installing virus program

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

chess master

Thread Starter
Joined
Jan 31, 2006
Messages
36
Tried to install Avg virus program after uninstalling the hog Macfee.
I get local machine installation failed
Error: action failed for registry value Hklm\software\microsoft\windows\current version\
Run: AVG7-CC: creating registry value
after the message nothing seems to happen should I wait and see if it creates a key?
I read what other members have stated about AVG and Avast what do you see as an alternative? Has any one tried PC Tools free virus program? After posting this message I tried to install PCtools virus program and I got the followinf
C:\windows\system32\drivers\ Av filter. sys....error occured while trying to rename a file in the destination directory move file failed; code 5 access is denied..

Thank you for any advice you can give

Chess master
 

chess master

Thread Starter
Joined
Jan 31, 2006
Messages
36
golferbob said:
i had run avg free for years till i just got a new dell with a free year of mcafee. i will be glad to get back to avg. are you sure you got mcafee completly uninstalled ? this can be a real problem. below is a website to uninstall mcafee. LOL


http://www.majorgeeks.com/McAfee_Consumer_Product_Removal_Tool_d5420.html
Golfer Bob, Thanks for the advice. I used the Mcafee removal program and it seemed to remove what I had missed. I still have the same problem I can not install AVG or PC tools virus programs. Any suggestions out there in web space?
 

guitar

Banned
Joined
Jan 15, 2006
Messages
414
do a hjt and fix any mcafee traces then use ccleaner to cleanup and issues cleanup restart and install avg:)
 
Joined
May 18, 2004
Messages
3,895
i would do the post above ,post a hijack log and run ccleaner . i would also uninstall all antivirus programs ,restart your computer before trying to install avg.
 

chess master

Thread Starter
Joined
Jan 31, 2006
Messages
36
Logfile of HijackThis v1.99.1
Scan saved at 9:54:01 AM, on 01/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\geswall\gswserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\CACHEM~1\CachemanXP.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Novatix\Cyberhawk\CHService.exe
C:\Program Files\ProcessGuard\dcsuserprot.exe
C:\Program Files\Sandboxie\SandboxieServer.exe
C:\Program Files\SiteAdvisor\5020\SAService.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\ProcessGuard\pgaccount.exe
C:\Program Files\Comodo\VEngine\VEngine.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\PC-Clean\PC-Clean.exe
C:\Program Files\Novatix\Cyberhawk\CHTray.exe
C:\Program Files\Winpooch\Winpooch.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hitman Pro\srhelper.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Arovax Shield\ArovaxShield.exe
C:\Program Files\SiteAdvisor\5020\SiteAdv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn2\YTBSDK.exe
C:\Documents and Settings\Administrator\Desktop\spyware programs\hijackthis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sandicor.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - C:\WINDOWS\system32\smiehlp.dll
O2 - BHO: ESigil Browser Helper - {A968A4B4-C492-4834-B651-17602C3885C8} - C:\Program Files\Comodo\VEngine\ESigil.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Web Class - {D03B6018-E880-4A89-99A2-7354FE52DDAE} - C:\PROGRA~1\NLIA\Nlia.dll
O2 - BHO: Sandboxie - {E947A403-B614-4FA8-B9E7-E790F0BDC87E} - C:\Program Files\Sandboxie\SandboxieToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration977.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Program Files\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: Sandboxie - {E947A403-B614-4FA8-B9E7-E790F0BDC87E} - C:\Program Files\Sandboxie\SandboxieToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
O4 - HKLM\..\Run: [!1_pgaccount] "C:\Program Files\ProcessGuard\pgaccount.exe"
O4 - HKLM\..\Run: [VEngine] C:\Program Files\Comodo\VEngine\VEngine.exe
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [PC-Clean] C:\Program Files\PC-Clean\PC-Clean.exe /h
O4 - HKLM\..\Run: [Cyberhawk] C:\Program Files\Novatix\Cyberhawk\CHTray.exe
O4 - HKLM\..\Run: [Winpooch] C:\Program Files\Winpooch\Winpooch.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [HD] C:\Program Files\Privacy Patrol\Hd.cmd
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Get siteinfo data (fsc) - C:\Program Files\EMS Free Surfer Companion\fslauncher.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?9d13821926264d5093a16e593575ad7e
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?9d13821926264d5093a16e593575ad7e
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~4\tools\iesdpb.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\WINDOWS\system32\SHDOCVW.DLL
O9 - Extra button: (no name) - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exe
O9 - Extra 'Tools' menuitem: Free Surfer - {AFC3FA82-AD07-45cd-8B57-983435B9899E} - C:\Program Files\EMS Free Surfer Companion\FS30.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Sandboxie Toolbar - {11E506DC-0976-4CDA-BB30-37E60A2F2F46} - C:\Program Files\Sandboxie\SandboxieToolbar.dll (HKCU)
O9 - Extra 'Tools' menuitem: Sandboxie - {11E506DC-0976-4CDA-BB30-37E60A2F2F46} - C:\Program Files\Sandboxie\SandboxieToolbar.dll (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137871888656
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by117fd.bay117.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: shell - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\5020\SiteAdv.dll
O20 - AppInit_DLLs: interceptor.dll,c:\progra~1\google\google~1\goec62~1.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: zsnotify - C:\WINDOWS\SYSTEM32\zsnotify.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Cyberhawk - Unknown owner - C:\Program Files\Common Files\Novatix\Cyberhawk\CHService.exe" service (file missing)
O23 - Service: DiamondCS ProcessGuard Service v3.405 (DCSPGSRV) - DiamondCS - C:\Program Files\ProcessGuard\dcsuserprot.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: GeSWall service (gswserv) - GentleSecurity S.a.r.l. - C:\Program Files\geswall\gswserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxbs_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbscoms.exe
O23 - Service: Sandboxie Service (SandboxU) - tzuk - C:\Program Files\Sandboxie\SandboxieServer.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\5020\SAService.exe
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: SRS Labs License Service - SRS Labs - C:\Program Files\Common Files\SRS Labs Shared\Service\srslabslicenseservice.exe
O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE

GUYS, this is the log from HJT. I will run CC and see if that works..
Thanks for any help that can be given..
Chessmaster
 

guitar

Banned
Joined
Jan 15, 2006
Messages
414
your log needs some expert help to clean up i am not an expert so i can't advise you which to fix with hjt
run clean and issues fix with ccleaner it may work and it won't do any harm if it doesn't post another hjt and wait for an expert to read it for you
let me know if the ccleaner fixes it:)

ps i just had a thought maybe that firewall your useing is interfering did you try switching it off and then install avg?
 
Joined
May 18, 2004
Messages
3,895
iam not a pro but you have a lot of tool bars [03]. with the new IE7 i don't use any toolbars.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top