Tech Support Forum - View Single Post

Gary R · 11-01-2008, 10:54 AM

OK, I'd like to have a look at your Event Viewer logs to see if we can see why you're getting the notifications.

Download OTScanIt.exe by OldTimer to your Desktop.

Double-click on it to extract the files.
It will create a folder named OTScanIt on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.

Close ALL OTHER PROGRAMS.
Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator).
Next click the None button to de-select all options. (otherwise we'll get a very long log)
- Under Additional Scans click the checkbox in front of the following item to select it:
  - Evnt - Event Viewer Errors/Warnings (last 7 days)
Do not change any other settings.
Now click the Run Scan button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. Make sure that the first line is code with brackets around it [] and that the last line is /code with brackets around it [].

11-01-2008, 10:54 AM	#12 (permalink)
Gary R Analyst, Security Team Join Date: Jul 2008 Posts: 110 OS: XP SP2	Re: Infected with brastk.exe, wini10802.exe? OK, I'd like to have a look at your Event Viewer logs to see if we can see why you're getting the notifications. Download OTScanIt.exe by OldTimer to your Desktop. Double-click on it to extract the files. It will create a folder named OTScanIt on your desktop. Note: You must be logged on to the system with an account that has Administrator privileges to run this program. Close ALL OTHER PROGRAMS. Open the OTScanIt folder and double-click on OTScanIt.exe to start the program (if you are running on Vista then right-click the program and choose Run as Administrator). Next click the None button to de-select all options. (otherwise we'll get a very long log) Under Additional Scans click the checkbox in front of the following item to select it: Evnt - Event Viewer Errors/Warnings (last 7 days) Do not change any other settings. Now click the Run Scan button on the toolbar. Let it run unhindered until it finishes. When the scan is complete Notepad will open with the report file loaded in it. Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it. Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in. Make sure that the first line is code with brackets around it [] and that the last line is /code with brackets around it []. __________________ Last edited by Gary R; 11-01-2008 at 10:56 AM.