|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
04-24-2007, 01:33 PM
|
#1 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Win32.Trojan.RX
Hello everyone,
I'm having an issue with a Trojan virus I believe. It's called Win32.Trojan.RX I've used SpybotS&D, Ad-Aware and "Avast!" to try and solve the problem, but it doesn't seem to want to go away (if I'm even getting rid of it to begin with.) It seemed to have also locked me out of my own Task Manager and probably changed some other settings. When I try to get into my task manager it says "Task Manager has been disabled by your administrator." The issue with that is, I am the only admin on my laptop. Avast detected something in the memory and wanted to do a boot-scan, however when tried to accept it said something along the lines of "Lacking Permission" meaning that I wasn't allowed to schedule a system boot. Recently, I've been getting a lot of spam to my e-mail address, (10 or so a day) which has never happed before in the 4 years of having this e-mail address. If theres a way to eradicate this issue once and for all without having to reformat (which I'm sure there is.) you would have my most sincerest gratitude. If there is any other additional information you may require, please let me know and I will be willing to comply. Last edited by ThePaper88; 04-24-2007 at 01:38 PM. Reason: made a mistake, very sorry! (will attach the Hijackthislog soon) |
|
     |
| Sponsored Links |
|
04-24-2007, 04:18 PM
|
#2 (permalink) | |
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Quote:
This is the Hijackthis log... I think I did everything correctly according to the tutorial. Last edited by ThePaper88; 04-24-2007 at 04:20 PM. |
|
|
|
|
|
04-25-2007, 07:50 AM
|
#3 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
Hi ThePaper88,
Welcome to Tech Support Forum!  I apologize for the delay getting to your log. The helpers here are all volunteers and we have been very busy here lately. If you are still having malware problems, I will be glad to help. OK, let’s do this first. Please run HijackThis and click "Scan". Place a check (tick) next to the following entries (if present): O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file) O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file) O2 - BHO: (no name) - {30000273-8230-4dd4-be4f-6889d1e74167} - (no file) O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file) O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file) O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file) O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file) O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file) O2 - BHO: Hgni_BHO - {888826A1-3C63-4687-8696-482FDBB129DF} - C:\WINDOWS\system32\hgni_ecol.dll O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file) O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file) O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file) O2 - BHO: msnhlp32.msn_hlp - {EEFBE5D6-FEFF-4CB4-AA26-6A464090CB89} - C:\WINDOWS\system32\msnhlp32.dll O4 - HKLM\..\Run: [uvnx] c:\windows\system32\uvnx.exe Close ALL programs and browsers (including this one), leaving ONLY HijackThis open, then click "Fix checked". Then please exit HijackThis. NEXT: Please download OTMoveIt by OldTimer:
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. After reboot, please run OTMoveIt again, follow the directions as above, and post the Results report for me to see. NEXT: Please go to: VirusTotal
Then please do the same as above for the following files: C:\WINDOWS\system32\idleserv.exe NEXT: Let's run some cleanup and diagnostic scans to make sure we're not leaving anything behind. Please download CCleaner (freeware) and save it to your desktop:
CAUTION: Please do NOT use the Issues button. This is a built-in registry cleaner. If you don’t know how to use it, you may cause irreparable damage to your system. NEXT: Please download ComboFix by sUBs: NOTE: In the event you already have ComboFix, this is a new version that I need you to download.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall. NEXT: Please do an online scan with Panda ActiveScan:
NEXT: Please do an online scan with Kaspersky Online Scanner:
Note for Internet Explorer 7 users: If at any time you have trouble with the Accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%. NEXT: Please REBOOT your computer normally into Windows and post these logs in your next reply:
(You might have to paste the logs in multiple posts in the event they are too long and breach the post length restrictions of the forum software). Also, please let me know how things are running now and if you encountered any problems while you were following the directions I posted.
__________________
 Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
04-25-2007, 02:55 PM
|
#4 (permalink) | |||
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Thank you for the welcoming!
