Edited by FaCeMaKeR, 28 July 2004 - 08:27 AM.
Irritant driver, W:
Started by
FaCeMaKeR
, Jul 28 2004 08:27 AM
#1
Posted 28 July 2004 - 08:27 AM
#2
Posted 28 July 2004 - 11:29 AM
Hi FaCeMaKeR, welcome to Geeks to Go!
Please run a free online virus scan here:
http://housecall.antivirus.com/
And a free trojan scan here:
http://www.moosoft.com/
When finished, let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.
Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.
Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
Please run a free online virus scan here:
http://housecall.antivirus.com/
And a free trojan scan here:
http://www.moosoft.com/
When finished, let us take a closer look at what is running on your PC. We'll need you to use a free diagnostic tool (HiJackThis) and post a log back here with the results.
Click the HijackThis Guide in my signature, download it and follow the instructions in the guide.
Most of what it lists will be harmless or even essential, DO NOT delete or modify anything yet! Someone will be along to tell you what steps to take after you post the contents of the scan results.
#3
Posted 28 July 2004 - 03:43 PM
HouseCall find one virus, it was uncleanable so I deleted it. It was in C:\ie.reg, I dont remember the name. The Cleaner didn't find anything.Please run a free online virus scan here:
http://housecall.antivirus.com/
And a free trojan scan here:
http://www.moosoft.com/
Here's HJT log:
Logfile of HijackThis v1.98.0
Scan saved at 0:40:36, on 29.7.2004
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ATI2PLAB.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\RUNSERVICE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\AGATE TIOMAN FOR HP\TIOMAN.EXE
C:\WINDOWS\SYSTEM\IRMON.EXE
C:\WINDOWS\SYSTEM\ATIPTAAB.EXE
C:\PROGRAM FILES\LABTEC\WIRELESS MOUSE\MOUSE32A.EXE
C:\PROGRAM FILES\ANALOGX\NETSTAT LIVE\NSL.EXE
C:\PROGRAM FILES\AVPERSONAL\AVGCTRL.EXE
C:\PROGRAM FILES\SLICKRUN\SR.EXE
C:\PROGRAM FILES\WHATPULSE\WHATPULSE.EXE
C:\WINDOWS\IRXFER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\SINTTI_STUFF\MIRC\MIRC.EXE
C:\SINTTI_STUFF\BOTTI\MIRC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\OPERA75\OPERA.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\SINTTI_STUFF\SOFTAT\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sonera.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=www-proxy.th.tele.fi:8000;ftp=www-proxy.th.tele.fi:8000
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEINT.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\PROGRAM FILES\TECHSMITH\SNAGIT 7\SNAGITBHO.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\PROGRAM FILES\TECHSMITH\SNAGIT 7\SNAGITIEADDIN.DLL
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TiomanExe] C:\Program Files\Agate Tioman for HP\Tioman.Exe
O4 - HKLM\..\Run: [AtiGart] c:\Ati\Gart\AtiGart.exe
O4 - HKLM\..\Run: [IrMon] IrMon.exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaab.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Labtec\Wireless Mouse\MOUSE32A.EXE
O4 - HKLM\..\Run: [NetStat Live] C:\PROGRAM FILES\ANALOGX\NETSTAT LIVE\NSL.EXE
O4 - HKLM\..\Run: [AVGCtrl] "C:\PROGRA~1\AVPERS~1\AVGCTRL.EXE" /min
O4 - HKLM\..\Run: [Startup Manager Scanner] C:\PROGRAM FILES\STARTUP MECHANIC\StartupScanner.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2plab.exe
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKLM\..\RunServices: [LicCtrl] runservice.exe
O4 - HKCU\..\Run: [SlickRun] "C:\PROGRAM FILES\SLICKRUN\SR.EXE"
O4 - HKCU\..\Run: [WhatPulse] C:\PROGRAM FILES\WHATPULSE\WHATPULSE.EXE
O8 - Extra context menu item: Download with Star Downloader - C:\PROGRAM FILES\STAR DOWNLOADER\sdie.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.co...wnload/cult.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = ns.tele.fi
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 193.210.18.18,193.210.19.190
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users