Startup

  • SLIM
  • Beginner
  • Beginner
  • SLIM
  • Posts: 39

Post 3+ Months Ago

hi guys just need some help

i had some spyware and maleware on the pc i seemed to get rid of it all but for some reason now
none of my startup items seem to start on a reboot

such as the volume control next to the clock doesnt come up anymore and also i had mouseware items like a little mouse next to the clock too and that doesnt start up....i went to msconfig and tried it that way but it still doesnt show up even tho its checked to be started up on a boot

any ideas guys?

please help!

and systry doenst show either !
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Posts: 6244
  • Loc: Seattle, WA
  • SLIM
  • Beginner
  • Beginner
  • SLIM
  • Posts: 39

Post 3+ Months Ago

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:35:44 PM, on 1/23/2008
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCIOMON.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCPFW.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI HYDRAVISION\HYDRADM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:8080
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [Systems] C:\WINDOWS\SYSTEM\sysmon.exe
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe
O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKUS\.DEFAULT\..\Run: [ATI Launchpad] (User 'Default user')
O4 - .DEFAULT Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (User 'Default user')
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/c ... /pt3_x.cab
O16 - DPF: Video Poker - http://download.games.yahoo.com/games/c ... vpt0_x.cab
O16 - DPF: Yahoo! Spades - http://download.games.yahoo.com/games/c ... /st2_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/c ... /jt0_x.cab
O16 - DPF: Yahoo! MahJong - http://download.games.yahoo.com/games/c ... /ot0_x.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab

--
End of file - 2775 bytes
  • SLIM
  • Beginner
  • Beginner
  • SLIM
  • Posts: 39

Post 3+ Months Ago

i followed those steps as posted above

and this is the hjt log file

i know it seems empty there used to be a few more things in there

this is what it used to look like

Logfile of HijackThis v1.99.1
Scan saved at 8:05:50 PM, on 9/5/2007
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCPFW.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\PCCCLIENT.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\POP3TRAP.EXE
C:\PROGRAM FILES\IVASION\WINPOET\WINPPPOVERETHERNET.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\TREND MICRO\PC-CILLIN 2002\WEBTRAP.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\MIRC\MIRC.EXE
C:\PROGRAM FILES\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:8080
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [WinPoET] C:\Program Files\iVasion\WinPoET\WinPPPoverEthernet.exe
O4 - HKLM\..\Run: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\RunServices: [PCCIOMON.exe] "C:\Program Files\Trend Micro\PC-cillin 2002\PCCIOMON.exe"
O4 - HKLM\..\RunServices: [PCCPFW] C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe
O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe
O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\RunServices: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/c ... /pt3_x.cab
O16 - DPF: Video Poker - http://download.games.yahoo.com/games/c ... vpt0_x.cab
O16 - DPF: Yahoo! Spades - http://download.games.yahoo.com/games/c ... /st2_x.cab
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/c ... /jt0_x.cab
O16 - DPF: Yahoo! MahJong - http://download.games.yahoo.com/games/c ... /ot0_x.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O21 - SSODL: IbSgHfAva - {383A14DA-9290-BE70-F58A-CED465B30D3F} - C:\WINDOWS\SYSTEM\PMGSSF.DLL
O21 - SSODL: IbSgHfAva - {383A14DA-9290-BE70-F58A-CED465B30D3F} - C:\WINDOWS\SYSTEM\PMGSSF.DLL

as u can see there a few things i want to start up and have an icon in my systray andy ideas?
  • deathblade
  • Proficient
  • Proficient
  • User avatar
  • Posts: 419
  • Loc: u.k

Post 3+ Months Ago

Code: [ Select ]
O21 - SSODL: IbSgHfAva - {383A14DA-9290-BE70-F58A-CED465B30D3F} - C:\WINDOWS\SYSTEM\PMGSSF.DLL

O21 - SSODL: IbSgHfAva - {383A14DA-9290-BE70-F58A-CED465B30D3F} - C:\WINDOWS\SYSTEM\PMGSSF.DLL
  1. O21 - SSODL: IbSgHfAva - {383A14DA-9290-BE70-F58A-CED465B30D3F} - C:\WINDOWS\SYSTEM\PMGSSF.DLL
  2. O21 - SSODL: IbSgHfAva - {383A14DA-9290-BE70-F58A-CED465B30D3F} - C:\WINDOWS\SYSTEM\PMGSSF.DLL


looks umm you know strange i searched pmgssf.dll and got this lol

http://www.ozzu.com/mswindows-forum/need-some-help-t80723.html rofl

apart from that it looks clean
  • SLIM
  • Beginner
  • Beginner
  • SLIM
  • Posts: 39

Post 3+ Months Ago

i know my log is clean

the problem im having is

volume control next to the clock doesnt come up anymore and also i had mouseware items like a little mouse next to the clock too and that doesnt start up

and systry doenst show either
  • deathblade
  • Proficient
  • Proficient
  • User avatar
  • Posts: 419
  • Loc: u.k

Post 3+ Months Ago

http://www.snapfiles.com/Freeware/system/fwstartup.html


scroll dwn a tad it's called Quick StartUp

it will allow you to see, edit, add, things to boot you can add the programs you want to start back in
  • SLIM
  • Beginner
  • Beginner
  • SLIM
  • Posts: 39

Post 3+ Months Ago

thanx deathblade

that seems to do the trick! :)

Post Information

  • Total Posts in this topic: 8 posts
  • Users browsing this forum: No registered users and 69 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.