WinAntiVirus Pro 2006

Question

flipboi15 0 Junior Poster

17 Years Ago

i read the peoples threads about their problems witn WinAntiVirus Pro but i think my case is more severe cuz i think it keeps coming back when i remove it. do i turn off system restore or sumthing?? Also there was this pre virus i got called ismonm and ishost. thanks. and also if this helps when i play cs i get lag spikes which didnt occur before this virus. well here is my HJT logfile and i also tried running VundoFix but it doesnt detect it

EDIT: i get popups from amone or watever it is and caselmedia.

Logfile of HijackThis v1.99.1

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\atiptaxx.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Anthony Espiritu\Desktop\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146440821384
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1146440921348
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE

windows-virus

1 Contributor
2 Replies
103 Views
22 Hours Discussion Span
Latest Post 17 Years Ago Latest Post by flipboi15

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

flipboi15 0 Junior Poster · Answer 1 · 2006-07-26T02:48:39+00:00

please guys im really in need, the last thing i wanna do is reformat.

flipboi15 0 Junior Poster · Answer 2 · 2006-07-26T05:17:37+00:00

here is my ewido report, it just keeps coming back, i dont know wat to do.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 10:35:22 AM, 7/25/2006
+ Report-Checksum: 232CFABD

+ Scan result:

:mozilla.6:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.168:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Anthony Espiritu\Application Data\Mozilla\Firefox\Profiles\4ca76rji.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@as-us.falkag[1].txt[/email] -> TrackingCookie.Falkag : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@atdmt[2].txt[/email] -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@doubleclick[1].txt[/email] -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@fastclick[1].txt[/email] -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@media.fastclick[2].txt[/email] -> TrackingCookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@server.iad.liveperson[1].txt[/email] -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Cookies\anthony [email]espiritu@stats1.reliablestats[2].txt[/email] -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Local Settings\Temp\ICD1.tmp\UWA6P_0001_N91M1807NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Local Settings\Temporary Internet Files\Content.IE5\ODQF456V\WinAntiVirusPro2006FreeInstall[1].cab/UWA6P_0001_N91M1807NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup
C:\Documents and Settings\Anthony Espiritu\Local Settings\Temporary Internet Files\Content.IE5\SH6JWLYN\WinAntiVirusPro2006ScannerInstall[1].cab/UWA6P_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup
C:\WINNT\Downloaded Program Files\UWA6P_0001_N68M2301NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup
C:\WINNT\system32\wvwur.dll -> Adware.Virtumonde : Cleaned with backup

::Report End