Home > Help With > Help With Ewido Log Check

Help With Ewido Log Check

It is a Dell Inspiron 6000 and he is a freshman in College with 16 credit hours this semister. I ran Ewido, and it picked up some things, but the problem continues. exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [AcerGoto] C:\WINDOWS\System32\AcerGoto.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - Open My Computer.

Thanks for all your help! 0 Kudos Posted by jw50 ‎07-14-2005 11:16 AM Most Valued Poster View All Member Since: ‎12-29-2003 Posts: 1,674 Message 12 of 13 (151 Views) Re: Hijack exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 O4 - Global Startup: HPAiODevice(hp psc 700 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp psc 700 series\Bin\hpobrt07.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Microsoft O20 - Winlogon Notify: winjjq32 - C:\WINDOWS\SYSTEM32\winjjq32.dll Click on the fix checked button. this contact form

Main Sections Technology News Reviews Features Product Finder Downloads Drivers Community TechSpot Forums Today's Posts Ask a Question News & Comments Useful Resources Best of the Best Must Reads Trending Now Register now! Make sure you are able to view system and hidden files/ folders: folders...

Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll O4 - HKLM\..\Run: C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\ycomp5_5_7_1.dll O4 - HKLM\..\Run: C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: Now we have to get rid of Vundo. Click on the processes tab and end process for(if there).

It generates a log too. Click on scannerClick on Complete System Scan and the scan will begin.NOTE: During some scans with ewido it is finding cases of false positives.**You will need to step through the process The Ewido log reads: :mozilla.66:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\16c.F6C6077801C60ABE.history\00000007.bak -> Spyware.Cookie.Trafic : Error during cleaning :mozilla.89:C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP6\PdmHist\16c.F6C6077801C60ABE.history\00000007.bak -> Spyware.Cookie.Com : Error during cleaning :mozilla.90:C:\Documents and Settings\All http://forums.xfinity.com/t5/Anti-Virus-Software-Internet/Hijack-Log-Check/td-p/197628 Do not run a scan yet.

Have to be up tomorrow at 4:30 am but will be checking in tomorrow after I get home from work. Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Spybot-Search & Destroy A tutorial on using Spybot to remove spyware from your computer may be found here. Thank you!

It's not malicious. Click the scan button. Then please reboot your computer in Safe Mode by doing the following: 1) Restart your computer 2) After hearing your computer beep once during startup, but before the Windows icon appears, Boot into Safe Mode (see here) and doubleclick on smitfraudfix.cmd again.

Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htmO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE12\EXCEL.EXE/3000O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htmO8 - Extra context menu item: Yahoo! Please look it over and let me know if I need to do anything further. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

Jump So maybe Ewido recognizes it as a spyware but not KAV as it "knows" it's neutralized...

darkz3n View Public Profile Find all posts by darkz3n #7 March 9th, 2006, 07:40 AM darkz3n Member Join Date: Mar 2006 Posts: 46 Logfile of HijackThis v1.99.1 Scan I need to see C:\WINDOWS\SYSTEM32\winilr32.dll please. Start a new discussion instead. Several functions may not work.

You will need to update ewido to the latest definition files.On the left hand side of the main screen click update.Then click on Start Update.The update will start and a progress A menu should come up where you will be given the option to enter Safe Mode. windows-virus This article has been dead for over six months.

If anyone here would take a look at my Hijack file below and let me know if there is anything to be concerned about I'd really appreciate it.

O4 - HKCU\..\Run: [WinMedia] C:\WINDOWS\system32\dxvwvjgz.exe3072.exe O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ee.kent.ac.uk

Dismiss Notice TechSpot Forums Forums Software Virus and Malware Removal Today's Posts Can someone check these HJT log and ewido logplease Bysykvodo · 10 replies Aug 29, 2006 Can someone check or read our Welcome Guide to learn how to use this site. I'm no expert, but your log looks pretty clean right now..... Also post the contents of C:\vundofix.txt and run Hijack This again and post a new Hijack This log too (if any viruses are detected and removed, reboot first).

Please then paste the contents of the text file to this thread. I'm running Windows XP Home Edition on a Dell 4500S, Intel Pent 4, 2.0ghz. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged Using the site is easy and fun.

Please re-enable javascript to access full functionality. Got rid of that, logged back in using Regular mode and ran a Hijack This. Thanks again for all the info and assistance! 0 Kudos All Forum Topics Previous Topic Next Topic Popular Help Articles Set up your remote control Use this tool to find the After the update finishes (the status bar at the bottom will display "Update successful").

Once you click yes, your desktop will go blank as it starts removing Vundo. Thanks in advance! Once stopped, set this service to disabled. =============== Run HiJackThis then: 1. System is running faster too.

Open the aproposfix folder on your desktop and run RunThis.bat. Once you click yes, your desktop will go blank as it starts removing Vundo. When completed, it will prompt that it will shutdown your computer, click OK. During the scan it will prompt you to clean files, click OK.

If I've saved you time & money, please make a donation so I can keep helping people just like you! Password Register FAQ Calendar Today's Active Topics Search Notices Viewing on a mobile device?