Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

unknown malware [RESOLVED]


  • This topic is locked This topic is locked

#46
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts

Can you download this customized version of HijackThis:
http://www.geekstogo...=download&id=50

and follow the instructions here to post a both.log
http://home.planet.n...on.html#BOTHLOG

Regards,

View Post


That part please.
  • 0

Advertisements


#47
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
Here's the both.log:

Logfile of HijackThis v1.99.1
Scan saved at 9:36:51 PM, on 6/23/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE
C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE
C:\WINDOWS\soundman.exe
C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\progra~1\mcafee\MCAFEE~3\MssCli.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFAGENT.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe
C:\WINDOWS\System32\ups.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\HJT and more 1\HijackThis.exe
C:\WINDOWS\system32\ping.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Privacy Service Helper Object - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Program Files\McAfee\McAfee Privacy Service\GDIEHELP.DLL
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\GNETMOUS.EXE
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [McAfee Guardian] C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe /SU
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~3\MssCli.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFTRAY.EXE
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Privacy Bar - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\Program Files\McAfee\McAfee Privacy Service\GDIEHELP.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....467&clcid=0x409
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcaf...90/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1116515090922
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcaf...,23/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDA07E47-DA14-4C18-8C66-C9F7EDFE1D12}: NameServer = 213.157.176.3,213.157.176.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{F27196C4-5FB7-405D-94F4-320A5D32799A}: NameServer = 213.157.176.3,213.157.176.2
O20 - Winlogon Notify: PCANotify - C:\WINDOWS\SYSTEM32\PCANotify.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: McAfee Privacy Service (GuardDogEXE) - Unknown owner - C:\Program Files\McAfee\McAfee Privacy Service\GUARDDOG.EXE" /SERVICE (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\MCAFEE.COM\PERSON~1\MPFSERVICE.exe

doesn't exist HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
doesn't exist HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
doesn't exist HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe
doesn't exist HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iexplorer.exe
-----------------------
-----------------------
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="soundman.exe"
"mouseElf"="C:\\PROGRA~1\\GENIUS~1\\GNETMOUS.EXE"
"MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
"MCUpdateExe"="C:\\PROGRA~1\\mcafee.com\\agent\\McUpdate.exe"
"McAfee Guardian"="C:\\Program Files\\McAfee\\McAfee Shared Components\\Guardian\\CMGrdian.exe /SU"
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"_AntiSpyware"="c:\\progra~1\\mcafee\\MCAFEE~3\\MssCli.exe"
"MPFExe"="C:\\PROGRA~1\\MCAFEE.COM\\PERSON~1\\MPFTRAY.EXE"
"WinPatrol"="C:\\PROGRA~1\\BILLPS~1\\WINPAT~1\\winpatrol.exe"
"VSOCheckTask"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcmnhdlr.exe\" /checktask"
"VirusScan Online"="\"c:\\PROGRA~1\\mcafee.com\\vso\\mcvsshld.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]


[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\BriefcaseMenu]
@="{85BBD920-42A0-1069-A2E4-08002B30309D}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido]
@="{57BD36D7-CE32-4600-9B1C-1A0C47EFC02E}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files]
@="{750fdf0e-2a26-11d1-a3ea-080036587f03}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With]
@="{09799AFB-AD67-11d1-ABCD-00C04FC30936}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu]
@="{A470F8CF-A1E8-4f65-8335-227475AA5C46}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\PowerDesk Menu]
@="{26E7F081-EB97-11d3-9239-006008D2D00F}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR]
@="{B41DB860-8EE4-11D2-9906-E49FADC173CA}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail]
@="{5464D816-CF16-4784-B9F3-75C0DB52B499}"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}]
@="Start Menu Pin"

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{CFC7205E-2792-4378-9591-3879CC6C9022}]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

Scheduled Tasks Folder Contents
*
C:\WINDOWS\Tasks\desktop.ini
C:\WINDOWS\Tasks\SA.DAT
C:\WINDOWS\Tasks\McAfee.com Update Check (HOME-GD6EI2KFXM-zuzu).job
C:\WINDOWS\Tasks\McAfee.com Update Check (HOME-GD6EI2KFXM-Arty).job
C:\WINDOWS\Tasks\McAfee.com Update Check (ATOMIC_BROTHERS-zuzu).job
C:\WINDOWS\Tasks\McAfee.com Update Check (HOME-GD6EI2KFXM-Guest).job
C:\WINDOWS\Tasks\McAfee AntiSpyware.job
  • 0

#48
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Can you do a Find Files for:

loadctr.exe (probably in C:\WINDOWS\SYSTEM32 )

Let me know if it is found and if you can find other files again that arrived at the same time.

Regards,
  • 0

#49
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Also do a Find Files for thx.drv

Let me know if and where you find that as well.

Regards,
  • 0

#50
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
This morning when i launched IE ewido cleaned again these 3 files: x.exe, rdsndin.exe, cisvvc.exe. Then I performed the search for the 2 files u asked, but couldn't find anyone!
  • 0

#51
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Download PFind.zip and unzip the contents to its own permanent folder.

Important! Reboot in SAFE MODE !!

Start in Safe Mode Using the F8 method:
  • Restart the computer in Safe Mode.
  • As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Options menu appears.
  • Use the arrow keys to select the Safe Mode menu item.
  • Press the Enter key.
Locate the pfind.bat file and double-click it to run it. It will start scanning your computer and could take a little while so be patient. When the DOS window closes, reboot back to normal mode.

Regards,
  • 0

#52
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
I guess this is what u needed:

Files found with this application may be legitimate.
Only remove files that you know are malware related.


Checking the C: folder

C:\win.txt: C:\WINDOWS\system32\ntfsnlpa.exe: UPX!
C:\win.txt: C:\WINDOWS\system32\ams491.dat: UPX!
C:\win.txt: C:\WINDOWS\system32\Butterfly Oasis Screensaver.scr: UPX!
C:\windows.txt: C:\WINDOWS\RLUninstall.exe: UPX!
C:\windows.txt: C:\WINDOWS\daemon.dll: UPX!


Checking the C:\Program Files folder



Checking the C:\WINDOWS folder

C:\WINDOWS\RLUninstall.exe: UPX!
C:\WINDOWS\daemon.dll: UPX!


Checking the C:\WINDOWS\SYSTEM32 folder

C:\WINDOWS\SYSTEM32\ntfsnlpa.exe: UPX!
C:\WINDOWS\SYSTEM32\ntdll.dll: .aspack
C:\WINDOWS\SYSTEM32\Incinerator.dll: .aspack
C:\WINDOWS\SYSTEM32\Butterfly Oasis Screensaver.scr: UPX!


Checking all directories under the C:\WINDOWS\SYSTEM32\drivers folder



Checking the C:\Documents and Settings\All Users\Start Menu\programs\Startup\ folder




Checking the C:\Documents and Settings\All Users\Application Data folder




Checking the C:\Documents and Settings\Administrator\Start Menu\programs\Startup\ folder




Checking the C:\Documents and Settings\Administrator\Application Data folder




Checking the Windows folder for system and hidden files within the last 60 days


C:\WINDOWS\
window~1.man Mon Jun 13 2005 10:54:48a A..H. 749 0.73 K
winnt.bmp Mon Jun 13 2005 10:54:50a A..H. 48,680 47.54 K
qtfont.qfn Thu Jun 23 2005 5:45:52p A..H. 54,156 52.89 K

C:\WINDOWS\DOWNLO~1\
desktop.ini Mon Jun 13 2005 10:34:38a A..H. 65 0.06 K

C:\WINDOWS\FONTS\
8514fix.fon Mon Jun 13 2005 10:34:44a A..H. 10,976 10.72 K
8514fixe.fon Mon Jun 13 2005 10:34:44a A..H. 10,976 10.72 K
8514fixg.fon Mon Jun 13 2005 10:34:44a A..H. 11,520 11.25 K
8514fixr.fon Mon Jun 13 2005 10:34:44a A..H. 10,976 10.72 K
8514fixt.fon Mon Jun 13 2005 10:34:44a A..H. 11,488 11.22 K
8514oeme.fon Mon Jun 13 2005 10:34:44a A..H. 13,248 12.94 K
8514oemg.fon Mon Jun 13 2005 10:34:44a A..H. 12,800 12.50 K
8514oemr.fon Mon Jun 13 2005 10:34:44a A..H. 13,200 12.89 K
8514oemt.fon Mon Jun 13 2005 10:34:44a A..H. 12,720 12.42 K
8514sys.fon Mon Jun 13 2005 10:34:44a A..H. 9,280 9.06 K
8514syse.fon Mon Jun 13 2005 10:34:44a A..H. 9,504 9.28 K
8514sysg.fon Mon Jun 13 2005 10:34:44a A..H. 9,856 9.63 K
8514sysr.fon Mon Jun 13 2005 10:34:46a A..H. 10,064 9.83 K
8514syst.fon Mon Jun 13 2005 10:34:46a A..H. 9,792 9.56 K
85775.fon Mon Jun 13 2005 10:34:46a A..H. 12,304 12.02 K
85855.fon Mon Jun 13 2005 10:34:46a A..H. 12,256 11.97 K
85f1257.fon Mon Jun 13 2005 10:34:46a A..H. 10,976 10.72 K
85s1257.fon Mon Jun 13 2005 10:34:46a A..H. 9,472 9.25 K
app775.fon Mon Jun 13 2005 10:34:46a A..H. 35,808 34.97 K
app850.fon Mon Jun 13 2005 10:34:46a A..H. 36,672 35.81 K
app852.fon Mon Jun 13 2005 10:34:46a A..H. 36,656 35.80 K
app855.fon Mon Jun 13 2005 10:34:46a A..H. 37,296 36.42 K
app857.fon Mon Jun 13 2005 10:34:46a A..H. 36,672 35.81 K
app866.fon Mon Jun 13 2005 10:34:46a A..H. 37,472 36.59 K
cga40737.fon Mon Jun 13 2005 10:34:46a A..H. 7,216 7.05 K
cga40850.fon Mon Jun 13 2005 10:34:46a A..H. 6,352 6.20 K
cga40852.fon Mon Jun 13 2005 10:34:46a A..H. 6,672 6.52 K
cga40857.fon Mon Jun 13 2005 10:34:48a A..H. 6,672 6.52 K
cga40866.fon Mon Jun 13 2005 10:34:48a A..H. 7,232 7.06 K
cga40869.fon Mon Jun 13 2005 10:34:48a A..H. 7,216 7.05 K
cga40woa.fon Mon Jun 13 2005 10:34:48a A..H. 6,336 6.19 K
cga80737.fon Mon Jun 13 2005 10:34:48a A..H. 5,168 5.05 K
cga80850.fon Mon Jun 13 2005 10:34:48a A..H. 4,320 4.22 K
cga80852.fon Mon Jun 13 2005 10:34:48a A..H. 5,200 5.08 K
cga80857.fon Mon Jun 13 2005 10:34:48a A..H. 4,640 4.53 K
cga80866.fon Mon Jun 13 2005 10:34:48a A..H. 5,168 5.05 K
cga80869.fon Mon Jun 13 2005 10:34:48a A..H. 5,168 5.05 K
cga80woa.fon Mon Jun 13 2005 10:34:48a A..H. 4,304 4.20 K
coue1257.fon Mon Jun 13 2005 10:34:48a A..H. 23,440 22.89 K
couf1257.fon Mon Jun 13 2005 10:34:48a A..H. 31,760 31.02 K
coure.fon Mon Jun 13 2005 10:34:48a A..H. 23,408 22.86 K
couree.fon Mon Jun 13 2005 10:34:48a A..H. 23,440 22.89 K
coureg.fon Mon Jun 13 2005 10:34:48a A..H. 25,024 24.44 K
courer.fon Mon Jun 13 2005 10:34:50a A..H. 23,440 22.89 K
couret.fon Mon Jun 13 2005 10:34:50a A..H. 25,024 24.44 K
courf.fon Mon Jun 13 2005 10:34:50a A..H. 31,712 30.97 K
courfe.fon Mon Jun 13 2005 10:34:50a A..H. 31,776 31.03 K
courfg.fon Mon Jun 13 2005 10:34:50a A..H. 33,344 32.56 K
courfr.fon Mon Jun 13 2005 10:34:50a A..H. 31,808 31.06 K
courft.fon Mon Jun 13 2005 10:34:50a A..H. 33,360 32.58 K
desktop.ini Mon Jun 13 2005 10:34:50a A..H. 67 0.06 K
dos737.fon Mon Jun 13 2005 10:34:50a A..H. 36,336 35.48 K
dosapp.fon Mon Jun 13 2005 10:34:50a A..H. 36,656 35.80 K
ega40737.fon Mon Jun 13 2005 10:34:50a A..H. 9,248 9.03 K
ega40850.fon Mon Jun 13 2005 10:34:50a A..H. 8,384 8.19 K
ega40852.fon Mon Jun 13 2005 10:34:50a A..H. 8,368 8.17 K
ega40857.fon Mon Jun 13 2005 10:34:50a A..H. 8,704 8.50 K
ega40866.fon Mon Jun 13 2005 10:34:50a A..H. 9,232 9.02 K
ega40869.fon Mon Jun 13 2005 10:34:50a A..H. 9,248 9.03 K
ega40woa.fon Mon Jun 13 2005 10:34:50a A..H. 8,368 8.17 K
ega80737.fon Mon Jun 13 2005 10:34:50a A..H. 6,192 6.05 K
ega80850.fon Mon Jun 13 2005 10:34:50a A..H. 5,328 5.20 K
ega80852.fon Mon Jun 13 2005 10:34:52a A..H. 5,344 5.22 K
ega80857.fon Mon Jun 13 2005 10:34:52a A..H. 5,648 5.52 K
ega80866.fon Mon Jun 13 2005 10:34:52a A..H. 5,280 5.16 K
ega80869.fon Mon Jun 13 2005 10:34:52a A..H. 6,192 6.05 K
ega80woa.fon Mon Jun 13 2005 10:34:52a A..H. 5,312 5.19 K
sere1257.fon Mon Jun 13 2005 10:34:54a A..H. 59,024 57.64 K
serf1257.fon Mon Jun 13 2005 10:34:54a A..H. 84,080 82.11 K
serife.fon Mon Jun 13 2005 10:34:54a A..H. 57,936 56.58 K
serifee.fon Mon Jun 13 2005 10:34:54a A..H. 59,952 58.55 K
serifeg.fon Mon Jun 13 2005 10:34:54a A..H. 60,752 59.33 K
serifer.fon Mon Jun 13 2005 10:34:56a A..H. 63,296 61.81 K
serifet.fon Mon Jun 13 2005 10:34:56a A..H. 61,024 59.59 K
seriff.fon Mon Jun 13 2005 10:34:56a A..H. 81,728 79.81 K
seriffe.fon Mon Jun 13 2005 10:34:56a A..H. 85,360 83.36 K
seriffg.fon Mon Jun 13 2005 10:34:56a A..H. 86,256 84.23 K
seriffr.fon Mon Jun 13 2005 10:34:56a A..H. 90,736 88.61 K
serifft.fon Mon Jun 13 2005 10:34:56a A..H. 84,848 82.86 K
smae1257.fon Mon Jun 13 2005 10:34:56a A..H. 24,672 24.09 K
smaf1257.fon Mon Jun 13 2005 10:34:56a A..H. 19,904 19.44 K
smalle.fon Mon Jun 13 2005 10:34:56a A..H. 26,112 25.50 K
smallee.fon Mon Jun 13 2005 10:34:56a A..H. 24,784 24.20 K
smalleg.fon Mon Jun 13 2005 10:34:56a A..H. 28,912 28.23 K
smaller.fon Mon Jun 13 2005 10:34:56a A..H. 24,832 24.25 K
smallet.fon Mon Jun 13 2005 10:34:56a A..H. 29,200 28.52 K
smallf.fon Mon Jun 13 2005 10:34:56a A..H. 21,504 21.00 K
smallfe.fon Mon Jun 13 2005 10:34:56a A..H. 19,600 19.14 K
smallfg.fon Mon Jun 13 2005 10:34:56a A..H. 23,120 22.58 K
smallfr.fon Mon Jun 13 2005 10:34:58a A..H. 19,760 19.30 K
smallft.fon Mon Jun 13 2005 10:34:58a A..H. 23,008 22.47 K
ssee1257.fon Mon Jun 13 2005 10:34:58a A..H. 65,456 63.92 K
ssef1257.fon Mon Jun 13 2005 10:34:58a A..H. 90,336 88.22 K
sserife.fon Mon Jun 13 2005 10:34:58a A..H. 64,656 63.14 K
sserifeg.fon Mon Jun 13 2005 10:34:58a A..H. 65,328 63.80 K
sserifer.fon Mon Jun 13 2005 10:34:58a A..H. 68,848 67.23 K
sserifet.fon Mon Jun 13 2005 10:34:58a A..H. 64,400 62.89 K
sseriff.fon Mon Jun 13 2005 10:34:58a A..H. 89,856 87.75 K
sseriffe.fon Mon Jun 13 2005 10:34:58a A..H. 92,032 89.88 K
sseriffg.fon Mon Jun 13 2005 10:34:58a A..H. 90,288 88.17 K
sseriffr.fon Mon Jun 13 2005 10:34:58a A..H. 98,256 95.95 K
sserifft.fon Mon Jun 13 2005 10:34:58a A..H. 89,456 87.36 K
vga737.fon Mon Jun 13 2005 10:35:02a A..H. 5,168 5.05 K
vga775.fon Mon Jun 13 2005 10:35:02a A..H. 5,168 5.05 K
vga850.fon Mon Jun 13 2005 10:35:02a A..H. 5,232 5.11 K
vga852.fon Mon Jun 13 2005 10:35:02a A..H. 6,160 6.02 K
vga855.fon Mon Jun 13 2005 10:35:02a A..H. 5,120 5.00 K
vga857.fon Mon Jun 13 2005 10:35:02a A..H. 5,552 5.42 K
vga860.fon Mon Jun 13 2005 10:35:02a A..H. 5,184 5.06 K
vga863.fon Mon Jun 13 2005 10:35:02a A..H. 5,200 5.08 K
vga865.fon Mon Jun 13 2005 10:35:02a A..H. 5,184 5.06 K
vga866.fon Mon Jun 13 2005 10:35:02a A..H. 6,128 5.98 K
vga869.fon Mon Jun 13 2005 10:35:02a A..H. 5,184 5.06 K
vgaf1257.fon Mon Jun 13 2005 10:35:02a A..H. 5,376 5.25 K
vgafix.fon Mon Jun 13 2005 10:35:02a A..H. 5,360 5.23 K
vgafixe.fon Mon Jun 13 2005 10:35:04a A..H. 5,376 5.25 K
vgafixg.fon Mon Jun 13 2005 10:35:04a A..H. 6,112 5.97 K
vgafixr.fon Mon Jun 13 2005 10:35:04a A..H. 5,600 5.47 K
vgafixt.fon Mon Jun 13 2005 10:35:04a A..H. 6,112 5.97 K
vgaoem.fon Mon Jun 13 2005 10:35:04a A..H. 5,168 5.05 K
vgas1257.fon Mon Jun 13 2005 10:35:04a A..H. 6,656 6.50 K
vgasys.fon Mon Jun 13 2005 10:35:04a A..H. 7,280 7.11 K
vgasysg.fon Mon Jun 13 2005 10:35:04a A..H. 7,008 6.84 K
vgasysr.fon Mon Jun 13 2005 10:35:04a A..H. 6,912 6.75 K
vgasyst.fon Mon Jun 13 2005 10:35:04a A..H. 6,912 6.75 K

C:\WINDOWS\INF\
oem7.inf Thu May 19 2005 6:06:48p ...H. 0 0.00 K

C:\WINDOWS\OFFLIN~1\
desktop.ini Mon Jun 13 2005 10:39:48a A..H. 65 0.06 K

C:\WINDOWS\SYSTEM32\
cdplay~1.man Mon Jun 13 2005 10:42:08a A..H. 749 0.73 K
thumbs.db Mon Jun 13 2005 10:46:58a A..H. 9,728 9.50 K
logonu~1.man Mon Jun 13 2005 10:49:30a A..H. 488 0.48 K
ncpacp~1.man Mon Jun 13 2005 10:50:44a A..H. 749 0.73 K
nwccpl~1.man Mon Jun 13 2005 10:51:04a A..H. 749 0.73 K
sapicp~1.man Mon Jun 13 2005 10:52:20a A..H. 749 0.73 K
window~1.man Mon Jun 13 2005 10:54:08a A..H. 488 0.48 K
wuaucp~1.man Mon Jun 13 2005 10:54:20a A..H. 749 0.73 K

C:\WINDOWS\TASKS\
desktop.ini Mon Jun 13 2005 10:54:42a A..H. 65 0.06 K
sa.dat Fri Jun 24 2005 1:12:40p A..H. 6 0.00 K

C:\WINDOWS\SYSTEM32\CONFIG\
default.log Fri Jun 24 2005 1:12:54p A..H. 8,192 8.00 K
sam.log Fri Jun 24 2005 1:14:58p A..H. 1,024 1.00 K
security.log Fri Jun 24 2005 1:13:54p A..H. 20,480 20.00 K
software.log Fri Jun 24 2005 1:12:54p A..H. 176,128 172.00 K
system.log Fri Jun 24 2005 1:14:00p A..H. 32,768 32.00 K
tempkey.log Mon Jun 13 2005 10:42:26a A..H. 1,024 1.00 K
userdiff.log Mon Jun 13 2005 10:42:26a A..H. 1,024 1.00 K
softwa~1.log Fri May 27 2005 3:25:52p A..H. 0 0.00 K
system~1.log Fri May 27 2005 3:25:52p A..H. 0 0.00 K

C:\WINDOWS\SYSTEM32\P2PNET~1\
p2pnet~2.eng Mon Jun 13 2005 10:50:14a A..H. 9,205 8.99 K

C:\WINDOWS\SYSTEM32\OOBE\
thumbs.db Mon Jun 13 2005 10:51:44a A..H. 43,008 42.00 K

C:\WINDOWS\SYSTEM32\RESTORE\
filelist.xml Mon Jun 13 2005 10:55:56a ..SHR 19,528 19.07 K

C:\WINDOWS\PCHEALTH\HELPCTR\PACKAG~1\
instan~1.cab Mon Jun 13 2005 10:40:40a A..H. 2,357,298 2.25 M
packag~1.cab Mon Jun 13 2005 10:40:40a A..H. 242,478 236.79 K
packag~2.cab Mon Jun 13 2005 10:40:40a A..H. 19,959 19.49 K
packag~3.cab Mon Jun 13 2005 10:40:40a A..H. 727 0.71 K
packag~4.cab Mon Jun 13 2005 10:40:40a A..H. 7,068 6.90 K
pab9c9~1.cab Tue Jun 14 2005 2:38:38p ..SHR 305,145 297.99 K
pabdc9~1.cab Tue Jun 14 2005 2:41:32p ..SHR 68,327 66.72 K

C:\WINDOWS\SYSTEM32\CATROOT\{F750E~1\
fp4.cat Mon Jun 13 2005 10:56:12a ..S.. 31,281 30.55 K
hpcrdp.cat Mon Jun 13 2005 10:41:56a ..S.. 13,472 13.16 K
iasnt4.cat Mon Jun 13 2005 10:41:56a ..S.. 8,574 8.37 K
ims.cat Mon Jun 13 2005 10:56:00a ..S.. 13,753 13.43 K
mapimig.cat Mon Jun 13 2005 10:41:56a ..S.. 399,645 390.28 K
msmsgs.cat Mon Jun 13 2005 10:56:00a ..S.. 9,581 9.36 K
mstsweb.cat Mon Jun 13 2005 10:55:58a ..S.. 7,245 7.07 K
mw770.cat Mon Jun 13 2005 10:41:58a ..S.. 37,484 36.61 K
nt5.cat Mon Jun 13 2005 10:58:04a ..S.. 2,012,670 1.92 M
nt5iis.cat Mon Jun 13 2005 10:42:00a ..S.. 797,189 778.50 K
nt5inf.cat Mon Jun 13 2005 10:55:18a ..S.. 502,724 490.94 K
ntprint.cat Mon Jun 13 2005 10:56:14a ..S.. 1,086,058 1.04 M
wmfsdk.cat Mon Jun 13 2005 10:42:02a ..S.. 12,817 12.52 K
oem1.cat Mon Jun 13 2005 10:42:02a ..S.. 6,748 6.59 K
oem2.cat Mon Jun 13 2005 10:42:02a ..S.. 7,775 7.59 K
oembios.cat Mon Jun 13 2005 10:42:02a ..S.. 7,382 7.21 K
sp1.cat Mon Jun 13 2005 10:42:02a ..S.. 153,636 150.04 K
wmerrenu.cat Mon Jun 13 2005 10:56:14a ..S.. 7,334 7.16 K
kb896428.cat Tue May 10 2005 7:52:26p ..S.. 10,786 10.53 K
wmfsdk2.cat Mon Jun 13 2005 10:42:02a ..S.. 11,441 11.17 K
msn9.cat Mon Jun 13 2005 10:56:18a ..S.. 11,651 11.38 K
dxxp.cat Mon Jun 13 2005 10:42:02a ..S.. 33,339 32.55 K
dxbda.cat Mon Jun 13 2005 10:42:02a ..S.. 15,703 15.33 K
oem4.cat Mon Jun 13 2005 10:42:02a ..S.. 10,423 10.18 K
msn7.cat Mon Jun 13 2005 10:56:28a ..S.. 24,209 23.64 K
oem0.cat Mon Jun 13 2005 10:42:02a ..S.. 73,328 71.61 K
oem6.cat Mon Jun 13 2005 10:42:02a ..S.. 7,172 7.00 K
sp2.cat Mon Jun 13 2005 10:55:04a ..S.. 1,042,903 1018.46 K
tabletpc.cat Mon Jun 13 2005 10:55:12a ..S.. 110,116 107.54 K
wmdm.cat Mon Jun 13 2005 10:42:04a ..S.. 9,482 9.26 K
wmp.cat Mon Jun 13 2005 10:42:04a ..S.. 11,402 11.13 K
setup_wm.cat Mon Jun 13 2005 10:42:04a ..S.. 7,157 6.99 K
wmexpack.cat Mon Jun 13 2005 10:42:04a ..S.. 6,906 6.74 K
olddrm.cat Mon Jun 13 2005 10:42:04a ..S.. 10,009 9.77 K
oldwmf~1.cat Mon Jun 13 2005 10:42:04a ..S.. 12,817 12.52 K
oldwmdm.cat Mon Jun 13 2005 10:42:04a ..S.. 9,482 9.26 K
oldwmp.cat Mon Jun 13 2005 10:42:04a ..S.. 11,402 11.13 K
oldset~1.cat Mon Jun 13 2005 10:42:04a ..S.. 7,157 6.99 K
oem7.cat Mon Jun 13 2005 10:42:04a ..S.. 12,617 12.32 K
netfx.cat Mon Jun 13 2005 10:55:12a ..S.. 141,702 138.38 K
mediactr.cat Mon Jun 13 2005 10:55:12a ..S.. 31,965 31.21 K
kb893066.cat Wed May 25 2005 2:39:08p ..S.. 10,786 10.53 K
kb890046.cat Tue May 17 2005 11:23:22a ..S.. 11,845 11.57 K
kb896358.cat Thu May 26 2005 7:22:40p ..S.. 15,022 14.67 K
kb883939.cat Mon May 2 2005 2:12:58p ..S.. 18,615 18.18 K
kb8938~1.cat Wed May 4 2005 2:45:46p ..S.. 29,493 28.80 K
kb896422.cat Tue May 10 2005 10:34:26a ..S.. 10,786 10.53 K
ieexcep.cat Mon Jun 13 2005 10:42:06a ..S.. 31,020 30.29 K
oeexcep.cat Mon Jun 13 2005 10:42:06a ..S.. 28,189 27.53 K
scripten.cat Mon Jun 13 2005 10:42:06a ..S.. 10,092 9.86 K
q871260.cat Mon Jun 13 2005 10:42:06a ..S.. 9,432 9.21 K
drmclien.cat Mon Jun 13 2005 10:42:06a ..S.. 6,429 6.28 K
drm.cat Mon Jun 13 2005 10:42:06a ..S.. 10,009 9.77 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\
ntuser~1.log Mon Jun 20 2005 5:59:04p A..H. 1,024 1.00 K

C:\WINDOWS\SYSTEM32\OOBE\IMAGES\
thumbs.db Mon Jun 13 2005 10:51:34a A..H. 72,192 70.50 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\APPLIC~1\
desktop.ini Mon Jun 13 2005 10:42:22a A..H. 62 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\
desktop.ini Mon Jun 13 2005 10:42:22a A..H. 62 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\SENDTO\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 181 0.18 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 62 0.06 K

