1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

just got this virus: win32/Spammer

Discussion in 'Virus & Other Malware Removal' started by number, Jan 5, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    hi,

    I'm attaching the pic where you guys can see what virus I just got... I tried to delete it but I didnt succeed.
    any suggestion?
    thanks!

    p.s. my HJL :

    Logfile of HijackThis v1.99.1
    Scan saved at 12.20.15, on 05/01/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programmi\Eset\nod32krn.exe
    C:\WINDOWS\shost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Programmi\Eset\nod32kui.exe
    C:\WINDOWS\System32\aim.exe
    C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\Mixer.exe
    C:\Programmi\Microsoft IntelliPoint\point32.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Programmi\eMule\emule.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\hffext\hffsrv.exe
    C:\Programmi\Mozilla Firefox\firefox.exe
    C:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
    O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [messenger] aim.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [hffsrv] c:\windows\hffext\hffsrv.exe
    O4 - HKLM\..\RunServices: [messenger] aim.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B65E3887-2EF1-42E2-BFA9-1EE485DCED36}: NameServer = 85.37.17.17 151.99.125.1
    O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
    O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     

    Attached Files:

  2. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    hi, welcome to TSG.


    you should uninstall eMule as it's likely a cause of your problems veing a p2p programme!


    Download the pocket killbox

    http://www.bleepingcomputer.com/files/killbox.php



    * Download the trial version of Ewido Security Suite here


    http://www.ewido.net/en/

    * Install ewido.
    * During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
    * Launch ewido
    * It will prompt you to update click the OK button and it will go to the main screen
    * On the left side of the main screen click update
    * Click on Start and let it update.
    * DO NOT run a scan yet. You will do that later in safe mode.


    *Download Cleanup from Here

    http://www.stevengould.org/software/cleanup/download.html



    * A window will open and choose SAVE, then DESKTOP as the destination.
    * On your Desktop, click on Cleanup40.exe icon.
    * Then, click RUN and place a checkmark beside "I Agree"
    * Then click NEXT followed by START and OK.
    * A window will appear with many choices, keep all the defaults as set when the Slide Bar to the left is set to Standard Quality.
    * Click OK
    * DO NOT RUN IT YET



    * Click here for info on how to boot to safe mode if you don't already know
    how.

    http://service1.symantec.com/SUPPOR...2001052409420406?OpenDocument&src=sec_doc_nam



    * Now copy these instructions to notepad and save them to your desktop. You
    will need them to refer to in safe mode.


    * Restart your computer into safe mode now. Perform the following steps in
    safe mode:



    Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill.
    In the Full Path of File to Delete box, copy and paste each of the following
    lines one at a time then click on the button that has the red circle with the
    X in the middle after you enter each file. It will ask for confirmation to
    delete the file. Click Yes. Continue with that same procedure until you have
    copied and pasted all of these in the Paste Full Path of File to Delete box.



    Note: It is possible that Killbox will tell you that one or more files do not
    exist. If that happens, just continue on with all the files. Be sure you
    don't miss any.



    C:\WINDOWS\shost.exe



    * Run Ewido:

    * Click on scanner
    * Click Complete System Scan and the scan will begin.
    * During the scan it will prompt you to clean files, click OK
    * When the scan is finished, look at the bottom of the screen and click the Save report button.
    * Save the report to your desktop


    * Run Cleanup:

    * Click on the "Cleanup" button and let it run.
    * Once its done, close the program.



    reboot to normal mode and run a few online scans!



    Run an online antivirus check from

    http://www.kaspersky.com/virusscanner

    choose extended database for the scan!



    Run ActiveScan online virus scan here

    http://www.pandasoftware.com/products/activescan.htm

    When the scan is finished, anything that it cannot clean have it delete it.
    Make a note of the file location of anything that cannot be deleted so you
    can delete it yourself.
    - Save the results from the scan!


    post another hijack this log, the ewido and active scan logs
     
  3. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    ok i've done everything but didnt save the ewido and panda log.
    this is the HJL:

    Scan saved at 22.40.22, on 05/01/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\ewido anti-malware\ewidoctrl.exe
    C:\Programmi\Eset\nod32krn.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Programmi\Eset\nod32kui.exe
    C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\Mixer.exe
    C:\Programmi\Microsoft IntelliPoint\point32.exe
    C:\windows\hffext\hffsrv.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Programmi\Mozilla Firefox\firefox.exe
    C:\Programmi\eMule\emule.exe
    C:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
    O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [messenger] aim.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [hffsrv] c:\windows\hffext\hffsrv.exe
    O4 - HKLM\..\RunServices: [messenger] aim.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B65E3887-2EF1-42E2-BFA9-1EE485DCED36}: NameServer = 85.37.17.17 151.99.125.1
    O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programmi\ewido anti-malware\ewidoctrl.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
    O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
  4. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    did ewido and panda find anything? The reason why we ask for the log files is so we can see what's been removed and what infections you may have had/have?


    Run an online antivirus check from

    http://www.kaspersky.com/virusscanner

    choose extended database for the scan!



    post another hijack this log, and the kaspersky scan log
     
  5. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    ok I've done the kaspersky online scan and actually there were found a few virus and many infected object. The point is that it seems it didnt remove them! ok i'm attaching the result as a txt file.

    what shall I do now? thanks!
     

    Attached Files:

    • log.txt
      File size:
      11.7 KB
      Views:
      20
  6. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    Click Start > Run > and type in:

    services.msc

    Click OK.

    In the services window find Service Hosts
    Right click and choose "Properties". On the "General" tab under "Service
    Status" click the "Stop" button to stop the service. Beside "Startup Type"
    in the dropdown menu select "Disabled". Click Apply then OK. Exit the
    Services utility.


    Note: You may get an error here when trying to access the properties of the
    service. If you do get an error, just select the service and look there in
    the top left of the main service window and click "Stop" to stop the service. If that gives an error or it is already stopped, just skip this step and proceed with the rest.



    * Click here for info on how to boot to safe mode if you don't already know
    how.

    http://service1.symantec.com/SUPPORT...rc=sec_doc_nam



    * Now copy these instructions to notepad and save them to your desktop. You
    will need them to refer to in safe mode.


    * Restart your computer into safe mode now. Perform the following steps in
    safe mode:

    have hijack this fix this one


    O23 - Service: Service Hosts (ServiceHost) - Unknown owner - C:\WINDOWS\shost.exe (file missing)

    Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill.
    In the Full Path of File to Delete box, copy and paste each of the following
    lines one at a time then click on the button that has the red circle with the
    X in the middle after you enter each file. It will ask for confirmation to
    delete the file. Click Yes. Continue with that same procedure until you have
    copied and pasted all of these in the Paste Full Path of File to Delete box.



    Note: It is possible that Killbox will tell you that one or more files do not
    exist. If that happens, just continue on with all the files. Be sure you
    don't miss any.



    C:\Programmi\ESET\infected\ELQXQDCA.NQF
    C:\Programmi\ESET\infected\PZ5TVZDA.NQF
    D:\EmuleFiles\- [APPZ] - Ghostmail - Zip (Send Anonymous Emails).zip/GM51.exe
    D:\EmuleFiles\- [APPZ] - Ghostmail - Zip (Send Anonymous Emails).zip




    go to this site and download these tools and once you get both
    adaware Se 1.6 and spybot, update both of them.

    Set adaware to do a full system scan and deselect, "search for neglible risk
    entries". Click next to start the scan. Delete everything adaware finds.

    reboot and now run spybot

    Spybot: Search and destroy.

    Delete what spybot finds marked in red. After updating spybot hit the
    immunize button.

    reboot again


    With CWshredder close all browsers and programmes and select the FIX button.



    Go here and download Microsoft Antispyware Beta. First in the top menu click
    File then Check for updates to download the definitons updates.

    After updating look in the right side of the main window under "Run Quick
    Scan Now" and click Spyware scan options. In that window put a tick by Run a
    full system scan and then put a check by all three options below that then
    click Run Scan now.

    When the scan is finished, let it fix anything that it finds (have it
    quarantine the items that have that option rather than delete just in case.
    It is a beta program and there may be false positives)

    Restart your computer.


    All tools can be downloaded at the link below and found on that page!


    . Microsoft® Windows AntiSpyware
    . Trend micro CWShredder
    . SpyBot search and destroy
    . AdAware SE personal


    http://www.majorgeeks.com/downloads31.html
     
  7. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    thank you. I've done everything you said and i'm posting a new HJL.
    btw, when my system starts up, I have 4 versions of windows to choose from, because I've done several wrong installations; i'm posting a pic of what i'm talking about. I just want to keep the first and working line: windows professional, and delete the rest. How can I do that?

    another question: kaspersky antivirus has found meny more entries than anyother antivirus i've tested, does this mean that it's a better antivirus?
    thanks!

    Logfile of HijackThis v1.99.1
    Scan saved at 11.28.58, on 07/01/2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programmi\ewido anti-malware\ewidoctrl.exe
    C:\Programmi\Eset\nod32krn.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Programmi\Eset\nod32kui.exe
    C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe
    C:\WINDOWS\Mixer.exe
    C:\Programmi\Microsoft IntelliPoint\point32.exe
    C:\windows\hffext\hffsrv.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Programmi\Messenger\msmsgs.exe
    C:\Programmi\eMule\emule.exe
    C:\Programmi\Mozilla Firefox\firefox.exe
    C:\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
    O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [messenger] aim.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmi\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Programmi\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [hffsrv] c:\windows\hffext\hffsrv.exe
    O4 - HKLM\..\RunServices: [messenger] aim.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
    O12 - Plugin for .pdf: C:\Programmi\Internet Explorer\PLUGINS\nppdf32.dll
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B65E3887-2EF1-42E2-BFA9-1EE485DCED36}: NameServer = 85.37.17.17 151.99.125.1
    O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
    O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Programmi\ewido anti-malware\ewidoctrl.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     

    Attached Files:

    • xp.jpg
      xp.jpg
      File size:
      99.2 KB
      Views:
      2
  8. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    clean log.

    go to desktop and right click my computer/click properties/click advanced/click settings in startup and recovery/click edit, in notepad make sure you make a back up and save it to a floopy. Then edit out the 3 lines below the Xp professional one!

    this how the XP professional should look for a single installation!

    [boot loader]
    timeout=30
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn



    you should now turn off system restore to flush out the bad restore points and
    then re-enable it and make a new clean restore point.


    How to turn off system restore

    http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam


    http://support.microsoft.com/default.aspx?scid=kb;[LN];310405


    here's some free tools to keep you from getting infected in the future.


    to stop reinfection get these two tools, spywareguard and spywareblaster
    from


    http://www.javacoolsoftware.com/downloads.html


    get the hosts file from here.



    http://www.mvps.org/winhelp2002/hosts.htm



    put it into :


    Windows XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
    Windows 2K = C:\WINNT\SYSTEM32\DRIVERS\ETC
    Win 98\ME = C:\WINDOWS



    ie-spyad.Puts over 5000 sites in your restricted zone so you'll be protected

    when you visit innocent-looking sites that aren't actually innocent at all.

    https://netfiles.uiuc.edu/ehowes/www/resource.htm



    http://www.winpatrol.com/winpatrol.html



    Use spybot's immunize button and use spywareblaster' enable
    protection once you update it. you can put spybot's hosts file into
    your own and lock it.



    I would also suggest switching to Mozilla's firefox browser, it's safer, has
    a built in pop up blocker, blocks cookies and adds. Mozilla Thunderbird is also a good
    e-mail client.

    http://www.mozilla.org/


    Another good and free browser is Opera!

    http://www.opera.com/


    Read here to see how to tighten your security:

    http://forums.techguy.org/t208517.html


    A good overall guide for firewalls, anti-virus, and anti-trojans as well as
    regular spyware cleaners.

    http://www.firewallguide.com/anti-trojan.htm



    you can mark your own thread solved through thread tools at the top of
    the page.
     
  9. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    hey thanks a lot. actually I already use mozilla and i love it. About IE spyad, considering I'm using mozilla, I wont need it right?
    thanks!
     
  10. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    thanks a lot.

    considering that I dont want to make a mistake I'm attaching here my boot configuration. What do I excactly need to erase from the text?
    thank u!
     

    Attached Files:

  11. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    This is what you have here and this is what you should have below when you edit it, you just want to leave the XP professional information.


    [boot loader]
    timeout=22
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect
    multi(0)disk(0)rdisk(0)partition(2)\NUOVO="Microsoft Windows XP Home Edition" /fastdetect
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
    signature(10414d92)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect


    This is what you should be left with! Did you delete the other partitions or were these all failed attempts at other installations?

    In fact just copy and paste this text below to the notepad file and save it, delete all the rest, and save it, but make sure you have made a backup of the original to floppy disc just in case!

    This is what you should have for a single installation of XP pro!


    [boot loader]
    timeout=30
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
     
  12. number

    number Thread Starter

    Joined:
    Oct 15, 2003
    Messages:
    1,053
    i have no floppy so i have to be 100% sure of what I'll do:

    this is my actual working OS:
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect

    you suggested:
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

    which it has the "NoExecute=OptIn" ...what is this? shall I just add it?
    Are you 100% sure that by just copying this:
    [boot loader]
    timeout=30
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

    everything will work?
     
  13. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    yes use that one! Mine has the extra bit i don' think it matters? Why have you no floppy?


    Use this one then!


    [boot loader]
    timeout=30
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect


    http://support.microsoft.com/default.aspx?scid=kb;en-us;289022
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/431305

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice