1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Any more hangs and I'm gonna...

Discussion in 'Virus & Other Malware Removal' started by kaleolani65, Sep 27, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. kaleolani65

    kaleolani65 Thread Starter

    Joined:
    Sep 25, 2003
    Messages:
    34
    Systemm keeps hanging up. Thought I got rid of Istbar and xrenoder stuff. But I could have swore that something was entered in to msconfig I don't think it was there before: Under the autoexecbat(i think it was that tab) there is something there titled

    set blaster = A220 "#####"
    REM HEADER
    And a checkmark (enabled)

    And in config.sys there is an entry

    Setver.exe (also enabled w/check)

    Anyone have any ideas????
    Any help would be appreciated and rewarded with a sincere "thank You"

    Duh you might wanna know this

    Win 98
    400Mhz PenII
    64k RAM
    10.x Gig HD
    (Iknow it's a dinosaur)
    Maybe a Dispensation too?
    Alright you got me it's the Pope.
    :mad:
     
  2. kaleolani65

    kaleolani65 Thread Starter

    Joined:
    Sep 25, 2003
    Messages:
    34
    Oh yeah, after about an hour or two my sys resources are down 7-15% and I gotta reboot.
     
  3. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    Hi kaleolani65

    set blaster = A220 "#####"...............is probably to do with your soundcard

    Setver.exe............ is to do with DOS

    http://www.obrienpc.net/dos/z-setver.html

    So doesn't look like anything malicious there

    As for your sys resources - no wonder you have to reboot with them that low

    A hijackthis log may give us a clue

    Please Download hijackthis

    http://tomcoyote.org/hjt

    Unzip, doubleclick HijackThis.exe, and hit "Scan".

    After the scan has finished the "scan" button will turn into a "save log" button

    save the log file and paste it here

    steam
     
  4. kaleolani65

    kaleolani65 Thread Starter

    Joined:
    Sep 25, 2003
    Messages:
    34
    Logfile of HijackThis v1.97.2
    Scan saved at 1:05:20 PM, on 9/27/03
    Platform: Windows 98 Gold (Win9x 4.10.1998)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RNAAPP.EXE
    C:\WINDOWS\SYSTEM\TAPISRV.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\MY DOCUMENTS\DOWNLOADS\NEW\HIJACKTHIS\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O8 - Extra context menu item: &Define - C:\WINDOWS\Web\ERS_DEF.HTM
    O8 - Extra context menu item: Look Up in &Encyclopedia - C:\WINDOWS\Web\ERS_ENC.HTM
    O8 - Extra context menu item: &Search the Web - C:\WINDOWS\Web\ERS_SRC.HTM
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://lw8fd.law8.hotmail.msn.com/activex/HMAtchmt.ocx
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37889.1075810185
    O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
    O18 - Protocol: pcn - {D540F040-F3D9-11D0-95BE-00C04FD93CA5} - C:\PROGRAM FILES\ENCOMPASS\V1MK.DLL

    In regards to entry 018, it originally was cleared so that HJthis wasnt seeing it I was then instructed to reboot and find the folder "Encompass" and delete it, I followed the instructions. On the next reboot the folder was gone but 018 showed up in the log, when I selected it and tried "fix probs" it would not go away and obviously still wont go away.
     
  5. steamwiz

    steamwiz

    Joined:
    Oct 4, 2002
    Messages:
    2,773
    kaleolani65

    Your logs clean apart from

    O18 - Protocol: pcn - {D540F040-F3D9-11D0-95BE-00C04FD93CA5} - C:\PROGRAM FILES\ENCOMPASS\V1MK.DLL

    I can't find anything on this,

    Are you saying the folder appears to no longer be on your hard drive - but hijackthis is still finding it ?

    You best option might be to hit the "report" button at the top of this post, and have this thread moved to security.
     
  6. ~Candy~

    ~Candy~ Retired Administrator

    Joined:
    Jan 27, 2001
    Messages:
    103,706
    Wow, you need to go to start, run, msconfig, ok, startup tab and get that scanregistry entry put back in there. That is a lifesaver. BTW, where is your virus program????

    I'm in Vegas too :D
     
  7. kaleolani65

    kaleolani65 Thread Starter

    Joined:
    Sep 25, 2003
    Messages:
    34
    Will do on the scanreg... No virus protection got my puter on an intense regimen of anti-biotics. Any suggestions as to protection?

    Lost on the 018 entry, it's like my last girlfriend moved in when I was'nt lookin and hard as hell to get out. But, I guess we've all been in that situation.

    Vegas, ah it's a lovely place is'nt it? You work? School? CEO of Kidsgonnamakemenuts INC.?
     
  8. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/167894

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice