| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 72753 | 2006-09-24 23:08:00 | WINANTIVIRUS PO 2006 | Lovelee (6586) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 487127 | 2006-09-28 02:31:00 | Bring up yr hjt log and cut it then go to: www.hijackthis.de and you can paste yr log in there and ge an analysis I use that site, though this hjt is showing some odd stuff that is questionable and Im not sure if Im fully safe to remove it all. I know .. system restore yada yada .. :) |
Lovelee (6586) | ||
| 487128 | 2006-09-28 02:41:00 | Windows firewall is not very usefull at all.A freebe like ZoneAlarm is heaps safer | kjaada (253) | ||
| 487129 | 2006-09-28 08:30:00 | May pay for you to have a wee read here... wiki.castlecops.com |
pheonix (36) | ||
| 487130 | 2006-09-28 23:13:00 | Thanks for that link pheonix .. it looks like it points at the problem, however I did the first couple of steps and couldnt find anything amiss. Then it got too technical for me. And this morning its there again, now it does appear to be coming through one particular site. Its an msn site groups.msn.com One Ive used for years! And this has only been happening for about 2 weeks. Ive looked in the exceptions for firewall and I dont see anything relevant there. Its all very well to comment on windows firewall, I have had no problems at all using it, so I dont see a need to take down zone, which in my opiniion is bulky and cumbersome and a nuisance. :) This seems like its a hidden file/cookie/trojan or something thats not that easy to catch :s |
Lovelee (6586) | ||
| 487131 | 2006-11-24 23:50:00 | I thought I'd add a little for others who come up with this WinAntiVirus as I've just had the same problems. Pheonix's link was onto it. A slightly easier version is wiki.castlecops.com I don't know if I picked it up in a 2-for-1 deal but I was having problems with 'ishost.exe' at the same time which was causing an Internet Explorer problem with it coming up with an error message that it couldn't connect to the web and must work offline etc even when IE wasn't open. Anyway I had to delete an Autorun entry from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\pol icies\Explorer\Run ishost.exe = ishost.exe Hope that helps anyone else with the same problem. |
jrp (11192) | ||
| 487132 | 2006-11-25 00:34:00 | Remove this from the log . . O2 - BHO: (no name) - {E734EE2F-89E0-41CF-B403-4455B5376B64} - C:\WINDOWS\system32\igf936 . dll Delete this folder if found . It may have an uninstall inAdd/Remove . C:\Program Files\WinAntiVirus Pro 2006 Can you rename HijackThis . exe to Analyse . exe ? Rightclick Hijackthis . exe and choose rename . Then reboot and after reboot, doubleclick Analyse . exe and post the log it creates in your next reply (this will be a hijackthis log of course) |
Pancake (6359) | ||
| 487133 | 2006-11-25 00:54:00 | Remove this from the log.. O2 - BHO: (no name) - {E734EE2F-89E0-41CF-B403-4455B5376B64} - C:\WINDOWS\system32\igf936.dll The trouble with this is even after it's deleted a new 02 problem will then crop up as HiJack This doesn't show the cause of the problem, it only shows the effect - so therefore it'll keep happening. A quote from my link earlier: "A new Vundo infection which has recently cropped up, is being installed with a rootkit. The infected user will complain of persistant Winfixer popups but the HJT log will not have any of the usual visible Vundo indications." So until HJT is updated you'll have to download the VundoFixer (follow the link) and run it (after closing your internet connection, browsers and explorer as per the instructions). |
jrp (11192) | ||
| 487134 | 2006-11-25 02:41:00 | Ive looked in the exceptions for firewall and I dont see anything relevant there. Its all very well to comment on windows firewall, I have had no problems at all using it, so I dont see a need to take down zone, which in my opiniion is bulky and cumbersome and a nuisance. :) This seems like its a hidden file/cookie/trojan or something thats not that easy to catch :s If you have no problems, then you have no need for solutions. :thumbs: Or am I missing something?:groan: |
R2x1 (4628) | ||
| 1 2 | |||||