Yipee...I've got my very own virus

Collapse
X
Collapse
 
  • Page of 2
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • Chewy
    Super Moderator
    • Nov 2003
    • 18971
    #16
    never used cccleaner, if add and remove, regedit and services.msc won't kill it I would reload

      Comment

      • locoeng
        Who Farted?
        • Dec 2005
        • 2509
        #17
        I don't really think I had a virus...it must have been a false positive.


        "I refuse to have a battle of wits with an unarmed person. It's not fair to you and no challenge for us."
        Walt Kelly

          Comment

          • Gary D
            Lord of Digital Video
            Lord of Digital Video
            • Dec 2005
            • 2266
            #18
            symantec removal tools

            Edit: You may have to reinstall it to delete it properly
            Gary D

              Comment

              • blutach
                Not a god of digital video
                • Oct 2004
                • 24627
                #19
                Originally Posted by locoeng
                I don't really think I had a virus...it must have been a false positive.
                Beeter to be false positive for a virus than false negative for pregnancy

                Regards
                Les

                Essential progs - [PgcEdit] [VobBlanker] [MenuShrink] [IfoEdit] [Muxman] [DVD Remake Pro] [DVD Rebuilder] [BeSweet] [Media Player Classic] [DVDSubEdit] [ImgBurn]

                Media and Burning - [Golden Rules of Burning] [Media quality] [Fix your DMA] [Update your Firmware] [What's my Media ID Code?] [How to test your disc]
                [What's bitsetting?] [Burn dual layer disks safely] [Why not to burn with Ner0] [Interpret Ner0's burn errors] [Got bad playback?] [Burner/Media compatibility]

                Cool Techniques - [2COOL's guides] [Clean your DVD] [Join a flipper] [Split into 2 DVDs] [Save heaps of Mb] [How to mock strip] [Cool Insert Clips]

                Real useful info - [FAQ INDEX] [Compression explained] [Logical Remapping of Enabled Streams] [DVD-Replica] [Fantastic info on DVDs]


                You should only use genuine Verbatim or Taiyo Yuden media. Many thanks to www.pcx.com.au for their supply and great service.

                Explore the sites and the programs - there's a gold mine of information in them

                Don't forget to play the Digital Digest Quiz!!! (Click here)

                  Comment

                  • locoeng
                    Who Farted?
                    • Dec 2005
                    • 2509
                    #20
                    True Blu, true....

                    Thanks for the link Gary.


                    "I refuse to have a battle of wits with an unarmed person. It's not fair to you and no challenge for us."
                    Walt Kelly

                      Comment

                      • locoeng
                        Who Farted?
                        • Dec 2005
                        • 2509
                        #21
                        Looks like it worked Gary...thanks again for the link.

                        Now chewy can help me trim the fat

                        Code:
                        Logfile of HijackThis v1.99.1
Scan saved at 10:17:01 PM, on 6/19/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Documents and Settings\scott\Start Menu\Programs\Startup\FAH504-Console.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\scott\Start Menu\Programs\Startup\FahCore_78.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Documents and Settings\scott\Start Menu\Programs\Startup\FAH504-Console.exe
C:\Documents and Settings\scott\Start Menu\Programs\Startup\FahCore_78.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Excursion9.5\mIRC.ExCurSioN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://erc.nscorp.com/anch/ess
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - Startup: client.cfg
O4 - Startup: FAH504-Console.exe
O4 - Startup: FahCore_78.exe
O4 - Startup: FAHlog-Prev.txt
O4 - Startup: FAHlog.txt
O4 - Startup: MyFolding.html
O4 - Startup: queue.dat
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: unitinfo.txt
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FAH@C:+Documents and Settings+scott+Start Menu+Programs+Startup+FAH504-Console.exe - Stanford University - C:\Documents and Settings\scott\Start Menu\Programs\Startup\FAH504-Console.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


                        "I refuse to have a battle of wits with an unarmed person. It's not fair to you and no challenge for us."
                        Walt Kelly

                          Comment

                          • Chewy
                            Super Moderator
                            • Nov 2003
                            • 18971
                            #22
                            here's a different toy to play with
                            http://www.microsoft.com/technet/sysinternals/utilities/Autoruns.mspx


                            tip: under options check hide microsoft entries

                            under file use refresh

                              Comment

                              • locoeng
                                Who Farted?
                                • Dec 2005
                                • 2509
                                #23
                                That is alot of stuff I know nothing about..


                                "I refuse to have a battle of wits with an unarmed person. It's not fair to you and no challenge for us."
                                Walt Kelly

                                  Comment

                                  Previous 1 2 template Next
                                  Working...