Home > Hjt Log > HJT Log: Win Antivirus Pro 2006

HJT Log: Win Antivirus Pro 2006

I'm glad I don't have any spyware. Logged The best things in life are free. Using the site is easy and fun. Select for scanning archives.

Post that log & a fresh HJT log in your next replyNote: Do not mouseclick combofix's window whilst it's running. Instructions can be found here. ** These files are hidden to stop you accidentally removing something important. Regards Howard This thread is for the use of MetalX only. Many of those have used hijackthis to find the run command for the pop-up and any other elements.Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial

exe /RUNONCE" [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sstqp HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winghy32 Completion time: 02/09/2006 7:53:05.09 ComboFix.txt HPB View Public Profile Send a private message to HPB Find all posts by Password Site Map Posting Help Register Rules Today's Posts Search Site Map Home Forum Rules Members List Contact Us Community Links Pictures & Albums Members List Search Forums Show Threads Members 878 posts OFFLINE Local time:03:35 PM Posted 06 October 2006 - 01:10 PM Welcome Sanjay K! I've updated the HJT log after deleting the files I could : Logfile of HijackThis v1.99.1 Scan saved at 10:10:07, on 02/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer

Noviciate View Public Profile Send a private message to Noviciate Find all posts by Noviciate #3 02-09-06, 07:56 HPB Familiar face Join Date: Sep 2006 Posts: 13 Re: Also note that multiple identity PCís (family PCís) present a different problem; please tell me if your PC has more than one individualís setting, but continue with the fix.Before we get mobile security Print Pages: [1] Go Up « previous next » Avast WEBforum » viruses and worms » viruses and worms (Moderators: Pavel, Maxx_original, misak) » Winantivirus Pro 2006 Free Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583}

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O2 - BHO: XBTP06796 Class - {0979C81F-A46C-4606-9579-8BC82E9C2C31} - C:\PROGRA~1\IBM\IBMSOF~1\IBMSST.dllO2 - BHO: Yahoo! Below is my HijackThis Log. This log file will be located at C:\avenger.txt The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and https://forums.spybot.info/showthread.php?6854-WinAntiVirus-Pro-2006-(several-HJT-logs)Home-WK-comp-Please-help Check out the forums and get free advice from the experts.

Logfile of HijackThis v1.99.1 Scan saved at 15:35:26, on 01/09/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe scanning hidden autostart entries ... Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Instead, open a new thread in our security and the web forum.

TechSpot Account Sign up for free, it takes 30 seconds. http://www.techsupportforum.com/forums/f100/hjt-log-help-winantivirus-pro-2006-smitfraud-c-toolbar888-162472.html Login now. It is advisable to hide them again after fixing your computer. ** 4) Log off from the internet and disconnect your modem cable for the duration of the fix. Removal Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click SCANYou'll see a list of all items found. Remember I worked through the steps to this problem before. Re: Winantivirus Pro 2006 « Reply #2 on: September 27, 2006, 04:57:25 AM » I went ahead and turned off her system restore, and ran ewido and it found nothing. Checking %System% folder...

  1. Winantivirus pro 2006, Adult friend Finder, etc.
  2. Check out the forums and get free advice from the experts.
  3. Do this for all Usernames. 6) Go to Start > Control Panel > Internet Options and under Temporary Internet files, click on Delete Files...
  4. Performed disk cleanup. -- HijackThis (run as Chris.exe) ----------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 2:42:19 PM, on 6/14/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2
  5. I ran the two commands but I could not delete the folder as some of the files it contained were in use.
  6. The program will then begin downloading the latest definition files.

As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged My computer is slow---My Blog---Follow me on Twitter.My help is ALWAYS FREE, but if you want to donate to help me continue my fight against malware -- click here!Asking for help Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Hijackthis Log[ Started by bernier4444 , May 23 2006 01:41 PM This topic is locked #1 bernier4444 Posted 23 May 2006 - 01:41 PM bernier4444 Member Member 10 posts Hi there.

Ewido manual updatesDo NOT run a scan yet.Next, please reboot your computer in Safe Mode by doing the following:1) Restart your computer2) After hearing your computer beep once during startup, but Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exeO9 - Extra 'Tools' menuitem: Yahoo! Check the box to the left of 'Delete all offline content' and then click on OK. 7) Ensure that ALL open Windows / Programs / Folders are closed and then

The Maxx Full Member Posts: 130 avast!

It does not provide an option to clean/disinfect. But was afraid to install it on her PC incase it was more junk. Edited by bernier4444, 24 May 2006 - 09:31 AM. 0 #8 Crustyoldbloke Posted 24 May 2006 - 09:50 AM Crustyoldbloke Old Malware Surgeon with a shaky scalpel Retired Staff 15,130 posts My HJT log is posted below.

avkernel.dll : Access is denied. Several functions may not work. Several functions may not work. Several functions may not work.

If you see a message in the titlebar saying "Not responding..." you can ignore it. What about Spyware Doctor, is that a safe program to use? Thanks Jamie My Website!"The ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy." - C:\Documents and Settings\Lucy\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined). :mozilla.102:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\ngct72fg.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined). :mozilla.103:C:\Documents and Settings\Tony\Application Data\Mozilla\Firefox\Profiles\ngct72fg.default\coo kies.txt -> TrackingCookie.Statcounter : Cleaned

Ask a question and give support. Back to top #3 jamielaw jamielaw Malware Ass-Kicker! IMPORTANT: Do not open any other windows or programs while AVG AntiSpyware is scanning, it may interfere with the scanning proccess:Launch AVG AntiSpyware by double-clicking the icon on your desktop.Select the Place a checkmark in the boxes to the left of the following entries, by clicking on them: O2 - BHO: (no name) - {0C66DE7C-F800-41A7-8BD2-2BD1576D6911} - C:\WINDOWS\System32\sstqp.dll (file missing) O2 - BHO:

Pro rocks! I have set my fire wall (mcaffe) + every security setting/blocker (win xp security etc) i have to disallow the automatic download pop up form opening which has stopped any accidental Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 jamielaw jamielaw Malware Ass-Kicker! programs.

Username or email: I've forgotten my password Forum Password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Community Forum I hope this works. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Click start/run and type services.msc into the run box and press the enter key.

Internet Security 5.0.545 Lisandro Avast team Certainly Bot Posts: 66809 Re: Winantivirus Pro 2006 « Reply #3 on: September 27, 2006, 05:07:10 AM » Quote from: The Maxx on September 27, Please copy the entire contents of that page and paste it here.Post back a fresh HijackThis log (from normal mode) and I will take another look. 0 #3 bernier4444 Posted 23 It would greatly help if you can provide logs from Ewido & Vundofix. Ask a question and give support.

O4 - Startup: winamp.lnk = E:\PROGRAM FILES\WINAMP\winamp.exe O4 - Global Startup: Run Nintendo Wi-Fi USB Connector Registration Tool.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe O4 - Global Startup: Snsicon.lnk = C:\Program Files\Second Nature\Snsicon.exe O6 Register now! Microsoft Corporation 8/4/2004 6:00:00 AM 68608 C:\WINDOWS\SYSTEM32\access.cpl Microsoft Corporation 8/4/2004 6:00:00 AM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl 8/18/2004 1:28:00 PM 24576 C:\WINDOWS\SYSTEM32\BACSCPL.cpl Microsoft Corporation 8/4/2004 6:00:00 AM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl Microsoft Corporation 8/4/2004 6:00:00 AM