All kinds of wierd problems!

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

The Rusty

Thread Starter
Joined
Nov 26, 2004
Messages
18
Well, it started with a misclick - Downloading a file, and I meant to right-click to scan with Norton... Oops, left-clicked, The icon disappeared and slapped in a whole bunch of "Free CD code!" type .exe files into my system folder. I went in and deleted those, but evey now and again, I still get a kernel32 error, and on occasion my ctrl alt del window won't open

However, most recently, I installed a new desktop theme. Included as part of the package was some adware. No problem, I just went in and cleaned that out after installing. BUt then when I booted up this morning, I had a multitude of problems.

First, an MS-DOS prompt window, blank, opened, followed by a blank error box. For whatever reason, it froze up my machine - The mouse moved, but it wouldn't click. I rebooted, same thing. Rebooted again and used ctrl+alt+del to shut down a few "on startup" programs (ICQ, Winamp, that stuff), and it still happened. Soooo, fourth time, I reboot, and shut those down again, as well as Explorer.

Well, my desktop background showed up, but no icons. I rebooted, AGAIN, and shut down just explorer - Again, background image, no icons or toolbar, but my ICQ, MSN, and all that loaded normally. I shut down ICQ, and suddenly my icons and toolbar popped up. I booted up Ad-Aware, scanned, and came up with a bunch of E-Zula crap left over from that theme install, cleared it out, and then used HijackThis to get a log before heading to work.

Well, here's the log - Off-hand the only thing that really strikes me as suspicious is "antivirus.exe", because it's located directly in my system folder. I don't know if that's normal or not :)

So... Here's the log:

Logfile of HijackThis v1.98.2
Scan saved at 9:01:48 AM, on 6/2/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MESSENGER PLUS! 3\MSGPLUS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\ANTIVIRUS.EXE
C:\WINDOWS\NOTEPAD.EXE
C:\PROGRAM FILES\ICQ\ICQ.EXE
C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://206.65.59.244/chat/woods#start"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\c2ddsbvb.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\c2ddsbvb.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [OEMCleanup] C:\WINDOWS\OPTIONS\OEMRESET.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [WorksFUD] c:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] c:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [3dfx Tools] rundll32.exe 3dfxCmn.dll,CMNUpdateOnBoot
O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [antivirus32] ANTIVIRUS.EXE
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\RunOnce: [antivirus32] ANTIVIRUS.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: PowerReg Scheduler V3.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...ple.com/drakken/us/win/QuickTimeInstaller.exe
O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt3_x.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
81,536
You've also got way too many unnecessary programs loading during startup and running in the background.

You can disable the following programs by unchecking them in the MSCONFIG "Startup" tab:

AHQTB.EXE

WKFUD.EXE


QTTASK.EXE
(Also, do a "find" for the QTTASK.EXE file and delete it)

ICQNET.EXE
(You can manually start this program when you're ready to chat)

MSTASK.EXE
(If you don't have your computer set to run maintenance tasks at certain times, which most people don't, you can disable it)

MSGPLUS.EXE
(You should actually uninstall this because it causes problems and it's full of spyware)

YPAGER.EXE
(You can manually start this program when you're ready to chat)

MSNMSGR.EXE
(You can manually start this program when you're ready to chat)

OSA9.EXE
(This one is a big resource hog)

Once you finish, click Apply - OK, then reboot.

Doing the above does not uninstall any of these programs. It merely prevents them from loading during startup and running in the background.

The larger the startup load is kept, the longer it will take to start up, the slower its overall performance will be, and the more problems you will have with freezes and error messages.

----------------------------------------------------------------

Make good use of Ad-aware SE Personal 1.05 and Spybot - Search & Destroy 1.3 to keep spyware and other "nasties" at bay. Make sure to use the most current version, and make sure to keep them up-to-date about once a week. You can get them both here.

----------------------------------------------------------------
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top