|
|
#1
October 10th, 2005, 04:22 PM
|
||||
|
||||
XP PRO mystery files?
Anyone know what c\windows\is-omlcr.exe & is-omlcr.lst files are from/for? Google search on them turned up nothing.
Had/have registry entry from hell left over from JR's Installer, that calls to file is-gsv13.exe in c:\windows - a file that no longer is there; tried everything to kill that registry entry, including advice from JR and to no avail thus far; said registry entry returns almost instantly. The Reg. entry is "viral like" but is not a nasty; my 384,000 security apps I run say it's not anything evil --- but I thought the above two files I asked about were related to the missing .exe file that the Registry entry calls to(?) Thanks for hlp/info, SG1 (Pat) |
|
#2
October 11th, 2005, 11:39 AM
|
||||
|
||||
|
Re: XP PRO mystery files?
I did a Google search on just "GSV.EXE" because I assumed that the 13 was a version number. I came up with some interesting results:
http://www.google.com/search?hl=en&l...22&btnG=Search
__________________
Quote:
|
|
#3
October 11th, 2005, 01:45 PM
|
||||
|
||||
|
Re: XP PRO mystery files?
Close Hauled;
See link (to) Symantec's site, re my query: found note at newsgroup for JR's Installer, and it would seem that someone's already using that app for installing crap. http://securityresponse.symantec.com....atwinspy.html The Registry entry in my case, calls to a file "is-gsv13.exe" that is not on any of 3 HDs (or at least not under that name) and hence, gives an error msg. at each bootup that said file can't be found in Windows DIR. IF I have/had, a nasty on this PC while running 394,000 security apps, I'll give it up and unplug the sucker in sheer dismay. My Program Files DIR literally runs from A to X re apps and almost all are security or PC maintenance related. Anti worm(2)/anti trojan(2)/Avs (3) min. running while on net, and all manner of apps that lock down browser and OS proper. I could cut and paste a software audit of apps I use (from Belarc Advisor) here, that would make your head spin and eyes glaze over, from reading <g> and if I had been nailed by a nasty, I'd fill the tub with gin and cut my wrists. Not really, of course, but I would be really steamed over being whacked by some ***hole. ButButBut... any further thoughts on this? I've found your help and thoughts on PC things to be well reasoned, and a help, so if you have opinions, by all means I'd love to hear 'em. Thanks, SG1 (Pat) ===================================== *** Have added file from TrojanHunter scan - not sure what it means, but just the word "alternate" data stream sounds scary?! What is this? Last edited by SG1 : October 11th, 2005 at 02:58 PM. Reason: Further info added: |
|
#4
October 12th, 2005, 04:36 PM
|
||||
|
||||
|
Re: XP PRO mystery files?
SG1,
The following entry looks like it is an address that has been obfuscated, or a temp directory: Setup2=QWaAwMsrjVN8IynZ4AdAm/s5kATQFwc If we could see the entire line of text, then maybe we can deobfuscate it, or figure out what the address is. I would also move this to the trojan section. People there are more capable when it comes to tracking down unknown processes.
__________________
Quote:
Last edited by Close_Hauled : October 12th, 2005 at 07:21 PM. |
|
#5
October 13th, 2005, 07:55 PM
|
||||
|
||||
|
Re: XP PRO mystery files?
Try using the free Kaspersky Webscanner, i seem to remember that you use AVG? Gsv.exe you can remove as it is up to no good.
__________________
Errare humanum est |
|
#6
October 14th, 2005, 05:10 AM
|
||||
|
||||
|
Re: XP PRO mystery files?
Don;
Thanks for reply/info: but the file is-gsv13.exe or even gsv.exe does not exist on our PC - it's just a Registry entry that I can't get rid of, that calls to said WIN dir file, and thus - I get error msg. at bootup time. (So, there is no file to be scanned - it's not there). SG1 (Pat) |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
