[woodybrush45]

I think I have the pc health virus does anyone know how to get rid of it???? its attached to my system restore and other programs!!!! any help would be greatly apprecieated,thanx,woody

[woodybrush45]

SDFix: Version 1.240
Run by woody1 on Tue 04/28/2009 at 10:41 AM

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\Documents and Settings\woody1\Local Settings\Temp\Google Toolbar\gtb7.tmp.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-28 10:46:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable d:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS28.tmp\\AswApp.exe"="C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS28.tmp\\AswApp.exe:*isabled:AswApp"
"C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS36.tmp\\AswApp.exe"="C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS36.tmp\\AswApp.exe:*isabled:AswApp"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Paltalk Messenger\\paltalk.exe"="C:\\Program Files\\Paltalk Messenger\\paltalk.exe:*isabled:PaltalkScene"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger"
"C:\\Documents and Settings\\woody1\\Local Settings\\Temporary Internet Files\\Content.IE5\\27VRHTJ8\\incredimail_install[1].exe"="C:\\Documents and Settings\\woody1\\Local Settings\\Temporary Internet Files\\Content.IE5\\27VRHTJ8\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameter s\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable d:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Thu 24 May 2007 50,688 ..SHR --- "C:\Program Files\ZakFromAnotherPlanet\VBRunDLL\Setup.exe"
Wed 23 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Finished!

[woodybrush45]

its still attached to my system info plz, help and still getting the blue screen of death thannx, woody