We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide

trojan removed but?

2

Comments

  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    aswMBR version 0.9.9.1532 Copyright(c) 2011 AVAST Software
    Run date: 2012-02-03 18:57:34
    18:57:34.369 OS Version: Windows 6.0.6002 Service Pack 2
    18:57:34.369 Number of processors: 4 586 0xF0B
    18:57:34.370 ComputerName: LUCANCOMPUTERS UserName: User
    18:57:36.516 Initialize success
    18:59:26.087 AVAST engine defs: 12020300
    19:01:33.653 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-2
    19:01:33.655 Disk 0 Vendor: ST3500820AS SD36 Size: 476940MB BusType: 3
    19:01:33.657 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-3
    19:01:33.659 Disk 1 Vendor: WDC_WD2500AAJS-00VTA0 01.01B01 Size: 238475MB BusType: 3
    19:01:33.670 Disk 0 MBR read successfully
    19:01:33.672 Disk 0 MBR scan
    19:01:33.686 Disk 0 Windows VISTA default MBR code
    19:01:33.694 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476938 MB offset 2048
    19:01:33.700 Disk 0 scanning sectors +976771072
    19:01:33.772 Disk 0 scanning C:\Windows\system32\drivers
    19:01:48.605 Service scanning
    19:01:50.076 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
    19:01:50.692 Modules scanning
    19:02:01.810 Disk 0 trace - called modules:
    19:02:01.821 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8648a1f8]<<
    19:02:01.825 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8721c780]
    19:02:01.829 3 CLASSPNP.SYS[8a3a18b3] -> nt!IofCallDriver -> [0x86ff4918]
    19:02:01.832 5 acpi.sys[807b36bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-2[0x86fdc8a0]
    19:02:01.836 \Driver\atapi[0x86fbb690] -> IRP_MJ_CREATE -> 0x8648a1f8
    19:02:03.231 AVAST engine scan C:\Windows
    19:02:11.483 AVAST engine scan C:\Windows\system32
    19:06:40.740 AVAST engine scan C:\Windows\system32\drivers
    19:07:01.401 AVAST engine scan C:\Users\User
    19:28:31.235 AVAST engine scan C:\ProgramData
    19:32:19.608 Scan finished successfully
    19:58:27.565 Disk 0 MBR has been saved successfully to "C:\Users\User\Desktop\MBR.dat"
    19:58:27.569 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • waddler_8
    waddler_8 Posts: 3,588 Forumite

    • Go to start > control panel > programs and features.
    • Right click on iLivid
    • Click Uninstall & then follow the prompts to remove it
    Read through this below carefully first before doing it. If you're not sure about anything - ask me first. When you do it, your desktop might temporarily disappear - don't worry, it'll come back upon reboot.


    Download OTM and save it to your Desktop.



    http://oldtimer.geekstogo.com/OTM.exe 
    • Right click OTM.exe & choose "Run as Administrator" to run it.
    Copy all of the following code inside the codebox below. Do not include the word Code:
    :Processes 
KILLALLPROCESSES
 
:Files
c:\users\user\appdata\roaming\Zyob
c:\users\user\appdata\roaming\Ulogzo
C:\sooi832.bin
C:\users\user\appdata\local\Ilivid Player
c:\programdata\{B49A644A-1076-4A3D-B124-DAA7862F2318}
c:\program files\iLivid
c:\users\user\appdata\local\PackageAware
ipconfig /flushdns /c
 
:Commands
[CREATERESTOREPOINT]
[Reboot]
    • Return to OTM, right click in the Paste instructions for Items to be Moved window (under the yellow bar) and choose Paste.
    • Push the large MoveIt! button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • The report should appear in Notepad after the reboot. Copy/paste the contents of that report back here in your next reply.
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    do i remove ilived first than do the down load?
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Yes, remove ilivid first.
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    [.ShellClassInfo]
    LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
    IconResource=%SystemRoot%\system32\imageres.dll,-183
    [LocalizedFileNames]
    Internet Explorer.lnk=@%windir%\System32\ie4uinit.exe,-731
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    That didn't quite work correctly. Do this bit again.
    • Right click OTM.exe & choose "Run as Administrator" to run it.
    Copy all of the following code inside the codebox below. Do not include the word Code:

    :Processes 
KILLALLPROCESSES
 
:Files
c:\users\user\appdata\roaming\Zyob
c:\users\user\appdata\roaming\Ulogzo
C:\sooi832.bin
C:\users\user\appdata\local\Ilivid Player
c:\programdata\{B49A644A-1076-4A3D-B124-DAA7862F2318}
c:\program files\iLivid
c:\users\user\appdata\local\PackageAware
ipconfig /flushdns /c
 
:Commands
[CREATERESTOREPOINT]
[Reboot]
    • Return to OTM, right click in the Paste instructions for Items to be Moved window (under the yellow bar) and choose Paste.
    • Push the large MoveIt! button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • The report should appear in Notepad after the reboot. Copy/paste the contents of that report back here in your next reply.
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    does not offer run as admin
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Just double click it then.

    Wait for OTM to prompt you to reboot when you run the fix.
  • shaun40400
    shaun40400 Posts: 4,134 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    done that again,asked for reboot and did it cant find report
    WAS DEBT FREE & STILL BAAARRRRRKING :cool:
    hello my name is shaun,,,and im not so addicted to farmville,still addicted to football:o:o
    BAAAARRRRRRRRRRKING er insanely so :o
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    There should be a log file in the folder C:\_OTM\MovedFiles
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 353.5K Banking & Borrowing
  • 254.2K Reduce Debt & Boost Income
  • 455K Spending & Discounts
  • 246.6K Work, Benefits & Business
  • 602.9K Mortgages, Homes & Bills
  • 178.1K Life & Family
  • 260.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 37.7K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture