Your Log indicates you have NO antiSPYWARE programs on your
computer, not a very wise decision since there are Good & FREE Ones
like AVG AntiSpyware, most easily downloaded from www.ewido.net,
and the FREE ver of SUPERAntiSpyware from www.superantispyware.com
available .
As to your immediate problem, would be best to use the Good & FREE
"RogueRemover" from www.malwarebytes.org/rogueremover.php .
Ok well I guess I’m just stupid because I thought Avast included antisypware… oops my bad. So, I will go and download one. Should that delete the spyware I have now and fix the problem?
Just to be on the safe side, I recommend you use the RogueRemover
program ; after you are done using it, then it would be wise to install
BOTH of the other 2 programs and run their scans, etc
P.S. I am NOT a fan of the "Google Toolbar" ; it increases your chances
of "mischief" from them in the future . When I do a Google "Search", I just
go to their website .
ok i will download those two in just one second. I downloaded RogueRemover and did a scan. It said it found nothing, but I know there is something there!?! ???
File kndsrngk.exe received on 09.19.2007 21:25:04 (CET)
Current status: Loading … queued waiting scanning finished NOT FOUND STOPPED
Result: 16/32 (50%)
Loading server information…
Your file is queued in position: 1.
Estimated start time is between 39 and 56 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they’re generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click “request” so the system sends you a notification when the scan is finished.
Email:
Lets not forget to send this and any file/s not detected by avast for analysis before it is dealt with.
If you are not getting a virus warning that you believe is a new, undetected virus then if you can zip and password protect (‘virus’, will do) the suspect file and send it to virus @ avast.com (no spaces), or send from the chest (after adding it to the User Files section of the chest).
Give a brief outline of the problem (possibly a link to this thread), the fact that you believe it to be a either a new, undetected virus and include the password in the body of the email. Some info on the avast version and VPS number (see about avast {right click avast icon}) will also help.
Looks like removing the Zeno startup entries is the way to go. Polonus’s method involves editing the registry; you could also attempt removal with HijackThis! as follows.
Run HijackThis! again, tick the following entries:
Run HijackThis! again and check that the entries have gone. More sophisticated malware will resist such a simple approach, but there are other methods to use if this fails.
Went and tried to manually remove it. It told me to find and delete the following:
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysstart
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zeno Browser Enhancer
None of them could be found. Something is still very wrong though. I get WinAntiSpyware 2007 popups like every 2 minutes and Avast warnings just will NOT stop. I’m having a hard time typing this message because of all the interuptions! The reason I couldn’t get BitDefender to finish was because all of a sudden the page would load an advertisment. It wasn’t even a pop up, it would just load on the page I already had open. Ahhhhhh it’s driving me crazy! :o
Hi :