| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 46122 | 2004-06-14 05:51:00 | Bootup Popup | Tribander (5764) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 244317 | 2004-06-14 05:51:00 | I am running Windows XP along with Internet explorer 6. Problem that I am having is each time I bootup a 25mm popup square loads in at the same time as messenger & Nortons etc, no writing in it anymore , I don't know what it is called even - it doesn't have a name or title. Two clicks on its X inside a circle and it is gone until next bootup. It first appeared 3 weeks ago after I got 4 virus's whilst on the internet , Nortons quarantined the virus's OK and since then I have used Ada_ware to cleanup my system. Nortons antivirus definitions are up to scratch. I have poked around folders and files looking for it but to no avail. I have also had a look in PC World's archives also to no avail. Could someone shed some light on how to get rid of this dominating little square. Thanks from GrandPa |
Tribander (5764) | ||
| 244318 | 2004-06-14 06:22:00 | start/run/msconfig check to see if there is any werid programs set to run at startup. if unsure just post a list of them all here. |
tweak'e (174) | ||
| 244319 | 2004-06-14 23:49:00 | Hi Tweake, Thanks for your reply. I would not be sure which programs are weird in this startup folder, they all look a bit strange to me. No 2 could be an odd ball ? Here are the startup programs in the System Configuration Utility Folder Startup Command Location 1. navapw32 C:/program~1/Nort… HKLM/software/Microsoft/Windows/CurrentVer… 2. SK2690DM SK2690DM.EXE HKLM/software/Microsoft/Windows/CurrentVer 3. NeroCheck C:/Windows/System…. HKLM/software/Microsoft/Windows/CurrentVer 4. mobsync %SystemRoot%/syst… HKLM/software/Microsoft/Windows/CurrentVer 5. dirote C:/Windows/System… HKLM/software/Microsoft/Windows/CurrentVer 6. ctfmon C:/Windows/System HKCU/software/Microsoft/Windows/CurrentVer 7.msmgs “C/Program Files/ Mes… HKCU/software/Microsoft/Windows/CurrentVer 8.SNDMon C:/PPROGRAM~1/Syman…HKCU/software/Microsoft/Windows/CurrentVer 9.Microsoft Office C:/PPROGRAM~1/MICR… Common Startup 10.WinZip Quick Pick D:/ Tempor~1/WinZip… Common Startup Thanks Tweake Regards GrandPa |
Tribander (5764) | ||
| 244320 | 2004-06-15 00:09:00 | Number 2 is apparently the Hot Key Kbd 2690 Daemon Apparently for running multimedia keys on some keyboards. Try unticking the dirote thing. The rest looks fine. |
whiskeytangofoxtrot (438) | ||
| 244321 | 2004-06-15 00:45:00 | 90 percent of them could (imo should) be disabeld,how often would you need nero to have a chat over the internet?,or need winzip and office already running in the background? | metla (154) | ||
| 244322 | 2004-06-16 01:13:00 | Did what you suggested WTF, disabled the dirote thing, I see in the General File now that the Startup Button is not ticked and has a square in it. Computer rebooted in Selective Mode instead of normal, Popup Square has gone. If I now tick normal start up mode it also re selects the dirote file in startup To get back to normal start up mode would I need to delete the dirote file which is sitting in Windows/System32/fOrOr folder, I see that some of the other past virus's files are in this folder as well. Fine too on Metla's advice about disabling Winzip/Microsoft Office and Nero from startup file. I have been reluctant to delete anything just incase it is a wanted file. Thanks for your help Guys I think we are getting somewhere. Regards GrandPa ZL1LY |
Tribander (5764) | ||
| 244323 | 2004-06-16 01:30:00 | dirote is a trojan by the look of it. TROJ_BOTIRC.A |
godfather (25) | ||
| 244324 | 2004-06-16 02:13:00 | Options are: To untick the dirote thing, when you next get the selective startup box, just select the option to not show it again. The better option is to do a full virus scan with an up to date virus scanner, or visit here: http://housecall.trendmicro.com |
whiskeytangofoxtrot (438) | ||
| 244325 | 2004-06-16 11:15:00 | Hi WTF & Godfather, I tried to stay connected to the Microtrend website to down load their house call service but my server kept disconnecting me, I'll try again tomorrow. I would of thought that an up to date Nortons would of clobbered this thing if it is a trojan virus. Thanks for your help Guys, bootup popup is gone, well done, what would we all do without your help. Bye for now Regards GrandPa |
Tribander (5764) | ||
| 244326 | 2004-06-17 00:52:00 | > I would of thought that an up to date Nortons would > of clobbered this thing if it is a trojan virus. Valid point, except that some virii have been known to disable Nortons from doing an accurate scan. By doing the online test you can be sure of it being maliciously altered |
Greg S (201) | ||
| 1 2 | |||||