Ad-Aware locking up

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
Hi all-
I have an older computer with ad-aware installed. It gets so far, and then just hourglass....left it on overnight and same thing. It doesn't get too far. I have gone in and physically deleted some big files, seems like it has trouble with zip or large files. But then when it gets to the next one, it freezes up. It is showing that there are something like 73 files it has found and I can't do anything with them, because I have to shut it down and start it over. I tried to do the update file, but says nothing is found. It is on a win95 computer if that makes any difference. Thanks!
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Hi, Would like to have you post a log from HijackThis, a program (very tiny) that we use to see what problems exist.

There are directions here to do it:

http://mjc1.com/mirror/hjt/

Download it here:

http://tools.radiosplace.com/HijackThis.exe

It's a direct download so be ready with the folder for it.

Basically, you create a new folder, the desktop is OK provided you make a folder, name it something like HJT, and download TO that folder, run hijackthis.exe from there.

When it is done scanning> the Save log button will become available, save the log as hijackthis.txt which will open with Notepad. Go back to TSG, open your post, and copy and paste the entire logfile into a reply in your thread (here) and wait for advice.

Please do NOT use HJT yourself> nor the other programs yet. There are some cases where other steps are taken!
 

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
Hi--
HJT downloaded fine. But when I went to run it..it tells me that 'a required .DLL file MSVBVM60.DLL was not found'. Now what?
 

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
Ok, i think it worked this time, here's my log:

Logfile of HijackThis v1.98.2
Scan saved at 2:52:15 PM, on 9/6/04
Platform: Windows 95 (Win9x 4.00.0950)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\MOUSE SOFTWARE\BALLY4D.EXE
C:\PROGRAM FILES\PLUS!\MICROSOFT INTERNET\IEXPLORE.EXE
C:\PROGRAM FILES\RECOMMENDED HOTFIX - 421701D\V15\RH.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\JLEDER.EXE
C:\PROGRAM FILES\PLUS!\MICROSOFT INTERNET\IEXPLORE.EXE
C:\WINDOWS\DESKTOP\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SmartPops - {D5C778F1-CF13-4E70-ADF0-45A953E7CB8B} - C:\PROGRAM FILES\NETWORK ESSENTIALS\V11\NE.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\PROGRAM FILES\RECOMMENDED HOTFIX - 421701D\V15\RH.DLL
O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\ATPART~1.DLL
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\LOCALNRD.DLL
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Aspire Performance Tuner] c:\ace\prf\prfrmnce.exe
O4 - HKLM\..\Run: [Reminder] C:\ACE\REMINDER\REMINDER.exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [MoviePlace] "C:\Program Files\MoviePlace\MoviePlace.exe" /H
O4 - HKLM\..\Run: [HorngTech4D] C:\PROGRA~1\MOUSES~1\BALLY4D.EXE
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [kyynlspi] C:\WINDOWS\SYSTEM\jleder.exe
O4 - HKLM\..\Run: [CONSCORR] C:\WINDOWS\CONSCORR.exe
O4 - HKLM\..\Run: [Win Server Updt] C:\WINDOWS\wupdt.exe
O4 - Startup: welwatch.exe.lnk = C:\ace\desktop\WELWATCH.EXE
O4 - Startup: PowerReg Scheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O13 - WWW. Prefix: http://
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
You need an online antivirus scan, go here and scan the entire system:

http://housecall.antivirus.com/housecall/start_corp.asp


Set the AUTOCLEAN button by putting in a checkmark and take marks out of floppy drive, and CDROM drive...it takes awhile to load the ActiveX control but eventually will finish, and when the SCAN button turns dark, hit that button and let it scan.

if that one does not want to work, after you give it plenty of time> someone should post some others for you. One more is:

http://security.symantec.com/sscv6/default.asp?langid=ie&venid=sym

Then get back to us with a new HJT log and we will see what remains to be done. Good work!
 

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
ok, the Housecall virus scan found 5 viruses, which I deleted.. Here is my new HJT log:

Logfile of HijackThis v1.98.2
Scan saved at 5:40:07 PM, on 9/6/04
Platform: Windows 95 (Win9x 4.00.0950)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\MOUSE SOFTWARE\BALLY4D.EXE
C:\WINDOWS\DESKTOP\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: SmartPops - {D5C778F1-CF13-4E70-ADF0-45A953E7CB8B} - C:\PROGRAM FILES\NETWORK ESSENTIALS\V11\NE.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\PROGRAM FILES\RECOMMENDED HOTFIX - 421701D\V15\RH.DLL
O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\ATPART~1.DLL
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\LOCALNRD.DLL
O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Aspire Performance Tuner] c:\ace\prf\prfrmnce.exe
O4 - HKLM\..\Run: [Reminder] C:\ACE\REMINDER\REMINDER.exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [MoviePlace] "C:\Program Files\MoviePlace\MoviePlace.exe" /H
O4 - HKLM\..\Run: [HorngTech4D] C:\PROGRA~1\MOUSES~1\BALLY4D.EXE
O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
O4 - HKLM\..\Run: [CONSCORR] C:\WINDOWS\CONSCORR.exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - Startup: welwatch.exe.lnk = C:\ace\desktop\WELWATCH.EXE
O4 - Startup: PowerReg Scheduler.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O13 - WWW. Prefix: http://
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Hi, make sure you have the following settings done:

In Windows Explorer>

Open the View menu.
Click Options.
Click the View tab.
Select the "Show all Files" radio button.
Click OK to save your settings.

Add/Remove Programs::

Uninstall MediaLoads or SmartPops or similar
And NetworkEssentials , it's toobar, and MoviePlace or DownloadWare in Add/Remove Programs.



Now, fix these with HJT: No other windows open (Close all IE or other browser windows!)

O2 - BHO: SmartPops - {D5C778F1-CF13-4E70-ADF0-45A953E7CB8B} - C:\PROGRAM FILES\NETWORK ESSENTIALS\V11\NE.DLL

O2 - BHO: Recommended Hotfix - {0421701D-CF13-4E70-ADF0-45A953E7CB8B} - C:\PROGRAM FILES\RECOMMENDED HOTFIX - 421701D\V15\RH.DLL

O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\ATPART~1.DLL

O2 - BHO: CExtension Object - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL

O4 - HKLM\..\Run: [MoviePlace] C:\Program Files\MoviePlace\MoviePlace.exe /H

O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun

O4 - HKLM\..\Run: [CONSCORR] C:\WINDOWS\CONSCORR.exe

O4 - Startup: PowerReg Scheduler.exe

[Edit: Keep the Ace\Desktop entry I had here
for WELWATCH.exe------keep.

Did you put this into Internet Explorer settings, if so, keep.
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

find these files, and delete them:

C:\WINDOWS\SYSTEM\ATPART~1.DLL

C:\PROGRAM FILES\RECOMMENDED HOTFIX - 421701D\V15\RH.DLL

C:\PROGRAM FILES\NETWORK ESSENTIALS\V11\NE.DLL
C:\WINDOWS\CONSCORR.exe

C:\WINDOWS\BXXS5.DLL

C:\Program Files\MoviePlace\MoviePlace.exe" /H

Empty the Recycle Bin repost with HJT log.
 

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
Was able to delete everything I think ,but had some trouble locating ATPART~1.DLL and BXXS5.DLL.

Here's my latest log:

Logfile of HijackThis v1.98.2
Scan saved at 7:09:12 PM, on 9/6/04
Platform: Windows 95 (Win9x 4.00.0950)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\MOUSE SOFTWARE\BALLY4D.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\DESKTOP\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\LOCALNRD.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Aspire Performance Tuner] c:\ace\prf\prfrmnce.exe
O4 - HKLM\..\Run: [Reminder] C:\ACE\REMINDER\REMINDER.exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [HorngTech4D] C:\PROGRA~1\MOUSES~1\BALLY4D.EXE
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - Startup: welwatch.exe.lnk = C:\ace\desktop\WELWATCH.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O13 - WWW. Prefix: http://
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
hi, One more run of HJT:

O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\LOCALNRD.DLL

This time, reboot after HJT fix. Then:

Will need a new log, and > about the two files, they seem to be gone, so no problem, it is not unusual for some not to be found.

It would be in the C:\Windows folder,if you dont find it, that's ok.
 

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
ok here it is again,...

Logfile of HijackThis v1.98.2
Scan saved at 7:54:41 PM, on 9/6/04
Platform: Windows 95 (Win9x 4.00.0950)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\MOUSE SOFTWARE\BALLY4D.EXE
C:\WINDOWS\DESKTOP\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Aspire Performance Tuner] c:\ace\prf\prfrmnce.exe
O4 - HKLM\..\Run: [Reminder] C:\ACE\REMINDER\REMINDER.exe
O4 - HKLM\..\Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM\..\Run: [HorngTech4D] C:\PROGRA~1\MOUSES~1\BALLY4D.EXE
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - Startup: welwatch.exe.lnk = C:\ace\desktop\WELWATCH.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O13 - WWW. Prefix: http://
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Looks like it went away. Post back if anything returns>
How are things running now?
 

kkowie

Thread Starter
Joined
Mar 8, 2004
Messages
87
good! going back to retry the ad-aware software to see what all it found. Will let you all know when it's done running....
 

Byteman

Gone but Never Forgotten
Joined
Jan 24, 2002
Messages
17,742
Hi,
Forgot this one. When you are done with AdAware, post a log, and we will add this to any thing else> should only be this one thing, but ya never know. good work!

fix this, just run HJT and put check in this one:


O13 - WWW. Prefix: http://

and click to fix checked, as before.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top