Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 10-23-2004, 07:21 PM   #1
Solid State Member
 
Join Date: Aug 2004
Posts: 11
Angry Virus help please.

I have AVG Antivirus and I keep getting pop ups telling me that I have a virus in my system volume information directory. Running AVG dosn't get rid of the virus, and I can't find the directory so I can't delete it manually, is there any way to get rid of this other than a complete reformat of my computer?
__________________

Guitarist970 is offline   Reply With Quote
Old 10-23-2004, 07:22 PM   #2
Golden Master
 
athlon64fx's Avatar
 
Join Date: Aug 2004
Posts: 6,153
Send a message via MSN to athlon64fx
Default Re: Virus help please.

update your definitions and if that dorn still get rid of it then try another vendors solution such as symatec norton or mcafee
__________________

athlon64fx is offline   Reply With Quote
Old 10-23-2004, 07:22 PM   #3
Golden Master
 
athlon64fx's Avatar
 
Join Date: Aug 2004
Posts: 6,153
Send a message via MSN to athlon64fx
Default Re: Virus help please.

...
athlon64fx is offline   Reply With Quote
Old 10-23-2004, 07:31 PM   #4
Solid State Member
 
Join Date: Aug 2004
Posts: 11
Default Re: Virus help please.

I've already updated my definitions, I also run Systantic antivirus, the corperate version.
Guitarist970 is offline   Reply With Quote
Old 10-23-2004, 07:38 PM   #5
Golden Master
 
athlon64fx's Avatar
 
Join Date: Aug 2004
Posts: 6,153
Send a message via MSN to athlon64fx
Default Re: Virus help please.

ok...
athlon64fx is offline   Reply With Quote
Old 10-29-2004, 11:04 PM   #6
The Candyman
 
~mr mixx~'s Avatar
 
Join Date: Jun 2004
Location: USA
Posts: 11,310
Default Re: Virus help please.

Do you know the name of the virus? if so you can do a google search for the removal of the virus.
__________________
" Let the music move you "
~mr mixx~ is offline   Reply With Quote
Old 11-01-2004, 12:06 AM   #7
Solid State Member
 
Join Date: Aug 2004
Posts: 11
Default Re: Virus help please.

I have the difica and istbar viruses on my computer. I ran hijack this and here is my log:

Logfile of HijackThis v1.98.2
Scan saved at 11:09:06 PM, on 10/31/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trillian\trillian.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\DOCUME~1\Chris\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sbc.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.sbc.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_ 12_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_3_ 12_0.dll
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
Guitarist970 is offline   Reply With Quote
Old 11-01-2004, 10:29 AM   #8
Fully Optimized
 
Dynamix's Avatar
 
Join Date: Aug 2004
Posts: 2,463
Default Re: Virus help please.

Use a virus cheker
Dynamix is offline   Reply With Quote
Old 11-01-2004, 01:53 PM   #9
The Candyman
 
~mr mixx~'s Avatar
 
Join Date: Jun 2004
Location: USA
Posts: 11,310
Default Re: Virus help please.

I've created this as one of the main concerns on the internet is "Virus Alerts".

I hope this thread will be useful to everyone in containing insight to real alerts and bogus ones and will be a valid asset to the forum.

You can get virus news added to your website with:
http://www.trendmicro.com/syndication/vinfo/

Please add any Virus queries/remarks you have to this thread.

Related links:
Anti-Virus Guard's (AVG) homepage
Updates regularly and to most it's free or has a free version.
http://www.grisoft.com

Symatec's Anti-virus tools Download page (Norton/IBM)
http://securityresponse.symantec.co...tools.list.html

Symatec's Virus List
http://securityresponse.symantec.co...tml#threat_list

Corporate firewalling/anti-virus guards
http://www.crystalonnet.com/fsecureantivirus.htm

Mcafee homepage
http://www.mcafee.com/

Mcafee Online scan
http://www.mcafee.com/myapps/mfs/default.asp

Trendmicro's Online scan
http://housecall.trendmicro.com/

About.com's Antivirus news articles.
http://antivirus.about.com/mbody.htm

EXPLOITS

Exploit Tracking (Multiple Platforms)
http://www.securitytracker.com/

hope that helps....
__________________

__________________
" Let the music move you "
~mr mixx~ is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 04:24 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0