C:\WINDOWS\SYSTEM32\MICROS~1\PROTECT\S-1-5-18\
9cf4d5~1 Mon Jun 13 2005 10:52:00a A..H. 388 0.38 K
prefer~1 Mon Jun 13 2005 10:52:00a A..H. 24 0.02 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\HISTORY\
desktop.ini Mon Jun 13 2005 10:42:22a ..SH. 113 0.11 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\
desktop.ini Mon Jun 13 2005 10:42:24a ..SH. 67 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\PROGRAMS\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 206 0.20 K

C:\WINDOWS\SYSTEM32\MICROS~1\PROTECT\S-1-5-18\USER\
116767~1 Mon Jun 13 2005 10:52:00a A..H. 388 0.38 K
prefer~1 Tue Jun 14 2005 3:37:40p A..H. 24 0.02 K
21dea3~1 Tue Jun 14 2005 3:37:40p A.SH. 388 0.38 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\HISTORY\HISTORY.IE5\
desktop.ini Mon Jun 13 2005 10:42:22a ..SH. 113 0.11 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\CONTENT.IE5\
desktop.ini Mon Jun 13 2005 10:42:24a ..SH. 67 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\PROGRAMS\ACCESS~1\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 482 0.47 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\PROGRAMS\STARTUP\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 84 0.08 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\CONTENT.IE5\9TYXZU20\
desktop.ini Mon Jun 13 2005 10:42:22a A..H. 67 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\CONTENT.IE5\FFQMK1QR\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 67 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\CONTENT.IE5\TC12LM8O\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 67 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\LOCALS~1\TEMPOR~1\CONTENT.IE5\YA5NBBGD\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 67 0.06 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\PROGRAMS\ACCESS~1\ACCESS~1\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 348 0.34 K

C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\STARTM~1\PROGRAMS\ACCESS~1\ENTERT~1\
desktop.ini Mon Jun 13 2005 10:42:24a A..H. 84 0.08 K

237 items found: 237 files, 0 directories.
Total of file sizes: 13,626,055 bytes 12.99 M
  • 0

#53
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
That is what I needed, yes.

Can you find this file for me:

C:\WINDOWS\window~1.man
The filename is abbreviated so if necessary you can do a Find Files for window*.man

Upload it to the same thread at TheSpykiller you used before please.

Regards,
  • 0

#54
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
I didn't find the specified file! :tazz:
  • 0

#55
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
Let's see if Killbox can.

*In the killbox program, select the Delete on Reboot option.
*Copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\system32\ntfsnlpa.exe
C:\WINDOWS\system32\ams491.dat
C:\WINDOWS\RLUninstall.exe
C:\WINDOWS\window~1.man


*Return to Killbox, go to the File menu, and choose "Paste from Clipboard".
*Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

While your computer is restarting, tap the F8 key continually until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.

Then use the Disk Cleanup Utility to empty all your Temp folders.

Regards,
  • 0

Advertisements


#56
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
I have a problem with killbox.exe. I downloaded it from the link u provided in page 2, but when i go to the folder where i saved it i'm not able to see it. When i try to download it again and browse to the folder i put killbox before, i can see the application. Why is this happening?
  • 0

#57
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
I have no idea, but I couldn't make out if you are able to use it.

If you can't doubleclick on Killbox.exe you can also try staring it by putting the full path to the file in the Start > Run dialog box
or open Taskmanager (Ctrl-Alt-Del) and click New Task, then show the way to the file.

Let me know,
  • 0

#58
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
I managed to perform the killbox thing. Win patrol asked if i allow this program to run at startup %systemroot%\system32\dumprep 0 -u. What's it about?
  • 0

#59
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 31,675 posts
It's harmless but you dont need it:
http://www.liutiliti...ibrary/dumprep/

dumprep.exe forms a part of Microsoft Windows XP (and later versions), in-built fault logging software. Upon serious errors this program will write the details to a text file and request the information be sent to Microsoft. This program is a non-essential system process, and is installed for third party use.


http://castlecops.co...umprep_0_u.html

You can disable these by - right clicking on My Computer, selecting Properties and then the Advanced tab. Click on the Settings button in 'Startup and Recovery'. In the bottom pane - under 'Write debugging information' - click on the down arrow and then select 'None' - OK your way out


Regards,
  • 0

#60
phantomas

phantomas

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 114 posts
I keep being redirected... :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP