WiredWX Hobby Weather ToolsLog in

 


descriptionBackdoor.Tidserv!inf EmptyBackdoor.Tidserv!inf

more_horiz
I have been infected as many others with the above virus. I ran the fix thing that was suggest and this is the report.txt

Username "Jilly" - 12/03/2008 15:11:53 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

Successfully flushed the DNS Resolver Cache.


System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"TPNF"="C:\\Program Files\\TOSHIBA\\TouchPad\\TPTray.exe"
"CeEKEY"="C:\\Program Files\\TOSHIBA\\E-KEY\\CeEKey.exe"
"NDSTray.exe"="NDSTray.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"PadTouch"="C:\\Program Files\\TOSHIBA\\Touch and Launch\\PadExe.exe"
"ZoomingHook"="ZoomingHook.exe"
"SmoothView"="C:\\Program Files\\TOSHIBA\\TOSHIBA Zooming Utility\\SmoothView.exe"
"HWSetup"="C:\\Program Files\\TOSHIBA\\TOSHIBA Applet\\HWSetup.exe hwSetUP"
"TOSHIBA Accessibility"="C:\\Program Files\\TOSHIBA\\Accessibility\\FnKeyHook.exe"
"Tvs"="C:\\Program Files\\Toshiba\\Tvs\\TvsTray.exe"
"SVPWUTIL"="C:\\Program Files\\Toshiba\\Windows Utilities\\SVPWUTIL.exe SVPwUTIL"
"TPSMain"="TPSMain.exe"
"TCtryIOHook"="TCtrlIOHook.exe"
"TFncKy"="TFncKy.exe"
"LtMoh"="C:\\\\Program Files\\\\ltmoh\\\\Ltmoh.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"EPSON Stylus C64 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I2C1.EXE /P23 \"EPSON Stylus C64 Series\" /O6 \"USB001\" /M \"Stylus C64\""
"CFSServ.exe"="CFSServ.exe -NoClient"
"EPSON Stylus C88 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIABA.EXE /P23 \"EPSON Stylus C88 Series\" /O6 \"USB002\" /M \"Stylus C88\""
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton AntiVirus\\osCheck.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_07\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
"MsnMsgr"="\"C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe\" /background"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


Can you help me get rid of this?
Thanks so much

descriptionBackdoor.Tidserv!inf EmptyRe: Backdoor.Tidserv!inf

more_horiz
FixWareout is for DNS hijacking, I see no signs of a DNS hijack from the report.
Please read this thread:
http://www.geekpolice.net/malware-removal-support-hijackthis-logs-f11/read-this-before-posting-t3821.htm
And post a Hijack This log here.

descriptionBackdoor.Tidserv!inf EmptyRe: Backdoor.Tidserv!inf

more_horiz
Due to lack of feedback, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

descriptionBackdoor.Tidserv!inf EmptyRe: Backdoor.Tidserv!inf

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum