Tech Support Forum - View Single Post

Katana · 10-10-2008, 02:42 AM

The Kaspersky log shows an infected E-Mail in your Outlook outbox, I recommend that you delete all sent mail and empty the deleted folder.

Do you know anything about C:\Documents and Settings\Sims\RUNME.bat ?

OTMoveIt
Please download OTMoveIt3 by OldTimer and save it to your desktop

Double-click OTMoveIt3.exe to run it.
Copy the lines in the codebox below.

Code:

:Files
C:\Program Files\Lycos\IEagent\CSIEINST.DLL
C:\Program Files\Lycos\IEagent\CSTMINST.DLL
C:\Program Files\Lycos\IEagent\CSTVINST.DLL
C:\VundoFix Backups
C:\WINDOWS\ounist.exe
C:\WINDOWS\SYSTEM32\rhxjeaka.exe
C:\WINDOWS\SYSTEM32\vdskwmfa.exe

Return to OTMoveIt3, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.

Click the red Moveit! button.
Copy everything in the Results window (under the green bar), and paste it in your next reply.
Close OTMoveIt3

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post a final HJT log in your reply along wit the OTMI Log

10-10-2008, 02:42 AM	#26 (permalink)
Katana Analyst, Security Team Join Date: Nov 2007 Location: Manchester, UK Posts: 1,361 OS: W2K SP4 + XP SP2 + Vista	Re: "windows secuirty alret" popup The Kaspersky log shows an infected E-Mail in your Outlook outbox, I recommend that you delete all sent mail and empty the deleted folder. Do you know anything about C:\Documents and Settings\Sims\RUNME.bat ? OTMoveIt Please download OTMoveIt3 by OldTimer and save it to your desktop Double-click OTMoveIt3.exe to run it. Copy the lines in the codebox below. Code: :Files C:\Program Files\Lycos\IEagent\CSIEINST.DLL C:\Program Files\Lycos\IEagent\CSTMINST.DLL C:\Program Files\Lycos\IEagent\CSTVINST.DLL C:\VundoFix Backups C:\WINDOWS\ounist.exe C:\WINDOWS\SYSTEM32\rhxjeaka.exe C:\WINDOWS\SYSTEM32\vdskwmfa.exe Return to OTMoveIt3, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste. Click the red Moveit! button. Copy everything in the Results window (under the green bar), and paste it in your next reply. Close OTMoveIt3 If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. Please post a final HJT log in your reply along wit the OTMI Log __________________