Status
Not open for further replies.

navisangha

Journeyman
Hi,
When every time i install Norton Antivirus , Some thing changes its registry settings and it stops working. I think it is a virus but i have tried a lot of antivirus programs but none has helped , can u Tell me what is it?


Thanks
 

rajas700

Youngling
On infect of virus then if u install antivirus it will be vain.(Result's in fail to install).so better to format and then reinstall the os.
 

__Virus__

Ambassador of Buzz
gEEZZ for one small issue of virus u wan him to reinstall his os?? cmon... and navisangha, dood y wud u want to use MANY antiviruses?? Update ur windows and use one antivirus, update the database and give a full system scan in safe mode and do let us know the results.
 

rajas700

Youngling
__Virus__ said:
gEEZZ for one small issue of virus u wan him to reinstall his os?? cmon... and navisangha, dood y wud u want to use MANY antiviruses?? Update ur windows and use one antivirus, update the database and give a full system scan in safe mode and do let us know the results.

Dose the virus scan run in safemode??????If so which antivirus???Norton won't run......
 

__Virus__

Ambassador of Buzz
rajas700 said:
Dose the virus scan run in safemode??????If so which antivirus???Norton won't run......

Yupss, whats with safemode and antivirus?? they do run dood :) and that is what recommended while going for full system scan :) oh well dono bout norton cos its piece of Siht... I use kaspersky personal pro :)
 

vijay_7287

Cyborg Agent
navisangha said:
Hi,
When every time i install Norton Antivirus , Some thing changes its registry settings and it stops working. I think it is a virus but i have tried a lot of antivirus programs but none has helped , can u Tell me what is it?


Thanks


if norton is givin a prob then try alternates and free versions like AVG
 

shovik

Banned
Its not about any viruses dudes. This happens mostly when a stubborn version of previously installed antivirus has left its registry signatures and Norton Antivirus has a bad habit that if your system is not totally clean of any other antivirus then it resets the registry value of application which you are trying to install.

Try out Regcleaner or Registry Mechanic to cleanup unwanted registry debris and reboot your machine and you ready to install your application.
 

Techie_Geek

Journeyman
I think a clean formatted installation of Win XP might help u. I had a similar problem with corrupted registry over a NAV 2004 trial.Later when I reinstalled the expired trial over with a NAV 2004 full version it never came out clean

Later I reinstalled Win and evrything was fine
 

learner

Right off the assembly line
May be due to conflict..

Hi! :D

You mentioned that you have tried many antivirus programs.

The problem you are facing may be due to conflict between your current antivirus and the previously installed one(s).

As already mentioned by a member, try cleaning the registry.

You may try cleaning/repairing registry at command prompt using reg command.
To know more about reg type "reg /?" at the command prompt without double quotes.

May be you should try Kaspersky Anti-Virus (1,40,000+ virus definitions, norton has only 70,000).

Hope that works out in your favour. :D
 

__Virus__

Ambassador of Buzz
Techie_Geek said:
I think a clean formatted installation of Win XP might help u. I had a similar problem with corrupted registry over a NAV 2004 trial.Later when I reinstalled the expired trial over with a NAV 2004 full version it never came out clean

Later I reinstalled Win and evrything was fine

Just mentioned in the earlier post that y do we need to format it just for sake of some registry entries.
 

mediator

Technomancer
Very simple, registry is corrupt then u can clean the registry by some good software or do clean install of the antivirus.......Further if u think its a Virus, then make a connection with another pc (may be laptop) with a good antivirus and share the whole C drive (read/write enabled) of infected pc...and scan it with the laptop!
UR done!
 
OP
N

navisangha

Journeyman
Thanks.

I have tried avast in Safe Mode but it detects no virus.
If it is registry problem then plz tell me how to cure.
 

__Virus__

Ambassador of Buzz
navisangha said:
Thanks.

I have tried avast in Safe Mode but it detects no virus.
If it is registry problem then plz tell me how to cure.

You may want to download and run system mechanic. I personally user regcleaner to clean my registry of all the lame entries.
 
OP
N

navisangha

Journeyman
Logfile of HijackThis v1.99.1
Scan saved at 9:26:02 AM, on 2/9/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\Program Files\Intel\IDU\IDUServ.exe
E:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\PROGRA~1\UpsPilot\Winpower.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
E:\WINDOWS\ALCFDRTM.EXE
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CMPDPSRV.EXE
E:\Program Files\Intel\IDU\iptray.exe
C:\PROGRA~1\UpsPilot\monitor.exe
E:\WINDOWS\System32\hkcmd.exe
E:\WINDOWS\System32\igfxpers.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\ALCWZRD.EXE
E:\WINDOWS\System32\mswupdate32.exe
C:\PROGRA~1\UpsPilot\hello21.exe
C:\Program Files\Opera\Opera.exe
E:\Documents and Settings\Singh\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4920E150-5D27-4B95-B60B-D68B78928441} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: (no name) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - (no file)
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AlcFDMonitor] E:\WINDOWS\ALCFDRTM.EXE
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [CMPDPSRV] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\CMPDPSRV.EXE
O4 - HKLM\..\Run: [ipTray.exe] "E:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [igfxtray] E:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] E:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] E:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [NT Logging Service] syslog32.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [microsft windows updates] mswupdate32.exe
O4 - HKLM\..\RunServices: [Winpower] C:\Program Files\UpsPilot\Winpower.exe
O4 - HKLM\..\RunServices: [microsft windows updates] mswupdate32.exe
O4 - HKCU\..\Run: [Yahoo! Pager] E:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Rediff Messenger] C:\Program Files\Rediff Bol\RediffMessenger.exe C:\Program Files\Rediff Bol\RediffMessenger.exe
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D22D60D3-8B51-4F46-8667-210619B1AB8D}: NameServer = 202.56.230.5 202.56.230.6
O20 - Winlogon Notify: igfxcui - E:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Desktop Utilities Service (iHCService) - OSA Technologies, Inc. - E:\Program Files\Intel\IDU\IDUServ.exe
O23 - Service: NT login service (ntlogin32) - Unknown owner - E:\WINDOWS\System32\libsys32.exe (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Winpower - Zero G - C:\PROGRA~1\UpsPilot\Winpower.exe
 

anandk

Distinguished Member
u have been infected with syslog32.exe :
its a dangerous worm. u must get rid of it as soon as possible. its added by the DONK.B or DONK.C or DONK.L or DONK.M or DONK.O , etc.

u also have mswupdate32.exe, a Trojan/Backdoor.

Kill both the processes and remove them from Windows startup. :twisted:

download, instal, update, reboot and then scan in safe mode
'ewido anti-malware suite'.

shud help; if it dznt, revert,

also use 'ccleaner' to removeur pc's junk. :)
 

devshardhool

Right off the assembly line
Got 120 Viruses

On scanning online with Kaspersky it showed 120 viruses while my AVG pro shows a few but nvr removes them or heal them.
One problem is that a virus has converted all my folders into system files with an .exe extension. Plz help me.And if possible give an option from freeware world.
 
Status
Not open for further replies.
Top Bottom