WinAV2008 with stop error

Is this the same PC you just recently posted about and had cleaned?

Uninstall the below software:
Java 2 Runtime Environment, SE v1.4.2_05
Spybot - Search & Destroy 1.4
Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME

What is the below file on your Desktop?

Code:

"C:\Documents and Settings\Administrator\Desktop\"
wwa.exe       Jun  7 2008    19153264  "wwa.exe"

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


You are way out of date with Malwarebytes. Please run Malwarebytes and select the Update tab and then click the Check for Updates button to update it to the current version and database. Then perform a full scan of your system (not a quick scan). Fix what it finds and attach the new log.

Now look for the below file and delete it if found:
c:\windows\system32\ffln.dll

Now download and run the current version of MGtools from here: MGtools.exe Attach the new C:\MGlogs.zip file.

 

You have both AVG7.5 and Avast antivirus programs installed. As requested in the first instructions of the READ & RUN ME, you must uninstall one of these immediately.


Since you had a few infected system files, it would be good idea to do the below to possibly fix others that may be corrupted.

Click Start, Run, and enter sfc /scannow and click OK. There is a space after the sfc. This runs System Rile Checker which looks for missing or corrupted system files and attempts to replace/repair them from files on your hard disk or from the CD if necessary. So it will ask for the Windows CD if it needs it.

Your logs are clean otherwise. Is everything working okay now?

 

You're welcome.


If you are not having any other malware problems, it is time to do our final steps:

1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix (if it exists)
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
9. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

No that does not mean you are protected. It just means the tray icon to start the program is loaded and that is all. You will notice that if you right click on the tray icon and select exit to terminate SAS, and then re-ren SAS from All Programs or from your Desktop icon that the program does not actually open up on your Desktop to do a scan. It just loads the tray icon and then you have to double click it to get a scan to run. This is a feature designed into the program to try and stop malware from preventing the loading of SAS. They feel if it is already running, that malware will be less likely to stop it from running.

You're welcome. Surf safely!

 

No problem!