Home > Help Me > Help Me With Kollah XP And Other Things!

Help Me With Kollah XP And Other Things!

How do I get help? We get the same Def files but ZA does not have the ability to scan email attachments.Forum Moderator techdogAugust 25th, 2008, 02:09 PMI removed the attachment from the e-mail and scanned O8 - Extra context menu item: &Yahoo! Any other thoughts?

Share this post Link to post Share on other sites KWE    New Member Topic Starter Members 10 posts ID: 3   Posted January 24, 2009 Thanks so much for your Share this post Link to post Share on other sites AdvancedSetup    Staff Root Admin 64,127 posts Location: US ID: 7   Posted January 28, 2009 Okay well there appears to Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\oembios.exe, O2 - BHO: &Yahoo! At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. https://forums.techguy.org/threads/help-me-with-kollah-xp-and-other-things.823139/

Being naturally suspicious, I detached the file, but did not run it, and ran a ZoneAlarm scan, which DID NOT detect a virus.4. Image viewer dialog window Loading image, please wait... Here are my logs: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:39:37 AM, on 8/28/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal

You cannot edit documents without an Office365 subscription, which costs $99.99 and can be purchased within the app itself. Then press enter on your keyboard to boot into Safe Mode. Unlike viruses, Trojans do not self-replicate. d[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]@=""[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="c:\\WINDOWS\\system32\\usmt\\migwiz.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\WINDOWS\\system32\\wupdmgr.exe"="c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="c:\\Program Files\\SkillSoft\\jre\\bin\\javaw.exe"="c:\\Program Files\\Logitech\\Logitech Harmony Remote Software 7\\HarmonyRemote.exe"="c:\\Program Files\\Belkin\\Network USB Hub Control Center\\Connect.exe"="c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="c:\\Program Files\\HP\\Digital

Please go to the Microsoft Recovery Console and restore a clean MBR. Please welcome our newest member, Eddieb. This is proprietary to KAV7 and not part of KAV engine or KAV enterprise products (so far) That's why I asked you the exact file name since, in case of heuristic https://asctech.osu.edu/news/xp-and-os-10.5-out-support-and-other-important-tech-news please copy and paste the log into your next reply If you accidently close it, the log file is saved here and will be named like this:C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date

Click OK to either and let MBAM proceed with the disinfection process. We keep you safe and we keep it simple. Search Search for: Follow us Tags#OperaBrowser android browser mobile opera Opera browser opera for android Opera for computers Opera Max opera mini Archives 2016 January February March April May June July Methods of Infection Trojans do not self-replicate.

Have your PC fixed remotely - while you watch! $89.95 Free Security Newsletter Sign Up for Security News and Special Offers: Indications of Infection: Risk Assessment: you can try this out Advertisement Recent Posts Word List Game #14 cwwozniak replied Feb 10, 2017 at 10:47 AM Asus Router: wrong static or... Several functions may not work. All rights reserved.

Quote Report Back to top Post a reply Unread posts or replies No unread posts or replies Unread Posts (Read Only Forum) No Unread Posts (Read Only Forum) Forum sonic dash , sonic dash , sonic dash , sonic dash , sonic dash , sonic dash , sonic dash , sonic dash , sonic dash , sonic dash Ramon Vargas I will tell you that this is an infostealer. Companion 2008-08-26 17:39 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\Yahoo! 2008-08-26 17:39 --------- d-----w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Yahoo! 2008-07-24 18:55 --------- d-----w C:\Program Files\VisualEdit 2008-07-22 15:04 60,744 ----a-w C:\Documents and Settings\Compaq_Administrator\g2mdlhlpx.exe 2008-07-22 15:04 --------- d-----w

Companion 2008-08-26 17:39 --------- d-----w C:\Documents and Settings\Compaq_Administrator\Application Data\Yahoo! 2008-08-26 17:39 --------- d-----w C:\DOCUME~1\COMPAQ~1\APPLIC~1\Yahoo! 2008-07-24 18:55 --------- d-----w C:\Program Files\VisualEdit 2008-07-22 15:04 60,744 ----a-w C:\Documents and Settings\Compaq_Administrator\g2mdlhlpx.exe 2008-07-22 15:04 --------- d-----w scan completed successfullyhidden files: 0**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,71,00,c7,72,fc, 6e,45,9b,c8,28,51,af,b0,29,a3,98,1f,65,7e,dc,13,5f,75,7d,e2,63,26,f1,3f,c8,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,b3,1d,b5,1c,74, bd,73,8d,71,3b,04,66,8b,46,0d,96,08,87,40,36,47,11,db,3c,6a,9c,d6,61,af,45,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,7c,86,26,78,cf, fe,3e,a7,25,da,ec,7e,55,20,c9,26,6b,0c,f4,06,79,05,1b,d4,ff,7c,85,e0,43,d4,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""2582ae41fb52324423be06337561aa48"=hex:6b,65,49,6a,7e,99,74,f7,a7,92,b5,a2,da, fe,5f,16,3e,1e,9e,e0,57,5a,93,61,da,96,f7,b4,55,92,af,32,86,8c,21,01,be,91,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,7c,13,ff,29,94, a9,e1,b0,cd,44,cd,b9,a6,33,6c,cd,8a,50,ce,30,2d,f0,74,0a,f5,1d,4d,73,a8,13,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,38,04,2a,57,db, ae,83,83,b0,18,ed,a7,3f,8d,37,a4,b6,7e,bb,19,7e,dc,f8,70,df,20,58,62,78,6b,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,75,a3,b4,37,e4, 26,b2,b1,31,77,e1,ba,b1,f8,68,02,7e,1e,b0,b2,57,e6,ac,49,fb,a7,78,e6,12,2f,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,95,20,b0,e9,58, 0d,39,3d,83,6c,56,8b,a0,85,96,ab,a0,26,f6,a6,d9,27,f9,d5,01,3a,48,fc,e8,04,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,4f,94,fe,65,d0, 65,7b,e9,51,fa,6e,91,28,9e,14,cc,c5,51,28,af,88,03,aa,f8,f6,0f,4e,58,98,5b,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,ce,d8,10,cb,25, e4,8f,14,b1,cd,45,5a,a8,c4,f8,b9,43,b5,5e,52,d2,8c,44,39,3d,ce,ea,26,2d,45,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,a2,19,2c,92,bd, 65,3c,cc,e3,0e,66,d5,eb,bc,2f,6b,e0,b9,10,8b,af,3a,fa,28,2a,b7,cc,b5,b9,7f,\[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]"ThreadingModel"="Apartment"@="c:\\WINDOWS\\system32\\OLE32.DLL""8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,76,b3,b6,f5,29, fa,a3,97,fa,ea,66,7f,d4,3b,6b,70,f5,6e,c4,ba,09,71,54,55,6c,43,2d,1e,aa,22,\.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - The Chrome alternative you choose should be one that provides security updates for older versions of Windows. The ComboFix utility did delete some of the same associated files that I disabled.

mailsafe will filter out dangerous e-mails extensions (com, exe, etc.) while attachments will be checked by the ZA AV 'on access' (i.e. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. In the last 3 days there were 1 new threads and 7 reply posts.

Operating System:Windows XP Pro Software Version:7.0 Product Name:ZoneAlarm Internet Security Suite forum_moderatorAugust 25th, 2008, 01:36 PMHello,ZA uses the kaspersky SDK version and it not totally identical as far as features as

Hope this helps. You can change your cookie settings at any time. This is due to the flexibility it gives you in having your computer repaired. I'm a security professional.2.

BleepingComputer is being sued by the creators of SpyHunter. NB: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. What do I do? CA did not detect these prior to the Combofix install.************MBAM log:***********************Malwarebytes' Anti-Malware 1.33Database version: 1698Windows 5.1.2600 Service Pack 31/26/2009 11:04:16 PMmbam-log-2009-01-26 (23-04-16).txtScan type: Quick ScanObjects scanned: 75061Time elapsed: 7 minute(s), 2

Even though the quarantine time is set for 10 minutes, it blocks the computer indefinitely so that I have to reboot. Style Default Style Contact Us Help Home Top RSS Terms and Rules Copyright © TechGuy, Inc. scanning hidden autostart entries ... It says that either the username or password is incorrect, but I'm 100% positive that they are correct.

Cheers, Fax techdogAugust 28th, 2008, 03:11 AMBy the way I submitted the viruses to both Kaspersky and ZoneAlarm and have not heard anything back from either. Alpenview Edited by alpenview, 29 November 2008 - 07:19 PM.