No problem , glad I could helpjja1313 wrote:Here you go. I can't thank you enough for all your help.
The logs showed just a few more files left. Once we get them all I will issue final instructions to cleanup quarantined items and tighten up the machines security.
Re-run Grantperms
- Locate the Grantperms folder you extracted earlier (it should be on your desktop).
- Enter the GrantPerms folder & double click GrantPerms.exe to run it.
- Copy and paste the contents of the codebox below into the whitebox (Do Not include Code:)
- Code: Select all
c:\\Documents and Settings\HP_Owner\Application Data\Macromedia\Flash Player\localhost\DOCUME~1\HP_Owner\LOCALS~1\Temp\rf.swf c:\\WINDOWS\system32\config\systemprofile\Application Data\Motive\Acme\plugin\stats\outmsgs\1116987081937.xml c:\\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IsolatedStorage\0hnh3l35.myv\2sqf2il1.rl4\StrongName.czm5tyszaplbnspbwrwr5sftif5gm0kk\AssemFiles\framePref.dat c:\\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IsolatedStorage\0hnh3l35.myv\2sqf2il1.rl4\StrongName.zm3mix00r4oodf2vo5zlyh1za3feugtg\AssemFiles\MyImagesPrefs.dat c:\\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IsolatedStorage\0hnh3l35.myv\2sqf2il1.rl4\StrongName.zm3mix00r4oodf2vo5zlyh1za3feugtg\AssemFiles\MyImagesState.dat
- Now Click Unlock
- When it's done, click "OK".
- Now click List Permissions and post contents of the log file that opens (Perms.txt)
- A copy of Perms.txt will be saved in the same directory the tool is run.
Re-run Junction
- Click Start > Run. Copy and paste the contents of the codebox below into the run box.
(Do Not include Code:) Then click OK:
- Code: Select all
cmd /c junction -s c:\ >log.txt&log.txt&del log.txt
- A command window will open and the system will be scanned. (Click Agree to the prompt)
- Please be patient & wait untill a log file opens in notepad.
- Copy and paste the contents of that file in your next reply.