AVG free test results

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi, I am running avg free when I scan I get a green check with no
viruses but under virus results I get 3 items
C:\WINDOWS\system32\kernel32.dll  C:\WINDOWS\system32\shell32.dll
C:\WINDOWS\system32\drivers\etc\hosts . result on all 3 change  status
changed also running windows defender and its not finding anything was
gettng 1's in text of messanger that I didnt type and got some kind of
error on screen that somthing was stoped from executing in memory  .Any
idea whats going on?Thanks in advance


Re: AVG free test results

fred_7038@yahoo.com wrote:
Quoted text here. Click to load it

Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!
Never believe AVG!

Now, get rid of it.



--
Posted via a free Usenet account from http://www.teranews.com


Re: AVG free test results


| Hi, I am running avg free when I scan I get a green check with no
| viruses but under virus results I get 3 items
| C:\WINDOWS\system32\kernel32.dll  C:\WINDOWS\system32\shell32.dll
| C:\WINDOWS\system32\drivers\etc\hosts . result on all 3 change  status
| changed also running windows defender and its not finding anything was
| gettng 1's in text of messanger that I didnt type and got some kind of
| error on screen that somthing was stoped from executing in memory  .Any
| idea whats going on?Thanks in advance

Look to see if the Hosts files has catually changed...

notepad  C:\WINDOWS\system32\drivers\etc\hosts

KERNEL32.DLL and SHELL32.DLL may have changed by installing a MS Critical Update
(HotFix).

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: AVG free test results

Hi, I uninstalled avg and put in a trial version of Kaspersky It only
found 2 ad aware and no viruses 1I had it scan password protected
archives and get a few odd ones like this File
C:\...\Recovery\WarezPP7.zip/sbRecovery.ini
C:\...\Recovery\FunWebProducts.zip.ini any Idea what these are? if you
noticed the 1 in my text above it wasnt typed by me this is what it is
doing besides that seems like all is running fairly good.I noticed on
my first screen that it is not displaying Hyperthreading as being
on.When I put thi1s in notepad notepad
C:\WINDOWS\system32\drivers\etc\hosts I get the following text
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host
name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

Thanks with any help.




David H. Lipman wrote:
Quoted text here. Click to load it


Re: AVG free test results


| Hi, I uninstalled avg and put in a trial version of Kaspersky It only
| found 2 ad aware and no viruses 1I had it scan password protected
| archives and get a few odd ones like this File
| C:\...\Recovery\WarezPP7.zip/sbRecovery.ini
| C:\...\Recovery\FunWebProducts.zip.ini any Idea what these are? if you
| noticed the 1 in my text above it wasnt typed by me this is what it is
| doing besides that seems like all is running fairly good.I noticed on
| my first screen that it is not displaying Hyperthreading as being
| on.When I put thi1s in notepad notepad
| C:\WINDOWS\system32\drivers\etc\hosts I get the following text

Warez files -- D'oh !

What did you expect ?


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: AVG free test results

My daughter has been using this pc will have a talk with her but that
doesnt solve my problem I have my search in programs but I cant delete
it I know this is spyware also ran spyware blaster.Just need to
straighten this thing out.
David H. Lipman wrote:
Quoted text here. Click to load it


Re: AVG free test results

My daughter has been using this pc will have a talk with her but that
doesnt solve my problem I have my search in programs but I cant delete
it I know this is spyware also ran spyware blaster.Just need to
straighten this thing out.
David H. Lipman wrote:
Quoted text here. Click to load it


Re: AVG free test results


| My daughter has been using this pc will have a talk with her but that
| doesnt solve my problem I have my search in programs but I cant delete
| it I know this is spyware also ran spyware blaster.Just need to
| straighten this thing out.




If you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java
JRE/JSE
Version 6.0

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1



For non-viral malware...

Please download, install and update the following software...

* Ad-aware SE v1.06
  http://www.lavasoft.de /
  http://www.lavasoftusa.com /
  http://www.lavasoft.de/ms/index.htm

* SpyBot Search and Destroy v1.4
  http://security.kolla.de /
  http://www.safer-networking.org/microsoft.en.html

* SuperAntiSpyware
  http://www.superantispyware.com/superantispywarefreevspro.html

After the software is updated, I suggest scanning the system in Safe Mode.

I also suggest downloading, installing and updating BHODemon for any Browser
Helper Objects
that may be on the PC.

* BHODemon

http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d

For viral malware...

* Download MULTI_AV.EXE from the URL --
  http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the
PC.

You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode.  It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.  http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * *   Please report back your results  * * *



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: AVG free test results

Hi, was older version of Java removed it completly now running a
program called spyhunter 2.8 lists alot of cookies and zlob.trojan in
Registery to get rid of it however I have to purchase full version.
Also cant uninstall ICQ toolbar not showing up in internet explorer but
still in list of programs also my search says module missing when i try
to dump that.I notice your spyware link do you think this would get rid
of zlob?Or any adive on removal?Thanks in advance



David H. Lipman wrote:
Quoted text here. Click to load it
http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d
Quoted text here. Click to load it


Re: AVG free test results

on 04 Jan 2007, something possessed fred_7038@yahoo.com to write:

Quoted text here. Click to load it
Here's a note for you on spyhunter.  It used to be classified as a
rogue/suspect anti spyware program.  I still, personally, wouldn't trust
anything from enigmasoft.

Regards,

Will

Re: AVG free test results

on 04 Jan 2007, something possessed fred_7038@yahoo.com to write:

Quoted text here. Click to load it
I should have included some trusted applications.  While I haven't been
keeping up to date with some of the new names I've seen, lavasoft adware
and spybot s&d are still at the top of my list.  Also, a nice commercial
product is Webroot Spysweeper, which, AFAIK, is fully functional during
it's 30-day trial period.  Finally, you mentioned that it was some kind
of Trojan.  If that's the case, than if David Lipan's tools don't find
it, another commercial trial-ware product you may wish to consider is
Moosofts anti-trojan utility called The Cleaner (downloadable from
moosoft.com).

Once again, cheers and good luck,

Will

Re: AVG free test results


| Hi, was older version of Java removed it completly now running a
| program called spyhunter 2.8 lists alot of cookies and zlob.trojan in
| Registery to get rid of it however I have to purchase full version.
| Also cant uninstall ICQ toolbar not showing up in internet explorer but
| still in list of programs also my search says module missing when i try
| to dump that.I notice your spyware link do you think this would get rid
| of zlob?Or any adive on removal?Thanks in advance
|



Two part reply..

Perform Part 1 then perform Part 2.

If the first two parts don't work, perform the alternate section.

It is suggested that you execute each tool in Normal Mode then in Safe Mode.



Part 1
-----------

Use noahdfear's SmitFraud, SpyAxe, SpyFalcon, et. al., removal tool --
SmitRem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1

http://www.bleepingcomputer.com/forums/topic43659.html


Part 2
-----------

Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

Execute;  SmitFraud.exe  { Note: You must accept the default of C:\McAfee }
Choose;   Unzip
Choose;   Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute;  c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\Normal_ScanReport.HTML or
C:\mcafee\Safe_ScanReport.HTML will be generated.  At the end of the scan, it
will be
displayed in your browser (Opera, FireFox or Internet Explorer).  However, if
you are using
WinXP, Win2K or Win2003 your system will be left in a state where you will have
to manually
shutdown/reboot the PC.  On Win9x/ME platforms the report will not be shown in
your bowser
but your PC will automatically be shutdown.  It is suggested that you move the
report out of
c:\mcafee before performing another scan.

It would be best to scan in both Safe Mode and in Normal Mode and save a copy of
the HTML
report for each session.


ALTERNATE:

S!ri's SmitfraudFix
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php




Please Copy and Paste the contents of the HTML Log files;
C:\mcafee\Normal_ScanReport.HTML & C:\mcafee\Safe_ScanReport.HTML  in your reply.

* * *  Please report back your results  * * *



--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Another questiom (was AVG free test results)

David or anyone else:
A couple of days, in a reply to fred_7038@yahoo.com about a error problem
that he was having with installing AVG, you suggested he look in c:
\windows\system32\drivers\etc\hosts for two files KERNEL32.DLL and
SHELL32.DLL to see if they had been changes.

Today after running AVG (free) I got a message in the test results that
said "reading error c:\windows\system32\drivers\etc\hosts" .

No other problems were noted, no virus detected.

When I looked in c:\windows\system32\drivers\etc\hosts, neither of the
two files you mentioned were present, folder was comletely empty.

You also mentioned to fred_7038@yahoo.com to check his java verson to see
if it was up todate...I don't have java installed.

I use Firefox 2.0, this I mention because at the Java site you posted it
doesn't refer to FireFox 2 only 1.5 , I think I'm correct on that.(G)

My question is about the two *.DLL files that apparently are missing and
the read error for the folder that you say they should be in?

Any help on this would be appreciated.

ICU

  
 


Re: Another questiom (was AVG free test results)


| David or anyone else:
| A couple of days, in a reply to fred_7038@yahoo.com about a error problem
| that he was having with installing AVG, you suggested he look in c:
| \windows\system32\drivers\etc\hosts for two files KERNEL32.DLL and
| SHELL32.DLL to see if they had been changes.
|
| Today after running AVG (free) I got a message in the test results that
| said "reading error c:\windows\system32\drivers\etc\hosts" .
|
| No other problems were noted, no virus detected.
|
| When I looked in c:\windows\system32\drivers\etc\hosts, neither of the
| two files you mentioned were present, folder was comletely empty.
|
| You also mentioned to fred_7038@yahoo.com to check his java verson to see
| if it was up todate...I don't have java installed.
|
| I use Firefox 2.0, this I mention because at the Java site you posted it
| doesn't refer to FireFox 2 only 1.5 , I think I'm correct on that.(G)
|
| My question is about the two *.DLL files that apparently are missing and
| the read error for the folder that you say they should be in?
|
| Any help on this would be appreciated.
|
| ICU
|

You should have created a new post instaed of posting in this one.

I don't understand.  What's your problem ?

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Another questiom (was AVG free test results)


Quoted text here. Click to load it

I thought I had changed it to a new message and subject by changing the
Subject line, guess it didn't work. Sorry.

My problem is the AVG "Read error" message for c:\windows\system32
\drivers\etc\hosts, and I don't know if it's a problem taht I don't have
the two DLL files you mentioned in the original post reply?
I guess I'm also surprised that I don't have Java installed, I did have
it installed on another similar machine I recently had?
BTW thanks for the quick reply.

ICU



Re: Another questiom (was AVG free test results)

'ICU' wrote, in part:
| I thought I had changed it to a new message and subject by changing the
| Subject line, guess it didn't work. Sorry.
|
| My problem is
_____

Right, it did not work.
Nor does your latest attempt.

As David H. Lipman suggested, post a NEW message, one NOT connected to this
thread.

Phil Weldon

|
| I thought I had changed it to a new message and subject by changing the
| Subject line, guess it didn't work. Sorry.
|
| My problem is the AVG "Read error" message for c:\windows\system32
| \drivers\etc\hosts, and I don't know if it's a problem taht I don't have
| the two DLL files you mentioned in the original post reply?
| I guess I'm also surprised that I don't have Java installed, I did have
| it installed on another similar machine I recently had?
| BTW thanks for the quick reply.
|
| ICU
|
|



Re: Another questiom (was AVG free test results)


Quoted text here. Click to load it

Just to keep the record straight Phil, my latest attempt as you call it
was not another attempt to send a NEW Message, I admit I just tried to
continue the thread from a reply.

Everyone can make mistakes , so it's "Mea Culpa" on my part, but don't
you think a simple answer to my question would been a better choice, of
course you don't or you would have done that right.(G)
If you are still reading this here's my rational for what I did flawed as
it was.
I wanted to contact David H.Lipman with my questions since it seemed to
be somewhat related to a question already asked that he had replied to.
I thought by just changing the subject I would suceed in doing this, I
was wrong...learned something new, which is sometimes difficult for "old
dogs" to do,  learn new tricks.
I have managed to post a new message under a new subject, hopefully it
won't offend anyone.
Thanks for taking the time to reply and point out my mistakes, hopefully
it won't happen again.
Have a nice day.

ICU

  
  



Re: Another questiom (was AVG free test results)

'ICU' wrote, in part:
| Just to keep the record straight Phil, my latest attempt
_____

You are getting these replies explaining how to use Usenet so that you and
others can better used the resources available in this newsgroup.  Accept
the information in that spirit; there's no need to continue replying to this
thread.  No need to 'keep the record straight', no need to reply.

Phil Weldon

|
| > 'ICU' wrote, in part:
| >| I thought I had changed it to a new message and subject by changing
| >| the Subject line, guess it didn't work. Sorry.
| >|
| >| My problem is
| > _____
| >
| > Right, it did not work.
| > Nor does your latest attempt.
| >
| > As David H. Lipman suggested, post a NEW message, one NOT connected to
| > this thread.
| >
| > Phil Weldon
|
| Just to keep the record straight Phil, my latest attempt as you call it
| was not another attempt to send a NEW Message, I admit I just tried to
| continue the thread from a reply.
|
| Everyone can make mistakes , so it's "Mea Culpa" on my part, but don't
| you think a simple answer to my question would been a better choice, of
| course you don't or you would have done that right.(G)
| If you are still reading this here's my rational for what I did flawed as
| it was.
| I wanted to contact David H.Lipman with my questions since it seemed to
| be somewhat related to a question already asked that he had replied to.
| I thought by just changing the subject I would suceed in doing this, I
| was wrong...learned something new, which is sometimes difficult for "old
| dogs" to do,  learn new tricks.
| I have managed to post a new message under a new subject, hopefully it
| won't offend anyone.
| Thanks for taking the time to reply and point out my mistakes, hopefully
| it won't happen again.
| Have a nice day.
|
| ICU
|
|
|
|
|



Re: Another questiom (was AVG free test results)


Quoted text here. Click to load it

Gee thanks Phil...so nice of you to reply "again" in such a helpful
manner.
Much appreciated.

ICU

--Big Snip Here--


Re: Another questiom (was AVG free test results)



| I thought I had changed it to a new message and subject by changing the
| Subject line, guess it didn't work. Sorry.
|
| My problem is the AVG "Read error" message for c:\windows\system32
| \drivers\etc\hosts, and I don't know if it's a problem taht I don't have
| the two DLL files you mentioned in the original post reply?
| I guess I'm also surprised that I don't have Java installed, I did have
| it installed on another similar machine I recently had?
| BTW thanks for the quick reply.
|
| ICU
|

No.  You changed the subject but replied to the thread.

You should have created a NEW thread of your own.

Forget about the DLL files.  That the OTHER person situation.

Look to see if the Hosts files has actually changed...

notepad  C:\WINDOWS\system32\drivers\etc\hosts

The mention of Sun Java is due to all the bugs and vulnerabuilities that have
been noted in
that software which can leand to a malware infection.

Malware is mitigated by making sutre vulnerabilities are patched and software is
up-to-date.

the Secunia Software Inspector is one way to check if there are vulnerable
versions of
software on the computer.

http://secunia.com/software_inspector
BTW:  The above is a java applet.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline