Tech Support Forum - View Single Post

sUBs · 07-15-2005, 09:12 PM

Did you see that?

We burnt it's house down & it shifted to the system32 directory.

Download & launch APT.
Locate the process - C:\WINDOWS\system32\rpen.exe
Select Kill 3

===================

Then, start KillBox & paste the following locations into KillBox:

C:\WINDOWS\system32\rpen.exe

Checkmark the following boxes :

Replace on Reboot
End Explorer Shell While Killing File
Use Dummy

Click the RED X button and
Answer YES when asked to confirm file deletion
Answer YES when prompted to reboot now

===================

Upon reboot, download this file & unzip it to a folder on Desktop.
Within that folder, double click on activesetup.vbs.

When it has finished running, it will pop up a 'Finish" message. A log will be created within that folder.
Post the contents of that log in your next reply along with fresh copies of HJT log & a new SilentRunner log.

07-15-2005, 09:12 PM	#14 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,328 OS: N/A	Did you see that? We burnt it's house down & it shifted to the system32 directory. Download & launch APT. Locate the process - C:\WINDOWS\system32\rpen.exe Select Kill 3 =================== Then, start KillBox & paste the following locations into KillBox: C:\WINDOWS\system32\rpen.exe Checkmark the following boxes : Replace on Reboot End Explorer Shell While Killing File Use Dummy Click the RED X button and Answer YES when asked to confirm file deletion Answer YES when prompted to reboot now =================== Upon reboot, download this file & unzip it to a folder on Desktop. Within that folder, double click on activesetup.vbs. When it has finished running, it will pop up a 'Finish" message. A log will be created within that folder. Post the contents of that log in your next reply along with fresh copies of HJT log & a new SilentRunner log. __________________ Question - what have you done for the community today?