Tech Support Forum - View Single Post

sUBs · 01-05-2006, 10:10 AM

Besides being slow at start-up, does your machine display any signs of malware activity like search engines, browser re-directions? Or any pop ups?

Please delete the contents of this folder, leaving it empty: (Do not delete the container folder)

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\

Locate and delete the following files/folders: (let me know if you fail to find/delete any)

C:\WINDOWS\SYSTEM32\irctplug.exe

This will clear out the System Volume Informations folder
Go to Start >> Run - type control sysdm.cpl,,4 & press Enter

Tick on the checkbox - Turn off System Restore on all drives
Click Apply

Turn it back 'On' by unticking the same checkbox & click OK

When you have completed the above, download StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'mark all'

Uncheck the following boxes only:
System/Running Process -> List Modules
System/Drivers -> NT Services
System/Drivers -> NT Kernel- and FS-drivers
Press 'OK'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Start HJT & goto Config > Misc Tools - Open Uninstall Manager

Click the Save List button & post the the resultant log here.

Please highlight any entries that looks suspicious to you

Please post StartDreck's log & the uninstall list in your next reply

01-05-2006, 10:10 AM	#12 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,335 OS: N/A	Besides being slow at start-up, does your machine display any signs of malware activity like search engines, browser re-directions? Or any pop ups? Please delete the contents of this folder, leaving it empty: (Do not delete the container folder) C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\ Locate and delete the following files/folders: (let me know if you fail to find/delete any) C:\WINDOWS\SYSTEM32\irctplug.exe This will clear out the System Volume Informations folder Go to Start >> Run - type control sysdm.cpl,,4 & press Enter Tick on the checkbox - Turn off System Restore on all drives Click Apply Turn it back 'On' by unticking the same checkbox & click OK When you have completed the above, download StartDreck Unzip to its own folder and start the program: Press 'Config' Press 'mark all' Uncheck the following boxes only: System/Running Process -> List Modules System/Drivers -> NT Services System/Drivers -> NT Kernel- and FS-drivers Press 'OK' Press 'Save' and select the location to save the log file (default is the same folder as the application) Start HJT & goto Config > Misc Tools - Open Uninstall Manager Click the Save List button & post the the resultant log here. Please highlight any entries that looks suspicious to you Please post StartDreck's log & the uninstall list in your next reply __________________ Question - what have you done for the community today?