Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 [2] 3 4  All   Go Down

Author Topic: how to get rid antivirus 2009  (Read 26394 times)

0 Members and 1 Guest are viewing this topic.

zuratai



    Intermediate

    Re: how to get rid antivirus 2009
    « Reply #15 on: September 22, 2008, 10:09:58 PM »
    hmm i got this b4 and all i ran was The malwarebytes  removed it right away
    Logged

    delgado

      Topic Starter


      Beginner

      Re: how to get rid antivirus 2009
      « Reply #16 on: September 23, 2008, 09:04:48 AM »
      Malwarebytes' Anti-Malware 1.28
      Database version: 1199
      Windows 6.0.6000

      9/23/2008 11:03:53 AM
      mbam-log-2008-09-23 (11-03-53).txt

      Scan type: Quick Scan
      Objects scanned: 39335
      Time elapsed: 5 minute(s), 26 second(s)

      Memory Processes Infected: 0
      Memory Modules Infected: 0
      Registry Keys Infected: 0
      Registry Values Infected: 0
      Registry Data Items Infected: 0
      Folders Infected: 0
      Files Infected: 0

      Memory Processes Infected:
      (No malicious items detected)

      Memory Modules Infected:
      (No malicious items detected)

      Registry Keys Infected:
      (No malicious items detected)

      Registry Values Infected:
      (No malicious items detected)

      Registry Data Items Infected:
      (No malicious items detected)

      Folders Infected:
      (No malicious items detected)

      Files Infected:
      (No malicious items detected)
      Logged

      delgado

        Topic Starter


        Beginner

        Re: how to get rid antivirus 2009
        « Reply #17 on: September 23, 2008, 09:11:00 AM »
        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 12:36:44 PM, on 9/21/2008
        Platform: Windows Vista  (WinNT 6.00.1904)
        MSIE: Internet Explorer v7.00 (7.00.6000.16711)
        Boot mode: Safe mode with network support

        Running processes:
        C:\Windows\System32\smss.exe
        C:\Windows\system32\csrss.exe
        C:\Windows\system32\csrss.exe
        C:\Windows\system32\wininit.exe
        C:\Windows\system32\winlogon.exe
        C:\Windows\system32\services.exe
        C:\Windows\system32\lsass.exe
        C:\Windows\system32\lsm.exe
        C:\Windows\system32\svchost.exe
        C:\Windows\system32\svchost.exe
        C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe
        C:\Windows\system32\svchost.exe
        C:\Windows\System32\svchost.exe
        C:\Windows\system32\svchost.exe
        C:\Windows\system32\svchost.exe
        C:\Windows\system32\svchost.exe
        C:\Windows\Explorer.EXE
        C:\Windows\system32\svchost.exe
        C:\Program Files\Spyware Doctor\pctsAuxs.exe
        C:\Program Files\Spyware Doctor\pctsSvc.exe
        C:\Program Files\Spyware Doctor\pctsTray.exe
        C:\Program Files\Windows Media Player\wmpnscfg.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
        C:\Windows\system32\wbem\wmiprvse.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        O1 - Hosts: ::1 localhost
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
        O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
        O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
        O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
        O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
        O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
        O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
        O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
        O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
        O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
        O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
        O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
        O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
        O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
        O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
        O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
        O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
        O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
        O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
        O4 - HKLM\..\Run: [VirusScannerPro] C:\PROGRA~1\AVANQU~1\Fix-It\MemCheck.exe
        O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
        O4 - HKLM\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
        O4 - HKLM\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
        O4 - HKLM\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
        O4 - HKLM\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
        O4 - HKLM\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
        O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
        O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
        O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
        O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
        O4 - HKCU\..\Run: [64813512409585575315790004508932] C:\Program Files\Antivirus 2009\av2009.exe
        O4 - HKCU\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
        O4 - HKCU\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
        O4 - HKCU\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
        O4 - HKCU\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
        O4 - HKCU\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
        O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
        O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
        O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
        O4 - Global Startup: Empowering Technology Launcher.lnk = ?
        O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKman000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
        O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\logan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
        O13 - Gopher Prefix:
        O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
        O20 - AppInit_DLLs: eNetHook.dll,avgrsstx.dll
        O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
        O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
        O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
        O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
        O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
        O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
        O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
        O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
        O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
        O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
        O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
        O23 - Service: Fix-It Task Manager - Avanquest Software USA, Inc. - C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
        O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
        O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
        O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
        O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
        O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
        O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
        O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
        O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

        --
        End of file - 9815 bytes
        Logged

        evilfantasy

        • Malware Removal Specialist
        • Moderator


          • Genius
        • Calm like a bomb
          • Thanked: 493
        • Experience: Experienced
        • OS: Windows 11
        Re: how to get rid antivirus 2009
        « Reply #18 on: September 23, 2008, 10:02:41 AM »
        Do you use either of these?

        MyWebSearch Plugin
        My Web Search Bar Search Scope Monitor

        The HijackThis log is an old one. Please run a new scan from Normal boot mode and post the log.
        Logged

        delgado

          Topic Starter


          Beginner

          Re: how to get rid antivirus 2009
          « Reply #19 on: September 23, 2008, 01:20:38 PM »
          i dont use my web but my daughter might be ,started this new hjt scan and it came up saying for some reason your system denied write access to the hosts  file ,here is the log                           Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 12:36:44 PM, on 9/21/2008
          Platform: Windows Vista  (WinNT 6.00.1904)
          MSIE: Internet Explorer v7.00 (7.00.6000.16711)
          Boot mode: Safe mode with network support

          Running processes:
          C:\Windows\System32\smss.exe
          C:\Windows\system32\csrss.exe
          C:\Windows\system32\csrss.exe
          C:\Windows\system32\wininit.exe
          C:\Windows\system32\winlogon.exe
          C:\Windows\system32\services.exe
          C:\Windows\system32\lsass.exe
          C:\Windows\system32\lsm.exe
          C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe
          C:\Windows\System32\svchost.exe
          C:\Windows\System32\svchost.exe
          C:\Windows\system32\svchost.exe
          C:\Windows\System32\svchost.exe
          C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe
          C:\Windows\system32\svchost.exe
          C:\Windows\Explorer.EXE
          C:\Windows\system32\svchost.exe
          C:\Program Files\Spyware Doctor\pctsAuxs.exe
          C:\Program Files\Spyware Doctor\pctsSvc.exe
          C:\Program Files\Spyware Doctor\pctsTray.exe
          C:\Program Files\Windows Media Player\wmpnscfg.exe
          C:\Program Files\Internet Explorer\iexplore.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
          C:\Windows\system32\wbem\wmiprvse.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
          O1 - Hosts: ::1 localhost
          O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
          O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
          O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
          O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
          O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
          O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
          O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
          O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
          O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
          O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
          O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
          O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
          O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
          O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
          O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
          O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
          O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
          O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
          O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
          O4 - HKLM\..\Run: [VirusScannerPro] C:\PROGRA~1\AVANQU~1\Fix-It\MemCheck.exe
          O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
          O4 - HKLM\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
          O4 - HKLM\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
          O4 - HKLM\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
          O4 - HKLM\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
          O4 - HKLM\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
          O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
          O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
          O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [64813512409585575315790004508932] C:\Program Files\Antivirus 2009\av2009.exe
          O4 - HKCU\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
          O4 - HKCU\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
          O4 - HKCU\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
          O4 - HKCU\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
          O4 - HKCU\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
          O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
          O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
          O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
          O4 - Global Startup: Empowering Technology Launcher.lnk = ?
          O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKman000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\logan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
          O13 - Gopher Prefix:
          O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
          O20 - AppInit_DLLs: eNetHook.dll,avgrsstx.dll
          O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
          O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
          O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
          O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
          O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
          O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
          O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
          O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
          O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
          O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
          O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
          O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
          O23 - Service: Fix-It Task Manager - Avanquest Software USA, Inc. - C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
          O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
          O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
          O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
          O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
          O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
          O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
          O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
          O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

          --
          End of file - 9815 bytes
                                           
          Logged

          evilfantasy

          • Malware Removal Specialist
          • Moderator


            • Genius
          • Calm like a bomb
            • Thanked: 493
          • Experience: Experienced
          • OS: Windows 11
          Re: how to get rid antivirus 2009
          « Reply #20 on: September 23, 2008, 01:24:03 PM »
          Can you get a HiajckThis log from Normal boot mode?
          Logged

          delgado

            Topic Starter


            Beginner

            Re: how to get rid antivirus 2009
            « Reply #21 on: September 23, 2008, 01:43:48 PM »
            no i can not ,restarted computer windows normally and this is the log from new scan dont Logfile of Trend Micro HijackThis v2.0.2
            Scan saved at 12:36:44 PM, on 9/21/2008
            Platform: Windows Vista  (WinNT 6.00.1904)
            MSIE: Internet Explorer v7.00 (7.00.6000.16711)
            Boot mode: Safe mode with network support

            Running processes:
            C:\Windows\System32\smss.exe
            C:\Windows\system32\csrss.exe
            C:\Windows\system32\csrss.exe
            C:\Windows\system32\wininit.exe
            C:\Windows\system32\winlogon.exe
            C:\Windows\system32\services.exe
            C:\Windows\system32\lsass.exe
            C:\Windows\system32\lsm.exe
            C:\Windows\system32\svchost.exe
            C:\Windows\system32\svchost.exe
            C:\Windows\System32\svchost.exe
            C:\Windows\System32\svchost.exe
            C:\Windows\system32\svchost.exe
            C:\Windows\System32\svchost.exe
            C:\Windows\system32\svchost.exe
            C:\Windows\system32\svchost.exe
            C:\Windows\system32\svchost.exe
            C:\Windows\Explorer.EXE
            C:\Windows\system32\svchost.exe
            C:\Program Files\Spyware Doctor\pctsAuxs.exe
            C:\Program Files\Spyware Doctor\pctsSvc.exe
            C:\Program Files\Spyware Doctor\pctsTray.exe
            C:\Program Files\Windows Media Player\wmpnscfg.exe
            C:\Program Files\Internet Explorer\iexplore.exe
            C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
            C:\Windows\system32\wbem\wmiprvse.exe

            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
            R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
            R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
            R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
            O1 - Hosts: ::1 localhost
            O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
            O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
            O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
            O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
            O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
            O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
            O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
            O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
            O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
            O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
            O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
            O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
            O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
            O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
            O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
            O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
            O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
            O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
            O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
            O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
            O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
            O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
            O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
            O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
            O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
            O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
            O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
            O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
            O4 - HKLM\..\Run: [VirusScannerPro] C:\PROGRA~1\AVANQU~1\Fix-It\MemCheck.exe
            O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
            O4 - HKLM\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
            O4 - HKLM\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
            O4 - HKLM\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
            O4 - HKLM\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
            O4 - HKLM\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
            O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
            O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
            O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
            O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
            O4 - HKCU\..\Run: [64813512409585575315790004508932] C:\Program Files\Antivirus 2009\av2009.exe
            O4 - HKCU\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
            O4 - HKCU\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
            O4 - HKCU\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
            O4 - HKCU\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
            O4 - HKCU\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
            O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
            O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
            O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
            O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
            O4 - Global Startup: Empowering Technology Launcher.lnk = ?
            O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKman000
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
            O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
            O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\logan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
            O13 - Gopher Prefix:
            O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
            O20 - AppInit_DLLs: eNetHook.dll,avgrsstx.dll
            O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
            O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
            O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
            O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
            O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
            O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
            O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
            O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
            O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
            O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
            O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
            O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
            O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
            O23 - Service: Fix-It Task Manager - Avanquest Software USA, Inc. - C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe
            O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
            O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
            O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
            O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
            O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
            O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
            O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
            O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
            O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
            O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

            --
            End of file - 9815 bytes
            understand             
            Logged

            delgado

              Topic Starter


              Beginner

              Re: how to get rid antivirus 2009
              « Reply #22 on: September 23, 2008, 01:53:46 PM »
              man, tried again same thing wonder why windows wont start normally?
              Logged

              delgado

                Topic Starter


                Beginner

                Re: how to get rid antivirus 2009
                « Reply #23 on: September 23, 2008, 02:25:14 PM »
                computer is stuck in safe mode for some reason
                Logged

                evilfantasy

                • Malware Removal Specialist
                • Moderator


                  • Genius
                • Calm like a bomb
                  • Thanked: 493
                • Experience: Experienced
                • OS: Windows 11
                Re: how to get rid antivirus 2009
                « Reply #24 on: September 23, 2008, 05:05:14 PM »
                Open HijackThis and select Do a system scan only.

                Place a check mark next to the following entries: (if there)

                - O4 - HKLM\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
                - O4 - HKLM\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
                - O4 - HKLM\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
                - O4 - HKLM\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
                - O4 - HKLM\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe
                - O4 - HKCU\..\Run: [64813512409585575315790004508932] C:\Program Files\Antivirus 2009\av2009.exe
                - O4 - HKCU\..\Run: [\SUE73BA.exe] C:\Windows\SUE73BA.exe
                - O4 - HKCU\..\Run: [\SUE7CBF.exe] C:\Windows\SUE7CBF.exe
                - O4 - HKCU\..\Run: [\SUE81DD.exe] C:\Windows\SUE81DD.exe
                - O4 - HKCU\..\Run: [\SUE85D3.exe] C:\Windows\SUE85D3.exe
                - O4 - HKCU\..\Run: [\SUE978F.exe] C:\Windows\SUE978F.exe

                Important: Close all windows except for HijackThis and then click Fix checked.

                Exit HijackThis.

                ----------

                Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system

                Go to Start > Run and type notepad.exe then click OK

                Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

                Code: [Select]
                REGEDIT4

                [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\Run]
                "\SUE73BA.exe"=-
                "\SUE7CBF.exe"=-
                "\SUE81DD.exe"=-
                "\SUE85D3.exe"=-
                "\SUE978F.exe"=-

                [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
                "\SUE73BA.exe"=-
                "\SUE7CBF.exe"=-
                "\SUE81DD.exe"=-
                "\SUE85D3.exe"=-
                "\SUE978F.exe"=-
                Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

                ----------

                Create An Uninstall List
                • Start HijackThis
                • Click on the Open the Misc Tools section
                • Click on the Open Uninstall Manager button.
                • Click on the Save list button and specify where you would like to save this file and click Save.
                  • When you press Save button a notepad will open with the contents of that file.
                • Copy and paste that list in your reply.
                Logged

                delgado

                  Topic Starter


                  Beginner

                  Re: how to get rid antivirus 2009
                  « Reply #25 on: September 23, 2008, 08:40:39 PM »
                  Acer Assist
                  Acer eDataSecurity Management
                  Acer eLock Management
                  Acer Empowering Technology
                  Acer eNet Management
                  Acer ePower Management
                  Acer ePresentation Management
                  Acer eSettings Management
                  Acer GridVista
                  Acer Mobility Center Plug-In
                  Acer Registration
                  Acer ScreenSaver
                  Acer Tour
                  Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
                  Adobe Flash Player ActiveX
                  Adobe Reader 8.1.2
                  Adobe Shockwave Player
                  Agere Systems HDA Modem
                  ALPS Touch Pad Driver
                  Apple Mobile Device Support
                  Apple Software Update
                  AVG Free 8.0
                  Burn4Free CD and DVD
                  CCleaner (remove only)
                  Drivers Install For Linksys Easylink Advisor
                  Favorit
                  Fix-It Utilities 8 Professional
                  FrostWire 4.13.5
                  Google Toolbar for Internet Explorer
                  Google Toolbar for Internet Explorer
                  GTOneCare
                  HijackThis 2.0.2
                  Intel(R) Graphics Media Accelerator Driver
                  Java(TM) 6 Update 7
                  Launch Manager
                  Linksys EasyLink Advisor 1.6 (0032)
                  Malwarebytes' Anti-Malware
                  Microsoft Visual C++ 2005 Redistributable
                  MSXML 4.0 SP2 (KB936181)
                  MSXML 4.0 SP2 (KB941833)
                  NTI Backup NOW! 4.7
                  NTI Backup NOW! 4.7
                  NTI CD & DVD-Maker
                  OpenOffice.org Installer 1.0
                  PowerProducer 3.72
                  QuickTime
                  Realtek High Definition Audio Driver
                  Rhapsody Player Engine
                  SUPERAntiSpyware Professional
                  Yahoo! Toolbar

                  Logged

                  delgado

                    Topic Starter


                    Beginner

                    Re: how to get rid antivirus 2009
                    « Reply #26 on: September 23, 2008, 08:49:39 PM »
                    when i did hijack scan the only file that showed up in the fix checked screen was         O4 - HKCU\..\Run: [64813512409585575315790004508932] C:\Program Files\Antivirus 2009\av2009.exe    but the others still show up on the hijack log   
                    Logged

                    evilfantasy

                    • Malware Removal Specialist
                    • Moderator


                      • Genius
                    • Calm like a bomb
                      • Thanked: 493
                    • Experience: Experienced
                    • OS: Windows 11
                    Re: how to get rid antivirus 2009
                    « Reply #27 on: September 23, 2008, 08:51:07 PM »

                    Press the Start/windows key, type msconfig and hit Enter. Under the Boot tab, uncheck Safe boot as a boot option.

                    Restart the computer and see if you can get into Normal mode.
                    Logged

                    evilfantasy

                    • Malware Removal Specialist
                    • Moderator


                      • Genius
                    • Calm like a bomb
                      • Thanked: 493
                    • Experience: Experienced
                    • OS: Windows 11
                    Re: how to get rid antivirus 2009
                    « Reply #28 on: September 23, 2008, 08:52:21 PM »
                    Scan Suspicious File(s)

                    Use the VirusTotal.com - Multi engine on-line virus scanner
                    (If more than one file needs scanned they must be done separately and logs posted for each one)

                    • Copy the file path in the below Code box:
                    Code: [Select]
                    C:\Windows\SUE81DD.exe
                    • At the upload site, click once inside the window next to Browse.
                    • Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
                    • Next click Send File
                      • Your file will possibly be entered into a queue which normally takes less than a minute to clear.
                    • This will perform a scan across multiple different virus scanning engines.
                    • Important: Wait for all of the scanning engines to complete.
                    • Copy and then Paste the link to the results in the next reply.
                    Logged

                    delgado

                      Topic Starter


                      Beginner

                      Re: how to get rid antivirus 2009
                      « Reply #29 on: September 23, 2008, 09:29:54 PM »
                      0 bytes size received / Se ha recibido un archivo vacio
                      here's the virus scan results also did another hijack scan ,still in safe mode
                      Logged
                      Pages: 1 [2] 3 4  All   Go Up
                      « previous next »