Go Back   Computer Forums > General Computing > Hardware
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 10-24-2005, 07:43 PM   #1
Baseband Member
 
Join Date: Jul 2005
Posts: 40
Default STUPUID VIRUSES...requesting some help.

<bad spelling>(its a joke you will understnad at the end)
okay i got hit with a virus actualyl more of a worm that gave me viruses called "wininit32" i have stoped it and the viruses fomr being in the startup using msconfig. i even dleted from my drive, i located it in the registry but...for some odd reason it still shows up under msconfig (but it is unchecked). now i culd live with the fact that i have stopped the virus but im wondering if there is a wya to completely wipe it out. below is a screen shot of what i'm talking about and a log file using hijack this.

*******
'log file

Logfile of HijackThis v1.99.1
Scan saved at 6:42:31 PM, on 10/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Aaron\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - C:\WINDOWS\system32\wdfmgr.exe (file missing)

'end
*******


^this is my current MS start up configuration.

any help would be great if you need more info let me know and i will see what i can do and try and understand what you are talking aobut. thanks in advanced, you guys are soo smart so we should be able to tackle this. <geekyness>BOO YA!</geekyness></bad spelling>
__________________

__________________
ASUS A8V-E Deluxe | AMD Athlon 64 3800+ | Crucial 1GB 184-Pin DDR SDRAM (x2)
eVGA Geforce 7800GTX 256-P2-N528-AX Video Card
Saitek Black Wired | Logitech MX518 | Logitech THX Z-5300e 5.1 | ASPIRE X-Plorer ATXB8KLW-BK Black
ViewSonic VA912b Black 19" 20ms | SONY Black IDE CD-ROM | SONY Black IDE DVD Burner | SONY Black Internal Floppy Drive | SAMSUNG SpinPoint P Series 160GB (x2)[RAID 0]
neotech power supply 480watt
blue case fans :-)

http://www.alblil.com
alblil is offline   Reply With Quote
Old 10-24-2005, 11:13 PM   #2
Golden Master
 
ISOwner's Avatar
 
Join Date: Dec 2004
Posts: 12,208
Default Re: STUPUID VIRUSES...requesting some help.

Get rid of those folders from the Registry.
__________________

__________________
*Fact: Microsoft Window's Blue Screen of Death vs Computerforums.org's White Screen of Death. Which is worse?
ISOwner is offline   Reply With Quote
Old 10-25-2005, 12:19 AM   #3
Baseband Member
 
Join Date: Jul 2005
Posts: 40
Default Re: STUPUID VIRUSES...requesting some help.

what folders?
__________________
ASUS A8V-E Deluxe | AMD Athlon 64 3800+ | Crucial 1GB 184-Pin DDR SDRAM (x2)
eVGA Geforce 7800GTX 256-P2-N528-AX Video Card
Saitek Black Wired | Logitech MX518 | Logitech THX Z-5300e 5.1 | ASPIRE X-Plorer ATXB8KLW-BK Black
ViewSonic VA912b Black 19" 20ms | SONY Black IDE CD-ROM | SONY Black IDE DVD Burner | SONY Black Internal Floppy Drive | SAMSUNG SpinPoint P Series 160GB (x2)[RAID 0]
neotech power supply 480watt
blue case fans :-)

http://www.alblil.com
alblil is offline   Reply With Quote
Old 10-25-2005, 12:20 AM   #4
Golden Master
 
ISOwner's Avatar
 
Join Date: Dec 2004
Posts: 12,208
Default Re: STUPUID VIRUSES...requesting some help.

I mean those files you pointed out above. Use the path from MSCONFIG to tell you where they're at in the Registry.
__________________
*Fact: Microsoft Window's Blue Screen of Death vs Computerforums.org's White Screen of Death. Which is worse?
ISOwner is offline   Reply With Quote
Old 10-25-2005, 12:31 AM   #5
Baseband Member
 
Join Date: Jul 2005
Posts: 40
Default Re: STUPUID VIRUSES...requesting some help.

well i actualyl coulnt find them in the registry but i dled a program called startup.cpl and i got them that way...w00t.

**the tally**
Aaron - 1
Viruses - 0
__________________
ASUS A8V-E Deluxe | AMD Athlon 64 3800+ | Crucial 1GB 184-Pin DDR SDRAM (x2)
eVGA Geforce 7800GTX 256-P2-N528-AX Video Card
Saitek Black Wired | Logitech MX518 | Logitech THX Z-5300e 5.1 | ASPIRE X-Plorer ATXB8KLW-BK Black
ViewSonic VA912b Black 19" 20ms | SONY Black IDE CD-ROM | SONY Black IDE DVD Burner | SONY Black Internal Floppy Drive | SAMSUNG SpinPoint P Series 160GB (x2)[RAID 0]
neotech power supply 480watt
blue case fans :-)

http://www.alblil.com
alblil is offline   Reply With Quote
Old 10-25-2005, 12:33 AM   #6
Golden Master
 
ISOwner's Avatar
 
Join Date: Dec 2004
Posts: 12,208
Default Re: STUPUID VIRUSES...requesting some help.

can you tell me more about that program? Is it freeware or shareware? I never heard of that before.
__________________
*Fact: Microsoft Window's Blue Screen of Death vs Computerforums.org's White Screen of Death. Which is worse?
ISOwner is offline   Reply With Quote
Old 10-25-2005, 02:28 AM   #7
Fully Optimized
 
Join Date: Jun 2005
Posts: 3,275
Send a message via ICQ to DJ Stephen Send a message via AIM to DJ Stephen Send a message via MSN to DJ Stephen Send a message via Yahoo to DJ Stephen
Default Re: STUPUID VIRUSES...requesting some help.

Does it work then now?

TRD Corolla:
Here is the link to the program that you wanted to know more about abouve: It is 1005 free:
http://www.mlin.net/StartupCPL.shtml
DJ Stephen is offline   Reply With Quote
Old 10-25-2005, 05:20 PM   #8
Baseband Member
 
Join Date: Jul 2005
Posts: 40
Default Re: STUPUID VIRUSES...requesting some help.

yes it helped quite ia bit and i scanned it with 3 programs including norman so it has to eb clean. soo yes it was a good choice but i decided to delete it afterward because i had no further use of it...if you use it be sure and read all instructions. http://www.mlin.net/StartupCPL.shtml for those interested
__________________

__________________
ASUS A8V-E Deluxe | AMD Athlon 64 3800+ | Crucial 1GB 184-Pin DDR SDRAM (x2)
eVGA Geforce 7800GTX 256-P2-N528-AX Video Card
Saitek Black Wired | Logitech MX518 | Logitech THX Z-5300e 5.1 | ASPIRE X-Plorer ATXB8KLW-BK Black
ViewSonic VA912b Black 19" 20ms | SONY Black IDE CD-ROM | SONY Black IDE DVD Burner | SONY Black Internal Floppy Drive | SAMSUNG SpinPoint P Series 160GB (x2)[RAID 0]
neotech power supply 480watt
blue case fans :-)

http://www.alblil.com
alblil is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 04:29 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0