Inactive [InActive] Adware/Rogue Antimailware on XP

I have been trying to remove this. Panda Internet Security tells me it is removed but when I turn my Desk top on it stops working. SO I tried turning off all power and found the keyboard and harddrive seem to work until the battery is dead.
I tried to load your RSIT program but get the following error message.
C:\Documents And Settings\Owner.Your-DC0C6E8137\My Documents\RSIT.exe is not a vailid Win32 application
After working on this now for twq weeks I have found the program places itself in the cpl file.
wav.cpl
aav.cpl
var.cpl
MSX.cpl
Any ideas on how to get it out of the computer will be most helpful.
I need to go to work now will check back morning if I can get on.

 

Hi
Please follow these instructions to try and get RSIT.

• Download RSIT by random/random and save it to your desktop.
• Double click RSIT.exe to start the tool.
• At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
• If prompted by your firewall to allow RSIT to access the internet, please allow it. It will be updating yourr version of HijackThis.
• When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
• Please post the contents of log.txt here in your next reply.

Make sure to save it to your Desktop.
Let me know if that works.

Thanks
Geri

 

Downloaded the program RSIT.exe. I can get to the download but can not run the flie. I keep getting this error message.
C:\Documents and Settings\Owner.Your-DC0C6E8137\My Documents\RSIT.exe is not a Valid Win32 Application.

 

Hi
OK please do this.

Download ComboFix from Here to your Desktop.

It's best to disable realtime protection applications as they sometimes interfere with the tool.
Check this link for any applicable programs you may have.

• Close all open programs and windows
• Double click combofix.exe and follow the prompts.
• Vista users right click Combofix.exe and select Run As Administrator.
• When finished, it shall produce a log for you. Post the Combofix log

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Note - ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note - Combofix makes some changes when run to prevent autorun/autoplay of ALL CDs, floppies and USB devices, to assist with malware removal & increase security. If this is an issue or makes it difficult for you to use those devices, please ask how to reset it.

Thanks
Geri

 

I misplaced the file. will rerun later. Thanks Aire you where right.

 

Hi
The file should be located here.
C:\combofix.txt

I really need to see the first one ran.

Thanks
Geri

 

I did not find it there but I did find it in dooboo .have no idea why.

ComboFix 08-10-08.04 - Owner 2008-10-09 7:33:19.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2659 [GMT -4:00]
Running from: C:\Documents and Settings\Owner.YOUR-DC0C6E8137\My Documents\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Owner.YOUR-DC0C6E8137\My Documents\My Documents.url
C:\Documents and Settings\Owner.YOUR-DC0C6E8137\My Documents\My Music\My Music.url
C:\Documents and Settings\Owner.YOUR-DC0C6E8137\My Documents\My Pictures\My Pictures.url
C:\Documents and Settings\Owner.YOUR-DC0C6E8137\My Documents\My Videos\My Video.url
C:\Program Files\Antivirus 2009
C:\Program Files\Antivirus 2009\av2009.exe.tmp
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-09-09 to 2008-10-09 )))))))))))))))))))))))))))))))
.

2008-10-05 06:52 . 2008-10-05 07:05 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-10-02 08:23 . 2008-10-02 08:25 94 --a------ C:\WINDOWS\system32\system_.ini
2008-10-02 05:59 . 2008-10-02 05:59 <DIR> d-------- C:\Program Files\Spotmau WinCares 2007
2008-10-02 05:59 . 2008-10-02 05:59 2 --a------ C:\WINDOWS\system32\ProtectedFolderManager.dat
2008-10-02 04:03 . 2008-10-02 04:03 <DIR> d-------- C:\Documents and Settings\Owner.YOUR-DC0C6E8137\Application Data\GlarySoft
2008-10-02 01:48 . 2008-10-02 01:48 <DIR> d-------- C:\Program Files\Registry Repair
2008-10-01 22:23 . 2008-10-01 22:23 <DIR> d-------- C:\MAV
2008-10-01 22:23 . 2008-10-01 22:23 <DIR> d-------- C:\Install iTunes
2008-10-01 22:23 . 2008-10-01 22:23 <DIR> d-------- C:\Install ICQ
2008-10-01 22:23 . 2008-10-01 22:23 <DIR> d-------- C:\AOL Instant Messenger
2008-10-01 22:21 . 2008-10-02 05:57 <DIR> d-------- C:\Program Files\Common Files\aolshare
2008-10-01 22:21 . 2008-10-03 09:30 <DIR> d-------- C:\Program Files\America Online 9.0b
2008-09-15 02:38 . 2008-09-15 02:38 <DIR> d--h----- C:\WINDOWS\PIF
2008-09-09 01:54 . 2008-09-21 07:46 30,601 --a------ C:\Documents and Settings\Owner.YOUR-DC0C6E8137\x.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-09 11:16 243,036 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck
2008-10-09 11:16 243,036 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-10-09 11:16 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck
2008-10-09 11:16 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-10-09 10:45 13,880 ----a-w C:\WINDOWS\system32\drivers\COMFiltr.sys
2008-10-04 07:42 --------- d-----w C:\Program Files\Lx_cats
2008-10-03 12:56 --------- d-----w C:\Program Files\Common Files\AOL
2008-10-03 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-10-02 02:24 --------- d-----w C:\Documents and Settings\Owner.YOUR-DC0C6E8137\Application Data\AOL
2008-10-02 02:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-10-02 02:22 --------- d-----w C:\Program Files\Pure Networks
2008-10-02 02:22 --------- d-----w C:\Program Files\AOL Toolbar
2008-10-02 02:22 --------- d-----w C:\Program Files\AOL Deskbar
2008-10-02 01:55 --------- d-----w C:\Program Files\America Online 9.0a
2008-09-29 12:45 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-09-28 23:36 --------- d-----w C:\Program Files\MSN Encarta Plus
2008-09-21 11:46 --------- d-----w C:\Program Files\eMailTrackerPro 2008
2008-09-18 13:42 --------- d-----w C:\Program Files\Gateway Games
2008-09-09 11:56 --------- d-----w C:\Program Files\SpeedFan
2008-09-09 05:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-09-06 10:50 --------- d-----w C:\Documents and Settings\Owner.YOUR-DC0C6E8137\Application Data\CyberLink
2008-09-06 10:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2008-09-03 14:19 --------- d-----w C:\Program Files\Visual IP Trace 2008
2008-08-28 06:39 --------- d-----w C:\Program Files\SIW
2008-08-19 14:48 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-18 05:22 --------- d-----w C:\Documents and Settings\Owner.YOUR-DC0C6E8137\Application Data\Windows Search
2008-08-17 00:19 --------- d-----w C:\Program Files\Web Publish
2008-08-01 12:37 812 ----a-w C:\Documents and Settings\Owner.YOUR-DC0C6E8137\Application Data\wklnhst.dat
2008-07-19 02:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-19 02:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-19 02:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-19 02:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-19 02:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-19 02:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-19 02:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-19 02:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-19 02:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-19 02:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect0]
@= "{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E} "
[HKEY_CLASSES_ROOT\CLSID\{D7BC78F3-3624-455C-8C4B-9C77C3BFEE4E}]
2006-12-22 16:30 57344 --a------ C:\Program Files\Spotmau WinCares 2007\FolderProtectShellExtension.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FolderProtect1]
@= "{8A814C29-D3CD-4F9E-9770-DF8704503ACA} "
[HKEY_CLASSES_ROOT\CLSID\{8A814C29-D3CD-4F9E-9770-DF8704503ACA}]
2006-12-22 16:30 57344 --a------ C:\Program Files\Spotmau WinCares 2007\FolderProtectShellExtension.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr "= "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"ctfmon.exe "= "C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"AOL Fast Start "= "C:\Program Files\America Online 9.0b\AOL.EXE" [2005-07-12 50776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray "= "C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 64512]
"readericon "= "C:\Program Files\Digital Media Reader\readericon45G.exe" [2005-12-09 139264]
"NvCplDaemon "= "C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 7618560]
"HostManager "= "C:\Program Files\Common Files\AOL\1206645186\ee\AOLSoftware.exe" [2007-05-25 42032]
"Lexmark 5200 series "= "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe" [2004-06-04 57344]
"LXBTCATS "= "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll" [2004-03-17 65536]
"SunJavaUpdateSched "= "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"APVXDWIN "= "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" [2007-07-23 406832]
"SCANINICIO "= "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe" [2007-07-11 27952]
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [2008-03-27 98304]
"Pure Networks Port Magic "= "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" [2004-04-05 99480]
"RTHDCPL "= "RTHDCPL.EXE" [2006-03-13 C:\WINDOWS\RTHDCPL.exe]
"nwiz "= "nwiz.exe" [2006-06-01 C:\WINDOWS\system32\nwiz.exe]
"AlwaysReady Power Message APP "= "ARPWRMSG.EXE" [2005-08-02 C:\WINDOWS\arpwrmsg.exe]
"NvMediaCenter "= "NvMCTray.dll" [2006-06-01 C:\WINDOWS\system32\nvmctray.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"swg "= "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-25 68856]
"DWQueuedReporting "= "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2008-03-27 2168360]
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle "= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme "= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 20:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc "= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify "=dword:00000001
"UpdatesDisableNotify "=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe "=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe "=
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe "=
"C:\\Program Files\\America Online 9.0\\waol.exe "=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe "=
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe "=
"C:\\Program Files\\Common Files\\AOL\\1206645186\\EE\\AOLServiceHost.exe "=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe "=
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe "=
"C:\\Program Files\\Common Files\\AOL\\1206645186\\EE\\aolsoftware.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"C:\\Program Files\\Messenger\\msmsgs.exe "=
"C:\\Program Files\\America Online 9.0b\\waol.exe "=

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 28544]
R1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-05-11 71736]
R1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 51256]
R1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-05-11 22072]
R1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 191672]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-05-11 09:33 132920]
R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 38968]
R1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 37304]
R1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 30648]
R2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 24760]
R2 FolderProtectService;FolderProtectService;C:\Program Files\Spotmau WinCares 2007\FolderProtectService.exe [2006-12-22 16384]
R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 178872]
R3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys [ ]
R3 FolderProtectDriver;FolderProtectDriver;C:\Program Files\Spotmau WinCares 2007\FolderProtectDriver.sys [2006-12-12 11264]
R3 NETIMFLT;PANDA NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-04-24 142128]
R3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [ ]
R3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys [ ]
R3 Winacusb;Winacusb;C:\WINDOWS\system32\DRIVERS\winacusb.sys [2004-07-14 902860]
S3 SIVDRIVER;SIV Kernel Driver;C:\WINDOWS\system32\Drivers\SIVX32.sys [2008-04-05 48480]

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-10-09 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

2008-08-12 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []

2008-08-02 C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
- C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
R0 -: HKCU-Main,Start Page = hxxp://www.aol.com/
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
O8 -: &AOL Toolbar search - C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 -: &Download by Enterra Download Manager - C:\Program Files\Enterra\Download Manager\edm.dll/3000
O9 -: {1AB6CC97-17C1-4207-BC51-5C9D435A338E} - res://C:\Program Files\Enterra\Download Manager\edm.dll/3002
O9 -: {1AB6CC97-17C1-4207-BC51-5C9D435A338E} - res://C:\Program Files\Enterra\Download Manager\edm.dll/3002 -
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-09 07:36:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXBTCATS = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-09 7:39:05
ComboFix-quarantined-files.txt 2008-10-09 11:38:35

Pre-Run: 222,106,251,264 bytes free
Post-Run: 222,091,137,024 bytes free

201 --- E O F --- 2008-10-08 11:21:17

 

Hi
OK I would like a file scanned, unless you know what it is for sure.

• Please go to Jotti's malware scan
  
• Copy and paste the following file path into *the * "File to upload & scan "box on the top of the page: one at a time
  
  • C:\Documents and Settings\Owner.YOUR-DC0C6E8137\x.exe
• Click on the submit button
  
• Please post the results in your next reply.

Thanks
Geri

 

Ran that scan and for Malware nothing showed.
The only thing I don't understand is the note they had.
Note file was scanned before therefore this file's scan results will not be stored in the database. I never heard of them before.
At bottom of the page they had this
AVAST: Win32:Online Games EFZ
GDATA: Win32:Online Games EFZ
IKARUS: Trogan-Downloader.Win32.Small.dfd

 

Hi
OK, Lets get a on line scan.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK


Now the scan.

Please do an online scan with Kaspersky WebScanner

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the “Scan Report” On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

 

Started the Kaspersky Webscanner. But it seem someone always needs the phone .Had to click off. When I did computer screen went black like someone pulled the plug . It restarted but half of my program icons were missing. Got Windows error message and had to restart it again. Then all icons came back. not sure what is going on ,but will try scan again when everyone is in bed. (My luck then the cat will need the phone.)

 

Hi
OK make sure you disable your anti virus program before doing the scan, we don't need any interference when the scan is running.

Geri

 

I had done that the first time . But just now I checked to run a scan with Panda and found part of it has been removed. I will try you scan again but if the rest of panda is removed it will be the last scan I run here. Sorry but I can not see paying fro some thing and then having it removed by another program.

 

Geri
Thanks for all the help and keep up the good work.
I tried the scan again but after 4 hours it just seem to get no where.
That would be 2 hours of downloading and 2 hours of scanning.
But do to things that I have no control on I will no longer be back to this site. Maybe when I cool off for the way a member answered a post I will come back. So plaese call this closed Thank you.

 

Hi
Could you please PM me about the member you are speaking of??
Thanks

Kaspersky should not remove anything, the on line scanner won't even remove a virus, all it does is produce a log.
So I'm not sure what is happing there?

Was there any error messages or anything?

Thanks
Geri