TechSpot

Win7.tmp AVG

By IBN
Jun 11, 2006
  1. I need some help on this one.
     

    Attached Files:

  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

    Click start/run and type regsvr32 /u E:\WINDOWS\SYSTEM32\winetn32.dll into the run box and press the enter key. Note the space between the 2 and the forward slash and again between the u and c.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O20 - Winlogon Notify: winetn32 - E:\WINDOWS\SYSTEM32\winetn32.dll

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    E:\WINDOWS\SYSTEM32\winetn32.dll

    Reboot into normal mode and turn system restore back on.


    Regards Howard :)
     
  3. IBN

    IBN TS Maniac Topic Starter Posts: 487

    Thanx for your help. I have followed the instructions but i cannot delete winetn32.dl l it says access denied currently in use.....
     
  4. IBN

    IBN TS Maniac Topic Starter Posts: 487

    I am cuurently using AVG and this popup that a virus is detected keeps poping up even though i press heal or move to vault!!!.
     

    Attached Files:

  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Run HJT and click on the config button, then the misc tools button. Click the delete file on reboot button and browse to E:\WINDOWS\SYSTEM32\winetn32.dll. Click winetn32.dll and click open. You will be prompted to reboot your computer, click yes.

    Do exactly the same for this this file as well. E:\windows\temp\win7.temp

    The file should be deleted when your computer restarts.

    Please post a fresh HJT log after doing the above.

    Regards Howard :)
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I have merged your new thread into this one and have given you instructions on how to deal with the win7.temp file(see above).

    Please carry on posting in this thread, rather than opening new threads for what is the same problem. Thanks.

    Regards Howard :)
     
  7. IBN

    IBN TS Maniac Topic Starter Posts: 487

    Ok I have managed to get rid of the .dll file. In the windows temp i cant delete ZLT07e76.TMP i tried to do it in safe mode but in safe mode that file doesnt appear.
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    First, your HJT log is clean.

    I can`t find any info on ZLT07e76.TMP.

    You will probably need to do the following. In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html


    Download the Pocket Killbox programme from HERE. See if that can delete the file.

    Regards Howard :)
     
  9. IBN

    IBN TS Maniac Topic Starter Posts: 487

    That cant delete the file either!!! I have tried the kill on reboot option also. btw I think i have seen that file in the past though.....
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    What makes you think the ZLT07e76.TMP is nasty?

    What application is telling you about the presence of that file? Maybe it`s a false positive.

    When you say you`ve seen the file before, can you tell us what you mean exactly?

    Regards Howard :)
     
  11. IBN

    IBN TS Maniac Topic Starter Posts: 487

    My apologies. No application has said that file is present. The fact that i cant delete it, had led me to believe that it was something nasty. I have seen it in the past when i would manually delete tmps. Since my HJT is clear and you think it aint a virus then I'll leave it at that.

    Thanks alot for your ongoing help and smilies.
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    It probably belongs to some application you`re running and in all likelyhood is nothing to worry about.

    Regards Howard :)
     
  13. luvhuffer

    luvhuffer TechSpot Paladin Posts: 443

    Conficker drops the following copies of itself shown at the bottom. Though that may not be what it is, I'd suggest going to one of the major security company web site that has Conficker remover tools and run one anyway.

    The ZLT file is a log file from Zone Alarm. If you go offline and disable zone alarm you should be able to delete it from the Temp file. There is probably an option somewhere in the interface to stop it from creating logs, or even for clearing the log file cache. Not sure about that though.

    %System%\[Random].tmp
    %Temp%\[Random].tmp
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...