-
Great, glad things are well
-
Windows defender is notifing me about:
PEVSystemStart and procexp90.Sys
should i be concerned?
everything seems fine
-
Hello Rob
PEVSystemStart is part of Combofix and may not have been fully removed, and procexp90.Sys is part of Process Explorer and also harmless.
C:\Qoobox <--If this is present you can delete it and if CF is still on your desktop you can drag it to the trash.
Why ProcessExplorer is showing up I dont know, did you just download it or downloaded it in the past and not removed it ?
-
Sorry, previous post refered to events prior to uninstalling
(should of looked at date)
ran ESET b/c IE wasn't running as smoothly as it did the first couple of days;
there was an event where IE (heck whole computer froze when AVG asked me how to handle something)
post below
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=9cacdc9dd4b8cb48ae74aaa42e3ced4c
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-05-23 08:05:58
# local_time=2010-05-23 03:05:58 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777175 100 0 0 0 0 0
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=204905
# found=1
# cleaned=1
# scan_time=10789
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\intelppm.sys.vir Win32/Olmarik.ZC trojan (cleaned - quarantined) 00000000000000000000000000000000 C
-
Ken,
see post above
do you want me to run anything else
also i still have GMER and HostXpert along with RootRepeal on desktop
can i just move them to trash
-
also i still have GMER and HostXpert along with RootRepeal on desktop
can i just move them to trash <==Yes you can
All ESET found was a back up of what CF removed.
C:\Qoobox<--Just delete this folder
Ken 
-
ok, i'm just dumb or something;
how do you install IE-Spyad
i clicked download, which created a folder.
am i supposed to double click on the Install (it is a MS-Dos Batch file)?
-
Hello Rob,
I think that I am going to pull this tool out of my fixes, I really am not sure how updated it is. When you install Spybot Search and Destroy, if you install the Immunization feature it basically does the same thing and is more up to date.
Ken
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
