View Single Post

**Byteman** · 08-12-2005, 12:58 AM

Yes you could but it's riskier, it's usually best to just to do msconfig (start>run>msconfig>startup).

Also, you still have that Trojan in your system. Run a HJT scan and check:

O4 - HKLM\..\Run: [Microsoft MSUPDATE] SpoolSvc.exe

Don't close HJT. Click the Config button, then Misc Tools button, then Delete File on reboot button and browse the following file:

C:\WINDOWS\system32\SpoolSvc.exe

Now, go ahead and reboot, go directly in to safemode and verify that the file is gone. If not, delete manually.

Reboot normal and do the following scan (let it fix what it finds):
http://www.ewido.net/en/onlinescan/

You've got a lot of clean up to do as far as extra junk you prob never use. Do it in msconfig, afterwards post another log please.

08-12-2005, 12:58 AM	#6 (permalink)
Byteman Malware Destroyer Join Date: Apr 2005 Location: Hurricane Heaven... still Posts: 1,093	Yes you could but it's riskier, it's usually best to just to do msconfig (start>run>msconfig>startup). Also, you still have that Trojan in your system. Run a HJT scan and check: O4 - HKLM\..\Run: [Microsoft MSUPDATE] SpoolSvc.exe Don't close HJT. Click the Config button, then Misc Tools button, then Delete File on reboot button and browse the following file: C:\WINDOWS\system32\SpoolSvc.exe Now, go ahead and reboot, go directly in to safemode and verify that the file is gone. If not, delete manually. Reboot normal and do the following scan (let it fix what it finds): http://www.ewido.net/en/onlinescan/ You've got a lot of clean up to do as far as extra junk you prob never use. Do it in msconfig, afterwards post another log please. __________________ Don't byte off more than you can chew...