|
Aroura virus problem hijack-logfile posted help!!!!
|
|
|
rottingkd
Junior Member
|
5. June 2005 @ 22:25 |
Link to this message
|
Aurora always pops up have tried running hi-jack this in safe mode. Still wont go away, have identified the problems as nai and, exeO23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe Can anyone add any insight, logfile below.
Logfile of HijackThis v1.99.1
Scan saved at 10:59:46 PM, on 6/9/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
c:\windows\system32\dsupjv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\LimeWire\LimeWire.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\oscar\LOCALS~1\Temp\ztv1\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O2 - BHO: (no name) - {099D63FD-61D3-430E-B2BC-17C058109BA2} - C:\WINDOWS\system32\cvnvfat.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [antivirus32] ANTIVIRUS.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [unsh] C:\WINDOWS\unsh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [AnyDVD] "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
O4 - HKLM\..\Run: [gisbpw] c:\windows\system32\dsupjv.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.EXE 1
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c9.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x8...
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
|
|
Advertisement
|
 |
|
|
AfterDawn Addict
|
5. June 2005 @ 22:28 |
Link to this message
|
|
I tried helping him out last night.
i made a batch file that contained the following.
@ECHO OFF
cd %windir%
Nail.exe /FULLREMOVE
sc config SvcProc start= disabled
sc stop SvcProc
sc delete SvcProc
attrib -s -r -h nail.exe
attrib -s -r -h svcproc.exe
del nail.exe
del svcproc.exe
cd %windir%\system32
attrib -s -r -h DrPMon.dll
del DrPMon.dll
exit
We ran the batch file in safe mode,
then ran hi-jack this and deleted the nail.exe
(the other svcproc.exe was deleted by the batch file).
But after re-booting it is still on his system.
DDP where are you???
Possunt Quia Posse Videntur. |
Senior Member
|
6. June 2005 @ 00:49 |
Link to this message
|
|
Try this out booting up in safe mode,go to Start and hit Run...after this type in MSCONFIG and click the enter button.Go to where it says Startup and untick the virus or it might be under Services.Once you disable it from running you can delete it I think.I would try my best to disable it from running at all,then go back and see what I can do to delete it.Your chances of deleting it while it is running are pretty slim I think,because it could duplicate.
...........................:SiG cReAtEd By Phantom69:............................ |
Senior Member
|
6. June 2005 @ 01:02 |
Link to this message
|
Here is a site that might help out on the nail.exe file http://forum.tweakxp.com/forum/Topic162090-29-1.aspx?DisplayMode=... .Removing the svcproc.exe can be found here http://www.aluriasoftware.com/forum/showpost.php?p=2476&postcount=3 might be helpfull.I think the bat file you made might be wrong Jizmak,this is what I am getting man from the site listed above.
@ECHO OFF
cd\WINNT
Nail.exe /FULLREMOVE
sc config SvcProc start= disabled
sc stop SvcProc
sc delete SvcProc
attrib -s -r -h nail.exe
attrib -s -r -h svcproc.exe
del /Q nail.exe
del /Q svcproc.exe
cd\WINNT\System32
attrib -s -r -h DrPMon.dll
attrib -s -r -h fqdvgall.exe
attrib -s -r -h tpfolvf.exe
del /Q DrPMon.dll
del /Q fqdvgall.exe
del /Q tpfolvf.exe
exit
I don't know I could be wrong on this one,sounds like a bad situation that I wouldn't want to be in.
...........................:SiG cReAtEd By Phantom69:............................
|
|
ddp
Moderator
|
6. June 2005 @ 07:19 |
Link to this message
|
|
|
AfterDawn Addict
|
6. June 2005 @ 07:23 |
Link to this message
|
Quote:
I think the bat file you made might be wrong Jizmak
That doesnt suprise me one bit.
Thanks everyone for your input,
Hope he can finally get this crap off his computer.
Keep us posted.
Possunt Quia Posse Videntur.
|
|
ddp
Moderator
|
6. June 2005 @ 07:29 |
Link to this message
|
|
i was asleep when you called me
|
|
rottingkd
Junior Member
|
6. June 2005 @ 23:25 |
Link to this message
|
|
Thanks alot all you guys for the help! I'll try to do this as soon as possible hopeing it works :) most likely by the weekend. during the week I really don't have time.. but again thanks for all your help.. jizmak, L-burna,ddp.
|
|
ddp
Moderator
|
7. June 2005 @ 09:58 |
Link to this message
|
|
keep us posted
|
Senior Member
1 product review
|
10. June 2005 @ 19:03 |
Link to this message
|
|
I squashed this anoying pest a month ago. I need to remember how I did it. I have a reg file. Here is the Reg file. Copy and past in notepad. Save as XXXXXXX.reg.
REGEDIT4
[-HKEY_CURRENT_USER\Software\Bolger]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BolgerDll.BolgerDllObj]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BolgerDll.BolgerDllObj.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{302A3240-4805-4a34-97D7-1645A0B08410}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BB0D5ADC-028D-4185-9288-722DDCE2C757}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{92DAF5C1-2135-4E0C-B7A0-259ABFCD3904}]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVCPROC]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SvcProc]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SVCPROC]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SvcProc]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVCPROC]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SvcProc]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVCPROC]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SvcProc]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{302A3240-4805-4a34-97D7-1645A0B08410}]
[-HKEY_CURRENT_USER\Software\aurora]
[-HKEY_CURRENT_USER\Software\ceres]
[-HKEY_CLASSES_ROOT\BolgerDll.BolgerDllObj]
[-HKEY_CURRENT_USER\Software\_rtneg3]
[-HKEY_CLASSES_ROOT\CLSID\{302A3240-4805-4a34-97D7-1645A0B08410}]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Monitors\ZepMon]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Monitors\ZepMon]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Print\Monitors\ZepMon]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\ZepMon]
[-HKEY_CLASSES_ROOT\mfiltis]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID]
"{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
"000"=-
"001"=-
"002"=-
"003"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"=-
"Shell"="Explorer.exe"
After that I got Ewido. It is a spywar thing as well. Using the eval is all you need. Fully update Spybot and Adaware.
Now go into safe mode. Run spybot and adaware. Run that reg file you made from here. Run Hijack this and remove the following
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe <---this is the grand daddy of your problem
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {099D63FD-61D3-430E-B2BC-17C058109BA2} - C:\WINDOWS\system32\cvnvfat.dll (file missing) <--- (I see you have been trying already)
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE <----(unless you know what it is)
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE <----Find and delet the file as well.
O4 - HKLM\..\Run: [unsh] C:\WINDOWS\unsh.exe <----(unless you know what it is)
O4 - HKLM\..\Run: [gisbpw] c:\windows\system32\dsupjv.exe <---(unless you know what it is)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
Find any file that is in an entry you removed and delete it. You do not have to run Ewido. Reboot. When the system comes back up Ewido will give a warning that something is trying to install. Block it. You don't need Ewido anymore unless you like it. This is what I did and I got it off my computer.
Good luck
-Del
This message has been edited since posting. Last time this message was edited on 10. June 2005 @ 19:04
|
|
rottingkd
Junior Member
|
11. June 2005 @ 02:00 |
Link to this message
|
|
Hey guys thanks alot to all of you!!!:0, maybe next time I'll try u'rs mr_dell. great place for help..
|
|
rottingkd
Junior Member
|
11. June 2005 @ 02:48 |
Link to this message
|
|
WHAT HAPPPEND!!!!!!!!!!!!!!!!!!!!! ITS BACK?!!!!!! ERR..
MR_DELL I GUESS ITS U'R TURN..
|
Member
|
11. June 2005 @ 08:03 |
Link to this message
|
|
|
rottingkd
Junior Member
|
11. June 2005 @ 16:49 |
Link to this message
|
|
Ok guy's, I thought I was DUMB! but know I'm DUMBER!!!!!!!!! after trying my best attepts at both DDp's and Mr.dell's takes on this I still can't get rid of the Nail on my C:windows. I tried like you said, deleting it in safe mode but later it would regenerate itself!., Mr. dell Y did it work for you! aaaaaaaaaaaaaaaaaaaaahhhhhhhh!@!!!!!@!@!@!@
|
|
ddp
Moderator
|
11. June 2005 @ 17:22 |
Link to this message
|
|
did you try ken_919 idea??
|
Senior Member
1 product review
|
11. June 2005 @ 17:26 |
Link to this message
|
|
I did a bunch of reading on this when I had the problem. I know you have as well. Durring my readings I found that different people had different solutions. I don't know why mine did not work for you. Don't give up though, you will find your answer.
-Del
|
|
rottingkd
Junior Member
|
11. June 2005 @ 17:27 |
Link to this message
|
|
FORGOT ABOUT HIM.. FOR SOME REASON i CAN'T DOWNLOAD THE SOFTWARE?. I'VE READ ALL THE INSTUCTIONS AND I JUST CAN'T! SOMETHING TO DO WITH XP SERV. PACK 2.
|
Member
|
11. June 2005 @ 17:40 |
Link to this message
|
|
|
ddp
Moderator
|
11. June 2005 @ 17:40 |
Link to this message
|
|
knock off the caps as referred to as shouting. either disable your sp2 firewall or uninstall sp2
|
|
rottingkd
Junior Member
|
11. June 2005 @ 17:51 |
Link to this message
|
|
ok I removed the serv pack but now its telling me that its not a valid win32 aplication...
|
|
ddp
Moderator
|
11. June 2005 @ 18:04 |
Link to this message
|
|
is it displaying 16 bit windows subsystem error??
|
|
rottingkd
Junior Member
|
11. June 2005 @ 18:22 |
Link to this message
|
|
nop, it reads like this
D:\awinsfx.exe is not a valid win32 application. it happens when i try to run the program
This message has been edited since posting. Last time this message was edited on 11. June 2005 @ 18:23
|
|
ddp
Moderator
|
11. June 2005 @ 18:30 |
Link to this message
|
|
|
|
rottingkd
Junior Member
|
11. June 2005 @ 18:40 |
Link to this message
|
|
D:\ is my hard drive where I downloaded the awinsfx.exe. its from there that I try to open but I get that message.!
|
|
Advertisement
|
|
|
|
rottingkd
Junior Member
|
12. June 2005 @ 13:55 |
Link to this message
|
|
Ok softpedia and ken solved the problem, I don't get the pop-ups no more, but I get a warning box asking me what I want to do with the files. it askes " what shall be done with these files" and gives you options...
-move file to quarantine directory
-delete file
-wipe file
-rename file
-deny access
-allow access
I already tried delete, deny, wipe, files. but they keep poping up! help? again.
|
