Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

sneaky virus


  • Please log in to reply

#1
todd0305

todd0305

    New Member

  • Member
  • Pip
  • 3 posts
Hey guys I have this sneaky virus that I can't seem to get rid off.

Here's a shot of the Run directory in the registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Recguard"="C:\\WINDOWS\\SMINST\\RECGUARD.EXE"
"NvCplDaemon"="\"RUNDLL32.EXE\" NvQTwk,NvCplDaemon initialize"
"S3TRAY2"="S3tray2.exe"
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"PS2"="C:\\WINDOWS\\system32\\ps2.exe"
"USB"="C:\\WINDOWS\\system32\\usb.exe"
"SpySweeper"="\"C:\\Program Files\\Webroot\\Spy Sweeper\\SpySweeperUI.exe\" /startintray"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
"anathcw"="C:\\WINDOWS\\system32\\rwtoqyv.exe r"
"szbhzpu"="C:\\WINDOWS\\system32\\qjrzncp.exe r"
"esfbiel"="C:\\WINDOWS\\system32\\xyjptq.exe r"
"wpohucj"="C:\\WINDOWS\\system32\\dgoxyfc.exe r"
"kgyregz"="C:\\WINDOWS\\system32\\ylxpvqv.exe r"
"neujwr"="C:\\WINDOWS\\system32\\wgdsuo.exe r"
"pwqlchs"="C:\\WINDOWS\\system32\\ltnpowc.exe r"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"SSC_UserPrompt"="\"C:\\Program Files\\Common Files\\Symantec Shared\\Security Center\\UsrPrmpt.exe\""

I have scanned it with norton, pandasoftware, trendmicro, ewido, spysweeper, adaware, BARTpe stinger.

I tried to delete it from the registry but it keep coming back.

Any sugestions?

Edited by todd0305, 23 July 2006 - 12:21 PM.

  • 0

Advertisements


#2
rumble291

rumble291

    Member

  • Member
  • PipPipPip
  • 430 posts
Your in the wrong section you need to go to the malware removal section: http://www.geekstogo...o_Here-f37.html
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP