Home > Please Check > Please Check HJT - NewPolyWin32 Virus?

Please Check HJT - NewPolyWin32 Virus?

Are you looking for the solution to your computer problem? If they are old, unused files, delete them: F:\F\Documents and Settings\Mark\Local Settings\Temp\crack.ace F:\F\Documents and Settings\Mark\Local Settings\Temp\fifa.ace CrackAce is a serial crack for Ace Screen Capture 2.3. Come back here to this thread and Paste the log in your next reply. Sign Up This Topic All Content This Topic This Forum Advanced Search Browse Forums Calendar Staff Online Users More Activity All Activity Search More More More All Activity Home Spyware, thiefware, have a peek at this web-site

I was able to download the file from the site. The Avira program has not updated since May 7th. There is a free download for a portion of the program. Click on the Do a system scan and save a log file button. https://forums.techguy.org/threads/solved-spy-sheriff-new-poly-win32-and-other-virus-and-spyware-major-problems.422184/

Share this post Link to post Share on other sites zippie1jets Member Full Member 15 posts Posted November 30, 2006 (edited) · Report post below is the hijackthis log and File not foundO3 - HKU\S-1-5-21-709334227-1214971342-3238884620-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()O3 - HKU\S-1-5-21-709334227-1214971342-3238884620-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Reg Error: Key error. If you are prompted to Reboot during the cleanup, select Yes. OriginalFilename : iTunesHelper.exe #:27 [mcvsescn.exe] FilePath : c:\progra~1\mcafee.com\vso\ ProcessID : 1936 ThreadCreationTime : 3-24-2005 2:52:23 PM BasePriority : Normal FileVersion : 9, 0, 0, 7 ProductVersion : 9, 0, 0, 0

I type in "www.hotmail.com" to log into my hotmail account, but the address bar will then automatically shows:"http://login.passpor...ogin.srf?id=2". Sometimes it was slow. If it finds anything that it cannot clean have it delete it or make a note of the file location so you can delete it yourself. Here is the log file...thanks in advanced.Logfile of HijackThis v1.99.1Scan saved at 11:12:55 PM, on 8/19/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\CTsvcCDA.EXEC:\Program Files\Intel\Intel Application Accelerator\iaantmon.exec:\PROGRA~1\mcafee.com\vso\mcvsrte.exeC:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exeC:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exeC:\WINDOWS\system32\svchost.exec:\PROGRA~1\mcafee.com\vso\mcshield.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Java\jre1.5.0_04\bin\jusched.exeC:\Program

By default it will install to C:\Program Files\Hijack This. The f:drive is an external disk drive. Find shell.dll and right click on it. http://www.bleepingcomputer.com/forums/t/220336/infected-with-new-win32-and-new-poly-win32/ Click I Agree, then Fix and then Next, let it fix everything it asks about. 5.

Everyone else please begin a New Topic. 0 Back to Virus, Spyware, Malware Removal · Next Unread Topic → Similar Topics 0 user(s) are reading this topic 0 members, 0 guests, Neither SD nor Defender had the options you write of. OriginalFilename : MssCli.exe #:30 [jusched.exe] FilePath : C:\Program Files\Java\j2re1.4.2_07\bin\ ProcessID : 1992 ThreadCreationTime : 3-24-2005 2:52:24 PM BasePriority : Normal #:31 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2000 ThreadCreationTime : 3-24-2005 If you get the Real Time Protection stopped, do a new HijackThis and attach new log.

Go here: http://www.spywareinfo.com/~merijn/winfiles.html Download SDHelper.dll Copy the file to the folder containing your Spybot S&D program (normally C:\Program Files\Spybot - Search & Destroy) Check in the C:\WINNT\system32 folder to be sure What is the website address you are going to in order to check it (ie hotmail.com)? Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue. See if Control.exe is present in C:\WINNT\system32 If Control.exe isn't there, go here: http://www.spywareinfo.com/~merijn/winfiles.html Download control.exe per the instructions at the site.

If there is any infection, you should attach the log. Check This Out May 18, 2009 #3 Bobbye Helper on the Fringe Posts: 16,335 +36 Okay on the Parental Controls. Restart your computer. Oh, actually, there is one thing.

Same with New Poly Win32. Another thing is that this happened a day after reinstalling windows, which i did because of another virus problem. Uncheck "Load at startup" and "Enabled". Source Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".

jfnewbie, Dec 4, 2005 #13 Cheeseball81 Moderator Joined: Mar 3, 2004 Messages: 84,310 You're very welcome Read here on how to tighten your computer's security settings: http://forums.techguy.org/t208517.html You can mark your Let's try this again. If you have Spybot S&D installed you will also need to replace one file.

Open the Temp folder and go to Edit>Select All then Edit>Delete to delete the entire contents of the Temp folder.

May 24, 2009 #20 Bobbye Helper on the Fringe Posts: 16,335 +36 I would have liked to see the virus from Kaspersky. I think that the files you are seeing there are from prior backups from that machine. It would always deny my changes I would make and would not listen to my direction to approve my change, like when I would download programs. win32 crypt virus killed my bro's laptop Nov 22, 2011 Win32:Crypt virus/malware - can't remove it Oct 9, 2010 AVG Virus Detection in Avira Update May 8, 2009 Need help cleaning

Normally the page loads completely with all the banners, images and all. DO NOT run it yet. OriginalFilename : RUNDLL.EXE #:29 [msscli.exe] FilePath : C:\progra~1\mcafee\MCAFEE~1\ ProcessID : 1984 ThreadCreationTime : 3-24-2005 2:52:24 PM BasePriority : Normal FileVersion : ProductVersion : ProductName : McAfee AntiSpyware CompanyName : have a peek here Go here and do an online virus scan: http://housecall.trendmicro.com/ Be sure and put a check in the box by "Auto Clean" before you do the scan.

Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log. Cheeseball81, Dec 4, 2005 #14 jfnewbie Thread Starter Joined: Jan 9, 2005 Messages: 64 I should have written it down. OriginalFilename : mscifapp.exe #:33 [msmsgs.exe] FilePath : C:\Program Files\Messenger\ ProcessID : 2024 ThreadCreationTime : 3-24-2005 2:52:25 PM BasePriority : Normal FileVersion : 4.7.3000 ProductVersion : Version 4.7.3000 ProductName : Messenger CompanyName Be sure and give the Temp folders a cleaning out now and then as well, Make sure after you clean your Temp files to empty out your Recycle bin as well.

Using the site is easy and fun.