Two Plus Two Newer Archives
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Two Plus Two Newer Archives (http://archives1.twoplustwo.com/index.php)
-   Computer Technical Help (http://archives1.twoplustwo.com/forumdisplay.php?f=50)
-   -   Internet Speed Monitor.... help me kill this virus (http://archives1.twoplustwo.com/showthread.php?t=488370)

daveT 08-30-2007 09:49 PM
Re: Internet Speed Monitor.... help me kill this virus
 
Okay, after two days, I am finally done with Trend Micro.

I guess I shouldn't have clicked "yes" when it asked me to do a full scan.

It did find some stuff in the initial scan, but It never compiled a list for me. I had it on notepad, but I guess it didn't save. I finished yesterday with problems.

The second scan found nothing.

daveT 08-31-2007 06:30 PM
Re: Internet Speed Monitor.... help me kill this virus
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/31/2007 at 03:10 PM

Application Version : 3.9.1008

Core Rules Database Version : 3259
Trace Rules Database Version: 1270

Scan type : Complete Scan
Total Scan Time : 01:49:30

Memory items scanned : 395
Memory threats detected : 0
Registry items scanned : 3850
Registry threats detected : 16
File items scanned : 21746
File threats detected : 3

Trojan.DCOM Server
HKLM\Software\Classes\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304B25319}
HKCR\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304B25319}
HKCR\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304B25319}\InProcServer32
HKCR\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304B25319}\InProcServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\MASHE.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\SharedTaskScheduler#{2C1CD3D7-86AC-4068-93BC-A02304B25319}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She llServiceObjectDelayLoad#DCOM Server 25319
HKCR\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304B25319}

Adware.ClickSpring/Outer Info Network
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#HelpLink
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#InstallLocation
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\Outerinfo#DisplayVersion

Trojan.Downloader-Gen/WinPop
C:\Program Files\WinPop

Adware.ClickSpring/Yazzle
C:\PROGRAM FILES\COMMON FILES\YAZZLE1552OINUNINSTALLER.EXE

daveT 08-31-2007 06:34 PM
Re: Internet Speed Monitor.... help me kill this virus
 
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 3:30:36 PM, on 8/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\atievxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Dynex Wireless G Adapter\WLService.exe
C:\Program Files\Dynex Wireless G Adapter\WLanCfgG.exe
C:\WINDOWS\713xRMTMon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\honestech\honestech TVR\scheduleTV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\new\Desktop\HiJackThis_v2.exe

O2 - BHO: C:\WINDOWS\system32\htr4ikg.dll - {27AD49A2-94F3-42bD-F434-2604812C897C} - C:\WINDOWS\system32\htr4ikg.dll (file missing)
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\tmp3.tmp.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE " /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE " /IMEName
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [MP10_EnsureFileVer] "C:\WINDOWS\inf\unregmp2.exe" /EnsureFileVersions
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [XP restart system] C:\DOCUME~1\new\LOCALS~1\Temp\wnset.exe
O4 - HKCU\..\Run: [autoload] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [autorun] C:\Documents and Settings\new\svchost.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: c:\windows\system32\fcyvwwv.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: aeskap - C:\WINDOWS\SYSTEM32\aeskap.dll
O20 - Winlogon Notify: hhclui - hhclui.dll (file missing)
O21 - SSODL: DRvajxH - {40EAF900-EA40-53AA-FCB2-42006A0B7F52} - C:\WINDOWS\system32\fbufv.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ldf94mgdfg94jfgdfg - {27AD49A2-94F3-42bD-F434-2604812C897C} - C:\WINDOWS\system32\htr4ikg.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Dynex DX-WGNBC Service (Dynex DX-WGNBC WLService) - Unknown owner - C:\Program Files\Dynex Wireless G Adapter\WLService.exe
O24 - Desktop Component 0: (no name) - http://i148.photobucket.com/albums/s...54GM8W1004.jpg

--
End of file - 5317 bytes

daveT 08-31-2007 08:08 PM
Re: Internet Speed Monitor.... help me kill this virus
 
Also, Internet Speed Monitor itself is a simple program to uninstall. The full file for it is:

Program Files\ISM\bndloader.exe
Program Files\ISM\dictonary.gz
Program Files\ISM\ism.exe
Program Files\ISM\ISMModule2.exe
Program Files\ISM\syncupd.exe
Program Files\ISM\targets.gz
Remove Folder Program Files\ISM
Documents and Settings\n\Start Menu\Programs\Internet Speed
Monitor\Check Now.Ink
Documents and Settings\n\Start Menu\Programs\Internet Speed
Monitor\Uninstall.Ink
Documents and Settings\n\Start Menu\Programs\Internet Speed
Monitor\

TheCraigB 09-09-2007 02:40 AM
Re: Internet Speed Monitor.... help me kill this virus
 
Before you go through all this, I recommend going to add/remove programs and uninstalling Internet Speed Monitor.


All times are GMT -4. The time now is 08:54 AM.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.