Home > General > Wormradar.com?

Wormradar.com?

Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Users\god\AppData\Local\ema.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully. Once the program has loaded, select Perform quick scan, then click Scan. but I am having a hard time knowing why such a program is on my computer.Was found in Hyjack This.O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dllThank you, QuiMThere CNET Reviews Best Products CNET 100 Appliances Audio Cameras Cars Desktops Drones Headphones Laptops Networking Phones Printers Smart Home Tablets TVs Virtual Reality Wearable Tech Web Hosting Forums News Apple Computers

scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) Also verify your firewall permissions as stated in this http://free.avg.com/ww.faq.num-1334. scanning hidden files ... When done, two DDS.txt's will open.

ktbaird New Member Messages: 3 I have been having problems with my computer since i let my nephew use it i used avg and the highjack this and got the following But OK, I will remove it.Could you tell me if MWB or HJT installed a permanent "watchdog" (don't know the righ word, sorry) to secure from potential future malware, trojan... (I Turn on any router or hub that your computer may be plugged into. 8.

The data field contains the error number. I resoulved them at their respective web sites.This one stumped me....again thanks'EMy1C 0 Back to top #4 quietman7 quietman7 Elder Janitor & Bug Exterminator Admin 11,540 posts Gender:Male Location:Virginia, USA Posted But not systematically. EXPLORER.EXE IEXPLORE.EXE USERINIT.EXE WINLOGON.EXE But DO NOT reboot the system and then try installing or running Malwarebytes.

Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll 0 Back to top #2 quietman7 quietman7 Elder Janitor & Bug Exterminator Admin 11,540 posts Gender:Male Location:Virginia, USA Posted 21 November Please try again now or at a later time. A long drawn out discussion.So I am with Bob.

then Click OK.Wait till the scanner has finished and then click File, Save Report.Save the report somewhere where you can find it. Record Number: 183325 Source Name: Microsoft-Windows-HttpEvent Time Written: 20100109043645.888265-000 Event Type: Error User: Computer Name: Faizal-PC Event Code: 3004 Message: Windows Defender Real-Time Protection agent has detected changes. Join our site today to ask your question. Please rerun hijackthis and place checks next to the following entries.

Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. NEXTPlease download aswMBR to your desktop.Double click the aswMBR.exe icon to run itWhen asked if you want to download Avast's virus definitions please select Yes.Click the Scan button to start the Share this post Link to post Share on other sites Prev 1 2 Next Page 1 of 2 This topic is now closed to further replies.

Check that your Windows HOSTS file does not contain an entry for any AVG / Grisoft websites in it... Spybot resident usually on but makes no difference if switched off Previously had AVG 7.5 with no troubles at all Allowed AVG 8 Free to uninstal 7.5 March 31, 2009 Double-click mbam-setup.exe and follow the prompts to install the program. Contact Us Help Home Top RSS Terms and Rules Forum software by XenForo™ ©2010-2016 XenForo Ltd.

Writing will now appear under the Custom Scan boxClick the Run Scan button. Now, 2 "infected elements" + I clic "remove").And now I start OTS.exe and will post the results.ark.txtmbam_log_2010_10_05__19_31_26_.txt Share this post Link to post Share on other sites Tag_    New Member If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so info.txt logfile of random's system information tool 1.06 2010-01-09 13:03:33 =========================== Logfile of random's system information tool 1.06 (written by random/random) Run by Faizal at 2010-01-09 13:03:29 Microsoft Windows Vista Home

Some of the executables in the firewall permissions list don't appear among those in the AVG 8 folder (avgam.exe, avgnsx.exe) Firewall has no provision for 'safe' Internet addresses. Thanks to rdsok and Anoqoq for patience and help

Go to Select AVG Forums General Information Information AVG ZEN AVG Zen Dashboard Click on Reboot Now.If no reboot is require, click on Report.

Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy Inloggen

the webrowsers still acting funny. tbird390, Jul 24, 2010 #7 dvk01 Derek Moderator Malware Specialist Joined: Dec 14, 2002 Messages: 50,434 that looks clean so if you are still getting problems & diverts etc then Delete Last edit at 05/03/08 01:44PM by BIG AL 43.

March 31, 2009 16:46 Re: Update fails #15 Top jonath Senior Join Date: 31.3.2009 Posts: 32 The If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: UB - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Documents Right click that file and select Send To>Compressed (zipped) file. First follow the steps here to disable SpyBot's TeaTimer, as it will interfere with the repairs. I will reboot to check if it's working as usual (yes, I use to keep an eye permanently on this CPU activity indicator) - A new ie shortcut has been created

Click Close.Copy the entire contents of the report and paste it in a reply here.Note** you may get the following warning, just click OK and continue."Rootkit Unhooker has detected a parasite They very well could be orphan files, I just don't where they would have come from. And a lot of other entries that I do nothing.Now: running MWB with "mbam.exe" is still not working. Deke40 replied Jan 16, 2017 at 8:40 PM Loading...

Finally turn back on your computer.

March 31, 2009 16:46 Re: Update fails #9 Top jennie Senior Join Date: 31.3.2009 Posts: 30 To clarify about my Windows XP fully updated Using AVG 8 Free version 8.0.100 Database 269.23.7/1410 2 Mb Broadband connection via cable from virginmedia.com in UK Windows XP firewall off.