Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

stick bugs

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: stick bugs

Unread postby shinybeast » February 17th, 2010, 10:56 pm

Hi drew,

I confused locations for PlusStart.exe.
This is the file that seems suspicious. It was on the C: drive actually.
C:\Driver Install Disk\CD_v3.2NM (H)\Utility\ProMagicPlus\FILES\PlusStart.exe TrojWare.Win32.Trojan.Agent.Gen@5226799 Success

If you didn't install the program, then it probably isn't responsible for the issues. If you were to use the program in the future, I suggest you re-download it from a good source. It appears comodo quarantined it, so delete the C:\Driver Install Disk\CD_v3.2NM (H)\Utility\ProMagicPlus folder if it is still there.

In my add/remove programs is a "Realtek high definition audio driver". It is running in my processes and is it connected to this O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)?


Yes, ALCMTR.exe is connected to the audio driver but is not necessary to run at startup for it to function. Keep the driver (Realtek high definition audio driver) installed so that your sound works.

I am also wondering why Eset picked up HomePatrol as a problem. Do you think it was a false positive or maybe there is something to it?


It could be a false positive or it could be infected. It is the only thing I see that might be a problem.

We can get a second opinion.

Upload file for scanning

  • Please visit Jotti's Malware Scan
  • Click the Browse button near the top of the page.
  • Copy and paste the file and path below into the File Name box and click Open
    C:\Program Files\PC Magazine Utilities\HomePatrol\HomePatrol.exe
  • Click Submit and wait for the scanning to complete
  • Bookmark/Add to Favorites the scan page and copy the address/URL in the location bar and paste that URL in your next reply.

Just to sum up there are two issues; the computer wanting to accept an incoming connection (from 66.248.36.36) when online and the printing issue when online.
The computer connects to the internet via dial-up. It is not networked with other computers and just connects to the phone line. Correct?
Please tell me who your internet provider is. Also, what program are you reading/printing emails with when online?

Please include the Jotti link in your next reply along with answers to my questions about the issues.
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)
Advertisement
Register to Remove

Re: stick bugs

Unread postby drew » February 20th, 2010, 3:55 am

Ok, Thank you

C:\Driver Install Disk\ folder is deleted

Looks like Homepatrol is false positive from heuristics scan? It's a web cam program that was put on the computer for me.

http://virusscan.jotti.org/en/scanresul ... 8922fd1b21

Three issues -
1. Comodo alerting to an incoming connection (from 66.248.36.36) when downloads are running.
2. In ability to print when in email (possibly online problem)
3. Internet dial up connection running very slowly (at 14-30kb when it should be 50kb)

The computer is connected to dial up by phone line, no network.
Provider is peoplepc and email is peoplepc. I tried printing in both regular screen and from the page made for printing, neither work.
drew
Regular Member
 
Posts: 21
Joined: January 25th, 2010, 1:19 am

Re: stick bugs

Unread postby shinybeast » February 20th, 2010, 7:07 pm

Hi drew,

I agree, Homepatrol looks like a false positive.

I think that you should allow the connection to 66.248.36.36 and see if that influences the speed of your connection. I found a connection between Paetec and PeoplePC and although not definitive, I think it is safe to allow the connection and see what happens. Then see if that has any affect on the online printing issue.

Also, can you print if you are offline?
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: stick bugs

Unread postby drew » February 20th, 2010, 9:08 pm

Hi Shinybeast,

Ah interesting. I will call around and ask about that Paetec too.

It prints fine offline from documents within the computer. And it printed emails fine in the beginning before the thumb drive went in.
drew
Regular Member
 
Posts: 21
Joined: January 25th, 2010, 1:19 am

Re: stick bugs

Unread postby shinybeast » February 24th, 2010, 12:42 pm

Hi drew,

Are you still with us?

Please let me know how things are going otherwise...
After 24 hrs., if you have not replied to this thread... it will be closed!
User avatar
shinybeast
Retired Graduate
 
Posts: 1187
Joined: October 29th, 2008, 6:56 pm
Location: -5 hrs GMT (EST)

Re: stick bugs

Unread postby jmw3 » February 26th, 2010, 1:41 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 62 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware