Virus removal

By mccabe75
Jul 15, 2009
  1. Symptoms include pop ups advising of multiple threats every day. The first time it happened a 'fake' spyware downloaded every time I clicked on the pop up and then the computer couldn't be used until I removed this program.
  2. cosmido

    cosmido TS Rookie Posts: 20


    No infection !

    All of these following proposal lines to fix, are for improve the performance of your PC.
    The lines 04- are processus who start automatically when the Pc start.
    Some of these processus aren't necessary to start like that.
    And somes other ones, can have a shortcut on desktop, to be use by double-click when the user need it.
    No software process are delete, only the registry entry where process are place for start at boot.

    Open HijackThis
    • Select [Do a system scan only],
    • Put a hook in front of each following lines,
    • Close Internet Explorer ands all windows,
    • And press [Fix Checked].

    Fix it.
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"

    You can create a shortcut. - Allows you to connect your Acer laptop to a projector.
    O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe

    If you don't need - For translating Japanese/Chinese text in IE, Outlook and Word.
    Oups.. I remarked your IP is from Asia, then perhaps is good for you - As you want.

    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

    Fix it.
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

    As you want - Related to Acer_ ePower_Management Detect any Security Threat.
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

    Fix it.
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

    If you use it sometime, fix it and create a shortcut on your desktop.
    Acer's eRecovery Management program. This program allows you to create and restore backups of your compute
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe

    Fix it. - can create shortcut if need, for somes.
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SmileboxTray] "C:\Documents and Settings\Ants\Application Data\Smilebox\SmileboxTray.exe"
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office Find Fast Indexer.lnk = C:\MSOffice\Office\FINDFAST.EXE
    O4 - Global Startup: Microsoft Office Fast Start.lnk = C:\MSOffice\Office\FASTBOOT.EXE
    O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = C:\MSOffice\Office\MSOFFICE.EXE
    O4 - Global Startup: PictureMover.lnk = C:\Program Files\PictureMover\Bin\PictureMover.exe

    Fix it.
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    • Restart your PC

    Optimization too..
    Open notepad (Start menu --> search.., enter notepad)
    • Put these (sc... in the Quote) lines in the notepad,
    • Save the notepad as ServMod.bat on your desktop,
    • Run ServMod.bat
    • You could uninstall Yahoo! Toolbar, if you don't use it.
    You'll improve the perfomance of your pc.

    • Watch software update regulary(at 2 weeks) with Update Checker.

    After some update of Java, Adobe.. use StartUpLite
    • For remove some process (from registry entry) at the Boot.
    • List of soft manage by StartUpLite :
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...