions, waste of space and we can both scroll back to see what I said. Start by deleted the out of date version of HJT you are running: C:\Program Files\HijackThis\HijackThis.exe Follow these directions to get the new version and properly position it. Download Trend Micro Hijack This™ http://download.bleepingcomputer.com/hijac.../HJTInstall.exe Doubleclick the HJTInstall.exe to start it. By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut. HijackThis will open after install. Press the Scan button below. This will start the scan and open a log. Copy and paste the contents of the log in your next reply. Keep this computer offline except when you are troubleshooting, as soon as I see a new HJT log with version 2.0.2 I will post the first instructions. Thanks
  24. I would say that is a clean computer
  25. That does not help a whole lot, look in the Norton Quarantine folder to see if the junk is there: http://service1.symantec.com/SUPPORT/nav.n...000041213443506 If not, follow these instructions to give Kaspersky a look: Run this online scan using Internet Explorer: Kaspersky Online Scanner from http://www.kaspersky.com/virusscanner Next Click on Launch Kaspersky Online Scanner You will be prompted to install an ActiveX component from Kaspersky, Click Yes. * The program will launch and then begin downloading the latest definition files: * Once the files have been downloaded click on NEXT * Now click on Scan Settings * In the scan settings make that the following are selected: * Scan using the following Anti-Virus database: * Standard * Scan Options: * Scan Archives * Scan Mail Bases * Click OK * Now under select a target to scan: * Select My Computer * This will program will start and scan your system. * The scan will take a while so be patient and let it run. * Once the scan is complete it will display if your system has been infected. * Now click on the Save as Text button: * Save the file to your desktop. Then post it here. Thanks
×
×
  • Create New...