I Have AntiVir Personal Edition...Version 6. It found 2 bugs of some kind but one is in the archives and won't delete. how can I get it gone? It is a Virus I think...... TR/Dldr.VB.EZ
I am so broke it isn't funny and cannot afford anything or to lose my computer.

Please help
Will check later this evening.
Thanks
Smiles
Maeflye

Howdy,

Please post the portion of the log that shows the complete paths of the problems.

portion of log from where? I will post anything you want me to, to fix this.

Thanks again soooooo much
Smiles
Maeflye

Howdy,

After the scan, a report is produced that shows what was found - from that log copy the info and post here. We will go from that.

Here is one, not sure if this is what is needed, I didn't find anything else.


Creation date of the report file: Monday, November 15, 2004 20:29

AntiVir®/9x Personal Edition v6.28.00.07 of 14.10.2004
VDF file v6.28.0.70 (0) of 12.11.2004


This program is for PERSONAL USE only.
Any other use is PROHIBITED.
Informations regarding commercial versions of AntiVir may be obtained from:
www.hbedv.com.


Scanning for 92960 virus strains and unwanted programs.

Licensed for: AntiVir Personal Edition
Serial number: 0000149996-WURGE-0001
FUSE: Basic license

Please enter the workstation and
contact name with phone number in this form:

Name ___________________________________________

Street ___________________________________________

Town ___________________________________________

Phone/Fax ___________________________________________

EMail ___________________________________________

Platform: Windows 98
Windows version: 4.10.2222 A
Username: ADMIN
Processor: Pentium
Working memory: 260604 KB free

Version information:
AVWIN.DLL : v6.28.00.07 561192 19.10.2004 14:17:16
AVEWIN32.DLL : v6.28.0.12 569856 02.11.2004 06:24:40
SYS_RW16.DLL : v6.19.0 12800 15.06.2004 07:42:22
SYS_RW32.DLL : v6.19.0 16384 15.06.2004 07:42:22
AVGCTRL.EXE : v6.28.00.00 86016 05.10.2004 17:06:38
AVGUARD.VXD : v6.28.0.12 376463 02.11.2004 06:24:40
AVPACK32.DLL : v6.28.0.2 294952 19.10.2004 14:17:12
AVGETVER.DLL : v6.22.00.00 24576 20.01.2004 14:14:00
AVWIN.DLL : v6.28.00.07 561192 19.10.2004 14:17:16
AVSHLEXT.DLL : v6.22.00.00 57344 20.01.2004 14:14:00
AVSched32.EXE : v6.28.00.00 110672 05.10.2004 17:06:40
AVSched32.DLL : v6.28.00.02 122880 05.10.2004 17:06:40
AVREG.DLL : v6.27.00.01 41000 04.08.2004 12:15:38
AVRep.DLL : v6.28.00.23 741416 13.11.2004 11:02:04
INETUPD.EXE : v6.28.00.07 200704 19.10.2004 14:17:16
INETUPD.DLL : v6.28.00.07 143360 19.10.2004 14:17:16
MFC42.DLL : v6.00.8665.0 995383 13.03.2001 15:53:00
MSVCRT.DLL : v6.00.8397.0 266293 29.08.2002 00:00:00
CTL3D32.DLL : v2.31.000 27136 08.11.1996 04:25:26
CTL3DV2.DLL : v2.31.000 27632 23.04.1999 22:22:00

Configuration file:

Name of configuration file: C:\PROGRAM FILES\AVPERSONAL\AVWIN.INI
Name of report file: C:\PROGRAM FILES\AVPERSONAL\LOGFILES\AVWIN.LOG
Start path: C:\PROGRAM FILES\AVPERSONAL
Command line:
Start mode: Self-test

Mode of report file:
[ ] Do not create report
[X] Overwrite report
[ ] Append new report

Data in report file:
[X] Infected files
[ ] Infected files with paths
[ ] All scanned files
[ ] Full information

Abridge report file:
[ ] Abridge report file

Warnings in report:
[X] Access denied/file locked
[X] Wrong file size in directory
[X] Wrong creation time in directory
[ ] COM file is too large
[X] Invalid start address
[X] Invalid EXE header
[X] Possibly damaged

Summary report:
[X] Create summary report
Output file: AVWIN.ACT
Maximum number of entries: 100

Where to search:
[X] Memory
[X] Boot record of selected drives
[X] Report unknown boot sectors
[X] All files
[ ] Program files

Response in case of a detection:
[X] Repair with prompt
[ ] Repair without prompt
[ ] Delete with prompt
[ ] Delete without prompt
[ ] Write in report file only
[X] Acoustic alarm

Response in case of destroyed files:
[X] Delete with prompt
[ ] Delete without prompt
[ ] Ignore

Response in case of destroyed files:
[X] No change
[ ] Current system time
[ ] Correct date

Drag&drop settings:
[X] Scan subdirectories

Profile settings:
[X] Scan subdirectories

Archive options
[X] Search archive
[X] All archive types

Miscellaneous options:
Temporary path: %TEMP% -> C:\windows\TEMP
[X] Overwrite infected files
[ ] Detect idle time
[X] Allow interruptions of scan
[X] Load AVWin®/9x Guard on System start

General settings:
[X] Save options on exiting AntiVir
Priority: medium

Initializing OK
Memory test OK
Master boot record of hard disk HD0 OK
Boot record of drive C: OK
System files
COMMAND.COM OK
MSDOS.SYS OK
VIDEOROM.BIN OK
DETLOG.TXT OK
DETLOG.OLD OK
IO.SYS OK
DBLSPACE.BIN OK
DRVSPACE.BIN OK
DBLSPACE.INI OK
System test: OK
Self-test: OK

Howdy,

That's the correct log. I just need the bottom part - everything after what you just posted. Just relax and we will get it going and hopefully get your problem fixed fast.

Talk to you later.

I went to PcTechTalk and someone there sent me to CrapCleaners and that seems to have gotten rid of one of my problems. Found name as TR/Dldr.VB.EZ
Now I notices other people having probs with similar ones. But my hubby was deleting an email when this popped up. We didn't open anything up. Have any Idea on how keep this from happening again?

Also having probs with everything being very large on the screen. Why and how can I fix it?

And thanks for all the help and time you all have given me already.

Smiles
Maeflye

Howdy,

Have the properties been changed on your desktop?

Right click in a blank area on your desktop - properties - then set what you are used to seeing.

Properies were the same. I change now to see better.
HELP!!! it's still there, just changed. My AntiVir PE didn't find it yesterday but this morning it's back. AVGuard says C:ProgramFiles\WINDOWADCONTROL\WINADALT.EXE contains a code of TR/HideRun.A.7

Then it comes up with C:\WINDOWS\TEMPORARYINTERNETFILES\CONTENT.IE5\9ATUD5FG\WINADSHIFT[1].DLL

Help, it's getting worse.

Thanks
Maeflye

Howdy,

Okay here it goes, we will do the whole routine. Please post back here when you have posted your HJT log in the new forum - I will keep track of it.

As this is a lot of information to work with at one time, I suggest you print these instructions so that you can make sure you have gotten everything done.

Try one or both of these online scans:

http://www.ravantivirus.com/scan

http://www.bitdefender.com/scan/Msie/index.php

let it autoclean. Reboot, and then please download the following programs and follow the instructions:

Download Ad-aware Second Edition here and install it. If you already have Ad-aware Second Edition skip to the next step.

Open Adaware and Click the "Check for updates now" line on the main screen. Click the "Connect" button on the webupdate screen.

If an update is available download it and install it. Click the "Finish" button to go back to the main screen.

Click on the "Settings" button (gear symbol in the upper right corner of the main status screen) in the quick launch toolbar to open the General settings screen. Check the "Automatically quarantine objects prior to removal" setting and then click "Proceed" to save your changes

Click the "Scan now" button in the main menu on the left side of the main status screen or use the "Start" button in lower right corner. This will open the Preparing System Scan screen. Please deselect "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat. Then select "Use custom scanning options" and click "Customize". This will open the "Scan Settings Page. Make sure all of the following are On with a "green" checkmark:

Scan within archives
Scan active processes
Scan Registry
Deep-scan Registry
Scan my IE Favorites for banned URLs
Scan my Hosts File

Then Click the Advanced Button on the left side to open the Advanced Settings screen. Make sure the following is on with a "green" checkmark:

Others are optional to be checked or unchecked.

Then click on the "Tweak" Button to open up the tweak settings.

Open up the Scanning Engine section and make sure all of the following are On with a "green" checkmark:

Scan registry for all users instead of current user only

Make sure the following is unchecked with a "red" X:

Unload recognized processes & modules during scan.

Open up the Cleaning Engine section and make sure all of the following are On with a "green" checkmark:

Always try to unload modules before deletion
During Removal, unload Explorer and IE if necessary
Let Windows remove files in use at next reboot.

Click the "Proceed" button to save settings.

Click the "Next" button to start the scan.

When a scan is completed the Performing System Scan screen will change name to "Scan Complete".

Click the "Next" button to get to the Scanning Results screens where more information about the objects detected during the scan is available.

Click the Critical Objects Tab. In general all of the items listed will be bad. Be careful with the Hosts file entries. Malware uses the hosts file to redirect you websites. However you can use the hosts file as a way to prevent malware. If the object has 127.0.0.1 in it, it should most likely not be deleted as it is protecting against unwanted sites. For more information on how to use a host file to protect yourself read here. So in short, you may or may not want to fix the hosts file entries.

To fix all the bad critical objects do the following:

Right click on one of them to open up the selection screen. Click the "Select All" button to select all entries. In general all should be selected with the exception of the good hosts file entries.

When all are selected Click "Next" and then "OK" in the pop-up window to confirm the removal.
Close Ad-aware, reboot your system and go on below.

The download for Spybot S&D is available here:

/downloads-file-108.html

Install by double-clicking on the downloaded file.
Run Spybot S&D from desktop icon or Start menu.
Press "Search for updates" button to get list of updates available.
Press "Download updates" button.
Close all IE windows and close & restart Spybot S&D.
Press "Check for problems" button.
Have SpyBot remove all it marks in red by pressing "Fix selected problems"
Close Spybot S&D, reboot your system

Download "Hijack This!".
Save it in a permanent folder such as C:\HJT\, double click HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, Ctrl-A to Select All, and post your log in the

Hijackthis - Spyware, Viruses, Worms, Trojans Oh My! Forum.

Most of what it lists will be harmless or even essential, don't fix anything yet.

When you post in the other forum please explain your problem again in detail so that the experts in the HJT forum will have the complete picture. Someone will be along to help you, but please be patient as the experts are very busy as of late!!

In the mean time, for your protection, I suggest you download and install these 2 very small, free programs that you run once and then just occasionally have to check for updates.

SpywareBlaster will block bad ActiveX and malevolent cookies.

http://www.javacoolsoftware.com/spywareblaster.html

IE-SPYAD puts over 4000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD

Please also read this article.
So how did I get infected in the first place?

When you start a new thread in Hijackthis - Spyware, Viruses, Worms, Trojans Oh My!, please post back here to let me know so that we can close this thread.

Already have one in Hijackthis. Title~~"Please Help ASAP Before I lose computer things getting worse"

I will post another after that one when thru with what you have here. Thanks soooooo much for you help.

Have Ad-aware 6.0 Personal Is that the right one?

Also wanted to let you know I tried to download TrojanHunter and it said it was corrupted to find a new version.

my Ad-aware...general settings screen has...Auto save log-file, Auto quarentine objects prior to removal, safe mode(always request confirmation) These are checked. only one that is not checked is Run at windows start up.

Next you have me going to the preparing system scan screen. don't have "search for negligible risk entries". Only have perform smart system-scan, use custom scanning options, or select drives\folders to scan. Then Highlighted and underlined are Customize and Select.

Figured if I explain it all to you this way I will know if I have the right Ad-aware program. I know I just got this version not very long ago.

Will get started on the other stuff for cleaning. And you can let me know.

You are such a sweetheart to help me.
Thanks again
Smiles
Maeflye

Here is what ravantivirus found.

Scanned
============================
Objects: 23702
Directories: 1984
Archives: 1230
Size(Kb): 880867
Infected files: 0

Found
============================
Viruses found: 0
Suspicious files: 0
Disinfected files: 0
Mail files: 394

Howdy,

Download the new version of AdAware(AdAware SE Personal) from www.lavasoft.com and then set it up like I said in post above.

all done.

Did the new HJT log and it is in that forum under the old one of mine. I still need to check out spywareblaster and ie-spyad.

Going to run an antivir personal 6.0 and see if it finds anything while you let me know about my new scan.

thanks so very much
Smiles )
Maeflye