(Solved) Solved: Need Help Removing WinAntiVirusPro2006 Tutorial=

Home > Solved Need > Solved: Need Help Removing WinAntiVirusPro2006

Solved: Need Help Removing WinAntiVirusPro2006

But I think I learned from a tech repairman that some things are best left to destroy and install. Reboot your computer into Safe Mode. SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32 »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End & HJT Logfile of HijackThis v1.99.1 Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion Check This Out

Please post C:\rapport.txt [You may also have to restore your desktop background... Are you looking for the solution to your computer problem? Attempting to delete C:\WINDOWS\system32\pmsyssir.exe C:\WINDOWS\system32\pmsyssir.exe Has been deleted! Here are my smitfraud & HJT logs (I hope I haven't jumped the gun) SmitFraudFix v2.100 Scan done at 14:07:31.37, 29/09/2006 Run from C:\Documents and Settings\Dino\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version https://forums.techguy.org/threads/solved-help-winantiviruspro2006-hjt-included.508286/

A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply. Have something to contribute to this discussion? Jul 13, 2006 #11 howard_hopkinso TS Rookie Posts: 24,177 +19 I`m glad your problem is solved.

Vista seems to be slow on a fast machine. And then a hijackthis log... HJT is one of the most useful tools for indicating the presence of nasties on a system. Thanks for the reply, Dan 0 OPDiscussion Starter Danarchy 16 9 Years Ago ==Download SmitfraudFix (by S!Ri) from http://siri.urz.free.fr/Fix/SmitfraudFix.zip Extract the content (a folder named SmitfraudFix) to your Desktop. - Restart

Show Ignored Content As Seen On Welcome to Tech Support Guy! I have used it for a long time and have never had any problems. hpqtra08.exe?????? https://forums.techguy.org/threads/solved-trojan-spm-lx-from-spyware-winantiviruspro2006.505301/ This also needs a secoind PC for you to operated on the screwed up system disk.

Note: This is NOT the Anti Virus from AVG.When the trial period expires it becomes feature-limited freeware but is still worth keeping as a good on-demand scanner.1. ntdll.dll?????? 5.1.2600.5512?????????? 0x000109f9 [ System Events ]Error - 2010/04/11 0:42:31 | Computer Name = KKIBA | Source = Service Control Manager | ID = 7034Description = Bonjour ???? ??????????????????? 1 ????????? Reboot your computer once all Java components are removed. No, create an account now.

Or putting a Radio Shack demagnetizer to it and installing XP? cybertech, Oct 10, 2006 #5 mongooseboi Thread Starter Joined: Oct 10, 2006 Messages: 13 Rapport: SmitFraudFix v2.108 Scan done at 16:03:35.92, Tue 10/10/2006 Run from C:\Documents and Settings\Mike\Desktop\SmitfraudFix OS: Microsoft Windows Attempting to delete C:\WINDOWS\system32\awtqn.dll C:\WINDOWS\system32\awtqn.dll Has been deleted! cybertech, Oct 10, 2006 #7 mongooseboi Thread Starter Joined: Oct 10, 2006 Messages: 13 Allright..my vundofix.txt: VundoFix V6.2.1 Checking Java version...

If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members. http://sumolinux.com/solved-need/solved-need-help-removing-winantispyware7.html And from spending 14 straight hours dealing with this machine. During the removal process disconnect from the net. Well, his uncle's is worse.

Check out the forums and get free advice from the experts. File not foundO32 - HKLM CDRom: AutoRun - 1O32 - AutoRun File - [2005/05/24 14:59:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]O33 - MountPoints2\{7240c354-7b9c-11da-8bde-00022daa280b}\Shell\AutoRun\command - TechSpot Account Sign up for free, it takes 30 seconds. http://sumolinux.com/solved-need/solved-need-help-removing-viruses.html Regards Howard Jul 11, 2006 #6 rogerlarry TS Rookie Topic Starter About:Blank is disabled but lost ability to https Howard, I got mixed results.

Error - 2009/03/05 9:10:21 | Computer Name = KKIBA | Source = crypt32 | ID = 131083Description = ??????? Beside "Startup Type" in the dropdown menu select "Disabled". Restore points Turn off restore points, boot, turn them back on – here’s how XP http://service1.symantec.com/SUPPOR...2001111912274039?OpenDocument&src=sec_doc_nam MFDnNC, Sep 29, 2006 #10 DrGrafenberg Thread Starter Joined: Sep 29, 2006 Messages: 63

Thanks Suspishio.

Click Yes. Why it stayed with MS 2000 SP4, I'll never know. Thanks again, Dan windows-nt-2000-xp This topic has been dead for over six months. Error - 2010/04/11 0:42:31 | Computer Name = KKIBA | Source = Service Control Manager | ID = 7031Description = AVG Free WatchDog ??????????????????? 1 ???????????????? 0 ???????????: ???????

Select the "Save report as" button in the lower lef- hand of the screen and save it to a text file on your system (make sure to remember where you saved Open the SmitfraudFix folder and double-click smitfraudfix.cmd Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present). Once you click yes, your desktop will go blank as it starts removing Vundo. navigate here Older versions have vulnerabilities that malware can use to infect your system.

If you need a free one get AVG: http://free.grisoft.com/freeweb.php/doc/2/ Are you using a firewall? Error - 2009/02/19 1:51:45 | Computer Name = KKIBA | Source = Application Hang | ID = 1002Description = ??????????????? Thread Status: Not open for further replies. Here are my results from that: Incident Status Location Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\5loc6hi6.default\cookies.txt[.realmedia.com/] Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\159hf07q.default\cookies-1.txt[www.winantivirus.com/] Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Mike\Application Data\Mozilla\Firefox\Profiles\159hf07q.default\cookies-1.txt[.go.com/] Spyware:Cookie/Statcounter

I've attached a new HJT log. There is a virus that keeps putting popups on my computer. The tool will next check if wininet.dll is infected- if it is you will be prompted to replace the file ; type Y and press "Enter". Sorry, there was a problem flagging this post.

Still didn't work... C:\Documents and Settings\Ed\Local Settings\Application Data\5325140f.exe C:\WINDOWS\system32\5325140f.exe C:\Program Files\WinAntiVirus Pro 2006 C:\WINDOWS\System32\ntddetect.exe ALCMTR.EXE Search your system for this file and delete all instances of it. Note: It is possible that VundoFix encountered a file it could not remove. Before going any further with the about:blank problem, I need some help getting access to secure websites.

TechSpot is a registered trademark. Unfortunately, the average computer user knows very little about security and net safety. Check the box that says: "Accept License Agreement". O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ntddetect] C:\WINDOWS\System32\ntddetect.exe O4 - HKLM\..\Run: [5325140f.exe] C:\WINDOWS\system32\5325140f.exe O4 - HKLM\..\Run: [WinAntiVirusPro2006] "C:\Program Files\WinAntiVirus Pro 2006\WinAV.exe" /min O4 - HKLM\..\RunServices: [ntddetect] C:\WINDOWS\System32\ntddetect.exe O4 -

Turn your computer back on. I'm kinda hesitant to remove anything else from the system as I fear losing more functions. MSwhip replied Mar 6, 2017 at 9:13 PM Loading... This is my HJT log: Logfile of HijackThis v1.99.1 Scan saved at 10:23:14 PM, on 10/9/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe