Problem

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

BerneDog

Thread Starter
Joined
Feb 3, 2003
Messages
48
Hey, I am having a problem with my computer. I am not sure if something was installed or whatever but my configuration settings are messing up. The colours are messed up and it wont let me return to 800X600 pixels when I click it in settings. The following files have been altered in the past few days, not of my own doing: powerpnt,system and wavemix- all configuration files.

When I boot up the colours are gone really and it asks me for a USER password. I am on windows 98 and my graphics card is sis multimedia V1.32. The sound appears to be gone too. Its really a problem with the configuration settings I think. I did a virus check and there was none so any help or advice would be great.

I dont have a windows disk though as the company that made my computer a few years ago didnt give me one and when I emailed them for support today they havent emailed me back.

If anyone has any idea how to go back to the normal configuration settings or fix my problem I would be grateful. Thanks in advance.
 
Joined
May 10, 2002
Messages
134
What operating system? I'll assume you're using Win98.. other versions of windows will be similar to this:

Do me a favor and check something out first. Click "start"-->"settings" -->"control panel" then click the "system" icon, and click the "device manager" tab. Expand the "Display adapter" tree, and post back exactly what is listed for that.

SiS Multimedia v1.32 seems to be the driver version, but i don't think that tells us what chipset you're using, which we need. Once we have that info (or verified it), we can find you a driver.

Let us know if you have more questions.
 

JohnWill

Retired Moderator
Joined
Oct 19, 2002
Messages
106,429
After you do the virus scan, I'd consider reinstalling the video drivers, since they appear to be missing.
 

BerneDog

Thread Starter
Joined
Feb 3, 2003
Messages
48
Hey, Thanks for the help so far.

I did a virus scan from that site and it appears I have 2 trojans.

1 is REG STARTPAGE.A which is the one that I think is affecting the most and the other is Troj SUA.A

If anyone can provide removal tools for the pair or advice I would be most grateful, especially the first one.

Thanks alot.
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Hi, Here is one tool. http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=REG_STARTPAGE.A

Most likely, they have remover for the other, too.
You may have trouble using the online virus scanner at Housecall....lots of people do, the infection makes it worse. it can take up to 20 minutes or more to get the download to scan system online....but eventually, it should allow you to scan.
it looks like it stops at 95% lots of times....but will finish if you can stand the wait!

Symantec has a remover, too.http://securityresponse.symantec.com/avcenter/venc/data/trojan.startpage.html
 

BerneDog

Thread Starter
Joined
Feb 3, 2003
Messages
48
Hey, I followed the instructions and got rid of the first one. However SUA.A is causing me problems. I followed the instructions and deleted what needed to be deleted but it still finds the infected files when I scanned again.

They are

windows/temp/ff09072.TMP*bvt.exe
ff0A061.TMP*ABS
ff016.TMP*f39bb1

There is also another two in the same ending *bvt and *aus or something to that affect.

Anyone know how I can get rid of them?
 

BerneDog

Thread Starter
Joined
Feb 3, 2003
Messages
48
Originally posted by exocet:
What operating system? I'll assume you're using Win98.. other versions of windows will be similar to this:

Do me a favor and check something out first. Click "start"-->"settings" -->"control panel" then click the "system" icon, and click the "device manager" tab. Expand the "Display adapter" tree, and post back exactly what is listed for that.

SiS Multimedia v1.32 seems to be the driver version, but i don't think that tells us what chipset you're using, which we need. Once we have that info (or verified it), we can find you a driver.

Let us know if you have more questions.
Its sis6326. I think I will need the driver after I get rid of the virus as they are messed up. If you can help me out I would be grateful.
 
Joined
Dec 10, 2001
Messages
3,687
These are just temp files and can be deleted. Go to ...
C:windows\temp...
Click edit >select all, then delete. Reboot your computer to make sure all is ok......then empty your recycle bin.

Debe
 

BerneDog

Thread Starter
Joined
Feb 3, 2003
Messages
48
The colours etc are still wonky. The viruses are gone but I still think its something to do with the configuration files which appear to modify every time I boot up, according to find anyways.

Here is the thing that I think is the problem. It is the configuration file system and here are its details. I think something is changed so if anyone can give any advice: I still think its this and powerpnt and wavemix.

[default]
WaveBlockLen=688
WaveBlocks=5
Remix=1

þ[‡•ÿÿÿÿÿÿ?ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ

[drivers]
wave=mmsystem.dll

[drivers]
midi=mmsystem.dll

[boot]
*DisplayFallback=0

[boot]
*DisplayFallback=0

[Password Lists]
USER=C:\WINDOWS\USER001.PWL

[boot]
*DisplayFallback=1

[boot]
*DisplayFallback=0

[boot]
*DisplayFallback=1

[boot]
*DisplayFallback=0

[boot]
*DisplayFallback=0

[boot]
*DisplayFallback=0

[boot]
*DisplayFallback=1

[boot]
*DisplayFallback=0

[Password Lists]
USER=C:\WINDOWS\USER002.PWL

[boot]
*DisplayFallback=1

[boot]
*DisplayFallback=0

[boot]
*DisplayFallback=1

[boot]
*DisplayFallback=0

[boot]
mouse.drv=mouse.drv

[386Enh]
mouse=*vmouse, msmouse.vxd
EMMExclude=C000-CFFF

[boot.description]
mouse.drv=WebLink Mouse
display.drv=SiS 6326

[TTFontDimenCache]
0 12=7 12
0 13=8 13
0 14=8 14
0 15=9 15
0 16=10 16
0 18=11 18
0 20=12 20
0 22=13 22
 

BerneDog

Thread Starter
Joined
Feb 3, 2003
Messages
48
Come on chaps.

HELP, I NEED SOMEBODY

HELP, NOT JUST ANYBODY

PLEAAAAAAASSSSEEEE
 
Joined
May 10, 2002
Messages
134
If he's been deleting the files and they're still appearing, then it sounds like the trojan is leaving some garbage in the registry. Go to "start" ->"run", type "regedit" in the box and hit ok. The FIRST thing you want to do, and I CANT STRESS THIS ENOUGH, is to go to "Registry"--> "Export Registry File" and save a copy someone SAFE. This will backup your registry.

Now goto "edit" --> "Find" and for the search string, start by typing in the EXACT filenames that your instructions were telling you to delete. IF IN DOUBT, DO NOT DELETE ANYTHING. Deleting the wrong thing can result in your computer not working!

I've had to delete a trojan before manually, and it did require me to find and delete certain registry keys before i could delete files off my machine, because they kept reappearing as well after rebooting.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top