1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

pc health virus

Discussion in 'Virus & Other Malware Removal' started by woodybrush45, Apr 20, 2009.

Thread Status:
Not open for further replies.
Advertisement
  1. woodybrush45

    woodybrush45 Thread Starter

    Joined:
    Apr 19, 2009
    Messages:
    8
    I think I have the pc health virus does anyone know how to get rid of it???? its attached to my system restore and other programs!!!! any help would be greatly apprecieated,thanx,woody
     
  2. woodybrush45

    woodybrush45 Thread Starter

    Joined:
    Apr 19, 2009
    Messages:
    8
    SDFix: Version 1.240
    Run by woody1 on Tue 04/28/2009 at 10:41 AM

    Microsoft Windows XP [Version 5.1.2600]
    Running From: C:\SDFix

    Checking Services :


    Restoring Default Security Values
    Restoring Default Hosts File

    Rebooting


    Checking Files :

    Trojan Files Found:

    C:\Documents and Settings\woody1\Local Settings\Temp\Google Toolbar\gtb7.tmp.exe - Deleted





    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-04-28 10:46:30
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"
    "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
    "C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS28.tmp\\AswApp.exe"="C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS28.tmp\\AswApp.exe:*:Disabled:AswApp"
    "C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS36.tmp\\AswApp.exe"="C:\\Documents and Settings\\woody1\\Local Settings\\Temp\\WZS36.tmp\\AswApp.exe:*:Disabled:AswApp"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
    "C:\\Program Files\\Paltalk Messenger\\paltalk.exe"="C:\\Program Files\\Paltalk Messenger\\paltalk.exe:*:Disabled:paltalkScene"
    "C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger"
    "C:\\Documents and Settings\\woody1\\Local Settings\\Temporary Internet Files\\Content.IE5\\27VRHTJ8\\incredimail_install[1].exe"="C:\\Documents and Settings\\woody1\\Local Settings\\Temporary Internet Files\\Content.IE5\\27VRHTJ8\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000"

    Remaining Files :


    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Thu 24 May 2007 50,688 ..SHR --- "C:\Program Files\ZakFromAnotherPlanet\VBRunDLL\Setup.exe"
    Wed 23 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

    Finished!

    :)
     
  3. woodybrush45

    woodybrush45 Thread Starter

    Joined:
    Apr 19, 2009
    Messages:
    8
    its still attached to my system info plz, help and still getting the blue screen of death thannx, woody:mad:
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/820240