Antivirus Protection
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsSystem AdministrationAntivirus Protection
Reload this Page

Virus that affects Display settings and time!

Discuss Virus that affects Display settings and time! in the Antivirus Protection forum on Dev Shed.
Virus that affects Display settings and time! Antivirus Protection forum discussing issues relating to antivirus programs, spyware, hijack protection, and personal firewalls for all operating systems. Keep your systems protected from hackers and other hazards.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old February 13th, 2005, 11:01 PM
alienalias alienalias is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Feb 2005
Posts: 5 alienalias User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 59 m
Reputation Power: 0
Virus that affects Display settings and time!
Alright.... I somehow got a virus that has my Display setting set at 16 colors and 640x480! It has also erased my clock. This is obviously incredibly frustrating and makes it near impossible to do anything efficiently on this ol' PC. I reset the Display settings which informs me I must restart for them to take effect... to no avail, I restart.... at which point PC asks me to hit F7 or something to reset original settings or F something else to cancel and go ahead. Tried both ways. No luck. It also has me hit F1 or something to set the clock. If there is anything anyone can do, I would be very grateful, and extend sincere thanks for any offer of help I may receive. Anyway, Hijack this log is:

Logfile of HijackThis v1.98.2
Scan saved at 1:19:36 AM, on 2/13/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\PEOPLEPC ACCELERATED\PROPELAC.EXE
C:\PROGRAM FILES\ISP50\BIN\BARTSHEL.EXE
C:\WINDOWS\SYSTEM\HPZTSB09.EXE
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\ISP50\BIN\PPSHARED.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE
C:\PROGRAM FILES\ISP50\BIN\BARTSHEL.EXE
C:\PROGRAM FILES\ISP50\DIALER\DIALER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS\HIJACKTHIS1982.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.miami.com/mld/miamiherald/sports/football
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.miami.com/mld/miamiherald/sports/football
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T Broadband Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
O2 - BHO: &EliteBar - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll
O2 - BHO: (no name) - {8A84E645-2F8D-11D9-80D3-000897D9EE98} - C:\WINDOWS\SYSTEM\AMDCOI.DLL
O3 - Toolbar: &EliteBar - {825CF5BD-8862-4430-B771-0C15C5CA8DEF} - C:\WINDOWS\EliteToolBar\EliteToolBar version 53.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [ATTRedUpate] C:\PROGRAM FILES\COMMON FILES\AT&T\REDCON\PROGRAMS\AutoUpdate.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Propel Accelerator] "C:\PROGRAM FILES\PEOPLEPC ACCELERATED\PROPELAC.EXE"
O4 - HKLM\..\Run: [WinAuth] C:\WINDOWS\winlogon.exe
O4 - HKLM\..\Run: [Bart Station] C:\Program Files\ISP50\hta\station.sbrt
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb09.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SPYSWEEPER.EXE" /0
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet
O4 - Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office\OSA9.EXE
O8 - Extra context menu item: >> SEARCH >> - http://listdating.com/se.htm
O8 - Extra context menu item: >> DATING >> - http://listdating.com/dt.htm
O8 - Extra context menu item: Sport Betting - http://listdating.com/se/se1.htm
O8 - Extra context menu item: Online Casino - http://listdating.com/se/se2.htm
O8 - Extra context menu item: Car Insurance - http://listdating.com/se/se3.htm
O8 - Extra context menu item: Health Insurance - http://listdating.com/se/se4.htm
O8 - Extra context menu item: Business - http://listdating.com/se/se5.htm
O8 - Extra context menu item: Finance - http://listdating.com/se/se6.htm
O8 - Extra context menu item: Loans - http://listdating.com/se/se7.htm
O8 - Extra context menu item: Viagra - http://listdating.com/se/se8.htm
O8 - Extra context menu item: Escorts - http://listdating.com/se/se9.htm
O8 - Extra context menu item: Adult - http://listdating.com/se/se10.htm
O8 - Extra context menu item: Porn - http://listdating.com/se/se11.htm
O8 - Extra context menu item: Games - http://listdating.com/se/se12.htm
O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\PeoplePC Accelerated\pac-page.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\PeoplePC Accelerated\pac-image.html
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra button: (no name) - {97C66720-F390-11D5-80D3-0008C74B081A} - (no file) (HKCU)
O12 - Plugin for .adp: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
O18 - Protocol: icoo - {4A8DADD4-5A25-4D41-8599-CB7458766220} - C:\WINDOWS\MSOPT.DLL
Reply With Quote
  #2  
Old February 15th, 2005, 10:37 AM
alienalias alienalias is offline
Registered User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Feb 2005
Posts: 5 alienalias User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 59 m
Reputation Power: 0
ANYbody???? Please? A little help here?
Just what I said!
Reply With Quote
  #3  
Old February 15th, 2005, 02:18 PM
gruntz gruntz is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Feb 2004
Posts: 53 gruntz User rank is Private First Class (20 - 50 Reputation Level)gruntz User rank is Private First Class (20 - 50 Reputation Level) 
Time spent in forums: 22 h 39 m 25 sec
Reputation Power: 5
Sounds like corrupt display drivers. Did you try to reinstall them?
Reply With Quote
  #4  
Old February 15th, 2005, 05:57 PM
JuanCarlos JuanCarlos is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Dec 2004
Location: South of ENGLAND!!!
Posts: 43 JuanCarlos User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 30 m 37 sec
Reputation Power: 4
You need to seriously clean up your machine, its crawling with malware!!!

Before we try and tamper with HJT stuff, we'll start lightly and attempt these 3 steps:

1st: You have no antivirus software!!! Alls not lost however, go to
www.grisoft.com and download AVG 7 Free Edition, run it and
allow it to remove anything it finds
2nd: No firewall either!!! Go to www.zonelabs.com and download
ZoneAlarm
3rd: Is your PC fully updated? Check the updates section on
Microsofts website and download all of the priority updates!!!

While on the MS site, download their antispyware Beta, it may be more effective than the one you have now

Please post a fresh HJT log

JuanCarlos
Reply With Quote
Reply

Viewing: Dev Shed ForumsSystem AdministrationAntivirus Protection > Virus that affects Display settings and time!

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 3 hosted by Hostway
Stay green...Green IT