I completely understand, and I greatly appreciate your time. Yes, I'm still have malware issues and it seems to get worse with time, like a deadly disease. After running Combofix, it restarted my computer unexpectedly and I lost the first OTMoveit results. So I re-ran it and this is what I came up with. Quote:
  Quote:
Quote:
List: 1. The results report from OTMoveIt. [x] 2. The reports from VirusTotal. [x] 3. The log from the ComboFix scan. [x] 4. The log from the Panda scan. [Error] 5. The log from the Kaspersky scan. [Error] 6. A new HijackThis log. [x] I couldn't run the Panda Scan, or the Kasperky Lab Scan. For some reason my Internet Explorer isn't working "because msvcl.dll was not found" or some such. When I try to install Internet Explorer 7 my computer goes to a blue screen then reboots. I hope those last two scans do not hinder the process of my CPU's recovery. Last edited by ThePaper88; 04-25-2007 at 03:01 PM. |
|||
|
|
|
|
04-25-2007, 10:35 PM
|
#5 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
Hi ThePaper88,
You’re most welcome, ThePaper88.  OK, here’s what we do next. Go to Start -> Control Panel -> Add/Remove Programs and remove any of the following that are listed: SpyAway NEXT: Please run HijackThis and click "Scan". Place a check (tick) next to the following entries (if present): O2 - BHO: (no name) - {00000026-8735-428D-B81F-DD098223B25F} - (no file) O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file) O2 - BHO: (no name) - {000006b1-19b5-414a-849f-2a3c64ae6939} - (no file) O2 - BHO: (no name) - {06dfedaa-6196-11d5-bfc8-00508b4a487d} - (no file) O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file) O2 - BHO: (no name) - {30000273-8230-4dd4-be4f-6889d1e74167} - (no file) O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file) O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file) O2 - BHO: (no name) - {53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - (no file) O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file) O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file) O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file) O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file) O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file) O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file) O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file) O2 - BHO: (no name) - {bb936323-19fa-4521-ba29-eca6a121bc78} - (no file) O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file) O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file) O2 - BHO: msnhlp32.msn_hlp - {EEFBE5D6-FEFF-4CB4-AA26-6A464090CB89} - C:\WINDOWS\system32\msnhlp32.dll O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file) O4 - HKLM\..\Run: [SpyAway] C:\Program Files\SpyAway\spyaway.exe Close ALL programs and browsers (including this one), leaving ONLY HijackThis open, then click "Fix checked". Then please exit HijackThis. NEXT: Please run OTMoveIt and quarantine the following files/folders (please also remember to copy the Results report and paste it in your next reply for me to see): C:\WINDOWS\system32\msnhlp32.dll C:\WINDOWS\system32\tmrsrv32.exe C:\WINDOWS\system32\idleserv.exe C:\WINDOWS\sysrlb32.exe C:\WINDOWS\Biprep.exe C:\WINDOWS\mssvr.exe C:\WINDOWS\2020search2.dll C:\WINDOWS\2020search.dll C:\WINDOWS\bi.dll C:\WINDOWS\loader.exe C:\WINDOWS\system32\stfv.bin C:\WINDOWS\vxddsk.exe C:\WINDOWS\system32\vxddsk.exe C:\WINDOWS\satmat.exe C:\WINDOWS\SUSP.exe C:\WINDOWS\system32\MSIXU.DLL C:\WINDOWS\system32\idleserv.exe C:\WINDOWS\stcloader.exe C:\WINDOWS\salm.exe C:\WINDOWS\updatetc.exe C:\WINDOWS\saiemod.dll C:\WINDOWS\cdsm32.dll C:\WINDOWS\mspphe.dll C:\WINDOWS\flt.dll C:\WINDOWS\bjam.dll C:\WINDOWS\7search.dll C:\WINDOWS\180ax.exe C:\WINDOWS\swin32.dll C:\WINDOWS\voiceip.dll C:\WINDOWS\system32\tmrsrv32.exe C:\WINDOWS\pbar.dll C:\WINDOWS\system32\WER8274.DLL C:\WINDOWS\system32\user_32.dll C:\WINDOWS\system32\gtv_sd.bin C:\WINDOWS\bokja.exe C:\WINDOWS\system32\msnhlp32.dll C:\WINDOWS\mgrab.exe C:\WINDOWS\ul.exe C:\WINDOWS\system32\692D963F.exe C:\WINDOWS\installer.exe C:\WINDOWS\system32\bfmoxrnvva_nav.dat C:\WINDOWS\ifinst27.exe C:\Program Files\SpyAway NEXT: Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below (don't forget to copy and paste REGEDIT4 as well): Code:
REGEDIT4 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"=- It should look like this:  Double-click on it and when it asks you if you want to merge the contents to the registry, click "Yes" or "OK". You should receive a message that it was successful. In case you still are unsure on how to create a REG file, please take a look HERE with screenshots. NEXT: BEFORE BEGINNING, Please read completely through the instructions below. Please also print these instructions or copy them to Notepad (or another word processor), and save it for easier reference. This is because we will be in Safe Mode during the fix and you won’t be able to access the Internet to view these instructions. Please download Dr.Web CureIt and save it to your desktop: Next, please reboot your computer into Safe Mode by doing the following:
Now scan with Dr.Web CureIt:
NEXT: Please REBOOT your computer normally into Windows and post these logs in your next reply:
(You might have to paste the logs in multiple posts in the event they are too long and breach the post length restrictions of the forum software). Also, please let me know how things are running now and if you encountered any problems while you were following the directions I posted.
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
04-26-2007, 05:17 AM
|
#6 (permalink) | ||
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
I had to run the OTmove it again after the new process you gave me to follow since it rebooted my CPU and I didn't get a chance to save the old one. I'm also assuming what you meant by "quarantine" was to use the "clean up" feature. (Geez, I hope so.)
[/quote]File/Folder C:\avenger.zip not found. File/Folder C:\Avenger not found. File/Folder C:\avenger.txt not found. File/Folder C:\bfu.zip not found. File/Folder C:\BFU not found. File/Folder C:\combofix.exe not found. File/Folder C:\QooBox not found. C:\ComboFix*.txt moved successfully. C:\ComboFix*.txt moved successfully. C:\Documents and Settings\The Paper (Host)\Desktop\ComboFix*.txt moved successfully. C:\WINDOWS\ComboFix*.txt moved successfully. C:\WINDOWS\system32\ComboFix*.txt moved successfully. C:\WINDOWS\system32\drivers\ComboFix*.txt moved successfully. File/Folder C:\catchme.exe not found. File/Folder C:\nircmd.exe not found. File/Folder C:\swreg.exe not found. File/Folder C:\Swxcacls.exe not found. File/Folder C:\Swsc.exe not found. File/Folder C:\dss.exe not found. File/Folder C:\Deckard not found. File/Folder C:\FindAWF.exe not found. File/Folder C:\AWF.txt not found. File/Folder C:\fixwareout.exe not found. File/Folder C:\fixwareout not found. File/Folder C:\fsbl.exe not found. C:\fsbl*.log moved successfully. C:\fsbl*.log moved successfully. C:\Documents and Settings\The Paper (Host)\Desktop\fsbl*.log moved successfully. C:\WINDOWS\fsbl*.log moved successfully. C:\WINDOWS\system32\fsbl*.log moved successfully. C:\WINDOWS\system32\drivers\fsbl*.log moved successfully. File/Folder C:\gmer.exe not found. File/Folder C:\gmer.dll not found. File/Folder C:\gmer.ini not found. File/Folder C:\gmer.log not found. File/Folder C:\gmer_uninstall.cmd not found. File/Folder C:\gmer.sys not found. Unable to delete service gmer. File/Folder C:\haxfix.exe not found. File/Folder C:\haxfix.txt not found. File/Folder C:\killbox.exe not found. File/Folder C:\!Killbox not found. File move failed. C:\Documents and Settings\The Paper (Host)\Desktop\OTMoveIt.exe scheduled to be moved on reboot. File/Folder C:\_OTMoveIt not found. File/Folder C:\rustbfix.exe not found. File/Folder C:\Rustbfix not found. File/Folder C:\sdfix.exe not found. File/Folder C:\SDFix not found. File/Folder C:\SmitfraudFix.exe not found. File/Folder C:\SmitfraudFix not found. File/Folder C:\rapport.txt not found. File/Folder C:\SysInsite not found. File/Folder C:\VundoFix.exe not found. File/Folder C:\VundoFix Backups not found. File/Folder C:\vundofix.txt not found. File/Folder C:\win32delfkil.exe not found. File/Folder C:\_backupD not found. File/Folder C:\windelf.txt not found. File/Folder C:\winpfind.exe not found. File/Folder C:\WinPfind not found. File/Folder C:\winpfind3u.exe not found. File/Folder C:\WinPFind3u not found. C:\cleanup.txt moved successfully. File move failed. C:\Documents and Settings\The Paper (Host)\Desktop\OTMoveIt.exe scheduled to be moved on reboot.[/quote] Quote:
A strange error occurred when I tried to run the ComboFix program. It rebooted my computer and was processing the log, then my computer went into a blue screen and rebooted. In the end I was never able to receive the log. Quote:
Also, is it just me or does it seem like the things you're having me delete in the "Hijackthis" program are returning? That or they just all look alike... |
||
|
|
|
|
04-26-2007, 06:54 AM
|
#7 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
Hi ThePaper88,
Sorry for the confusion on what to do with OTMoveIt. My bad.  Could you run OTMoveIt again, but this time use the red MoveIt! button on the list of files/folders to delete. Please also remember to copy the Results report and paste it in your next reply for me to see. NEXT: Please delete your current copy of ComboFix. Then please delete this folder, C:\ComboFix. Now download a new copy of ComboFix and run the tool and see if it works. If it does, please copy the log and paste it in your next reply along with the results report from OTMoveIt and a new HijackThis log. p.s. Yes, it does seem that some of the entries are returning. They are mostly harmless, but we’ll look at them later.
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum Last edited by Sempurna; 04-26-2007 at 07:04 AM. |
|
|
|
|
04-26-2007, 01:02 PM
|
#8 (permalink) | |||
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Haha, don't worry about it. I probably should have known it was "move" and not "clean". I can't complain at all because of how wonderfully this is working. A lot of the errors seem to have ceased, I can even get into my Task manager! However it also seems like some settings have reset? For instance my clock is back on the default military time setting; I don't have a problem with this, just thought it was kind of cool how that works. lol
ComboFix seems to make my "AntiVir" program angry; It's accusing it of being a Virus or something. Quote:
Quote:
Quote:
|
|||
|
|
|
|
04-26-2007, 07:32 PM
|
#9 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
Hi ThePaper88,
You’ve done a great job so far. Well done, and keep up the good work! Yes, AntiVir and some other AVs will flag some of the tools we use as malware. That is because the tools use the same coding as malware to fight them. Something like fighting fire with fire, you could say. OK, let’s pick up the leftovers. Please run OTMoveIt and move these files: C:\WINDOWS\system32\wml.exe C:\WINDOWS\wml.exe NEXT: Please run ComboFix one more time to make sure that the pe386 rootkit on your system is gone. Then please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below (don't forget to copy and paste REGEDIT4 as well): Code:
REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
"{02478D38-C3F9-4EFB-9B51-7695ECA05670}"="C:\\Program Files\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll"
"{53707962-6F74-2D53-2644-206D7942484F}"="C:\\PROGRA~1\\SPYBOT~1\\SDHelper.dll"
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"="C:\\Program Files\\Java\\jre1.5.0_11\\bin\\ssv.dll"
It should look like this: Double-click on it and when it asks you if you want to merge the contents to the registry, click "Yes" or "OK". You should receive a message that it was successful. In case you still are unsure on how to create a REG file, please take a look HERE with screenshots. NEXT: See if you can now run Panda ActiveScan and the Kaspersky Online Scanner. Let me know how things go. NEXT: Please REBOOT your computer normally into Windows and post these logs in your next reply:
(You might have to paste the logs in multiple posts in the event they are too long and breach the post length restrictions of the forum software). Also, please let me know how things are running now and if you encountered any problems while you were following the directions I posted.
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum Last edited by Sempurna; 04-26-2007 at 07:33 PM. |
|
|
|
|
04-27-2007, 12:36 PM
|
#10 (permalink) | |||
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
I'm so glad everything is proceeding smoothly. Unfortunitly I'm still unable to get IE to work, so I can't do the last two scans. Is there a way I can get IE working again?
Quote:
Quote:
Quote:
|
|||
|
|
|
|
04-30-2007, 08:31 PM
|
#11 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
Hi ThePaper88,
I’m sorry for my late reply. I had lost my Internet access for the last 5 days! I’d like to check if the pe386 rootkit is still present in your system or not. Please download GMER and save it to your desktop:
If you're having problems with running gmer.exe, try it in Safe Mode. This tool works in Safe Mode… other rootkit revealers don't. NEXT: Try uninstalling IE, then reinstall it and see if that solves the IE problem. To uninstall and reinstall Internet Explorer:
NEXT: To set default security settings for Internet Explorer:
NEXT: Please go to: VirusTotal
NEXT: Please REBOOT your computer normally into Windows and post these logs in your next reply:
(You might have to paste the logs in multiple posts in the event they are too long and breach the post length restrictions of the forum software). Also, please let me know how things are running now and if you encountered any problems while you were following the directions I posted.
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
05-01-2007, 04:31 PM
|
#12 (permalink) | |
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Oh, don't worry about it. I'm sorry about your internet, that happens to me as well every now and then. Everything seems to be in order, and I'm not receiving any real technical difficulties.
The IE fix didn't work, it now asks me to pick a program to open IE with. The GMER scan kept crashing my computer. I was unable to run it. Combofix crashed my computer again, even after following the steps you left for me a while back.  Quote:
Everything seems to be working absolutely fine though. Does it mean everything is fixed? (aside from IE.) |
|
|
|
|
|
05-01-2007, 09:38 PM
|
#13 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
Nope, the pe386 rootkit is still present in your system (that's the reason for the apps crashing).
OK, let's do this next. Please download Rustbfix by ejvindh from one of these locations: http://www.uploads.ejvindh.net/Rustbfix.exe http://www.uploads.ejvindh.net/Rustbfix.zip
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
05-04-2007, 12:44 AM
|
#14 (permalink) | |||
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Quote:
Quote:
Quote:
|
|||
|
|
|
|
05-04-2007, 02:59 AM
|
#15 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
OK, well done! Everything appears to be clean!
Any persistent problems or suspicious behaviour on your machine that I should know about?
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
05-06-2007, 04:56 AM
|
#16 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Nope! Everything seems to be in order, except for IE, I can't get it to work still.
Either way, thank you! I really appreciate your help. I'm so glad someone was able to volunteer their time. I thought my laptop was going to self destruct. on me like my desktop did. This is probably the shortest post I've made on here. haha |
|
|
|
|
05-06-2007, 07:34 PM
|
#17 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
You're most welcome, ThePaper88. Glad to be of some help.
Try uninstalling IE, then reinstall it and see if that solves the problem. To uninstall and reinstall Internet Explorer:
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
05-08-2007, 07:35 PM
|
#18 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 15
OS: Windows XP
|
Re: Win32.Trojan.RX
Awesome, thank you!
I have one last problem. For some reason my computer has been really slow recently, and sometimes I get a message saying something about my virtual memory being low or something. Is there a way I can fix that? I have plenty of space on my computer, but for some reason my memory is low or something? It's so annoying. |
|
|
|
|
05-08-2007, 08:46 PM
|
#19 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Re: Win32.Trojan.RX
You're most welcome, ThePaper88.
Let's check out your system configurations at PC Pitstop and see if everything is running as they should. The virtual memory problem might just a corrupt system configuration, or has been set wrongly, or is due to a RAM problem (not enough RAM, or the RAM chips have errors and are thus overloading virtual memory). Please register (it's free, don't worry) with PC Pitstop and run the full tests here: http://www.pcpitstop.com/pcpitstop/default.asp When the tests are complete, a results page will pop up. Click "Share Results with TechExpress" on the top right-hand side. Then copy the URL provided and post it here for me.
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
| Thread Tools | |
|
|
52
