1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

All kinds of wierd problems!

Discussion in 'Earlier Versions of Windows' started by The Rusty, Feb 2, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. The Rusty

    The Rusty Thread Starter

    Joined:
    Nov 26, 2004
    Messages:
    18
    Well, it started with a misclick - Downloading a file, and I meant to right-click to scan with Norton... Oops, left-clicked, The icon disappeared and slapped in a whole bunch of "Free CD code!" type .exe files into my system folder. I went in and deleted those, but evey now and again, I still get a kernel32 error, and on occasion my ctrl alt del window won't open

    However, most recently, I installed a new desktop theme. Included as part of the package was some adware. No problem, I just went in and cleaned that out after installing. BUt then when I booted up this morning, I had a multitude of problems.

    First, an MS-DOS prompt window, blank, opened, followed by a blank error box. For whatever reason, it froze up my machine - The mouse moved, but it wouldn't click. I rebooted, same thing. Rebooted again and used ctrl+alt+del to shut down a few "on startup" programs (ICQ, Winamp, that stuff), and it still happened. Soooo, fourth time, I reboot, and shut those down again, as well as Explorer.

    Well, my desktop background showed up, but no icons. I rebooted, AGAIN, and shut down just explorer - Again, background image, no icons or toolbar, but my ICQ, MSN, and all that loaded normally. I shut down ICQ, and suddenly my icons and toolbar popped up. I booted up Ad-Aware, scanned, and came up with a bunch of E-Zula crap left over from that theme install, cleared it out, and then used HijackThis to get a log before heading to work.

    Well, here's the log - Off-hand the only thing that really strikes me as suspicious is "antivirus.exe", because it's located directly in my system folder. I don't know if that's normal or not :)

    So... Here's the log:

    Logfile of HijackThis v1.98.2
    Scan saved at 9:01:48 AM, on 6/2/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\MESSENGER PLUS! 3\MSGPLUS.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
    C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\ANTIVIRUS.EXE
    C:\WINDOWS\NOTEPAD.EXE
    C:\PROGRAM FILES\ICQ\ICQ.EXE
    C:\PROGRAM FILES\HIJACK\HIJACKTHIS.EXE

    N3 - Netscape 7: user_pref("browser.startup.homepage", "http://206.65.59.244/chat/woods#start"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\c2ddsbvb.slt\prefs.js)
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\c2ddsbvb.slt\prefs.js)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [OEMCleanup] C:\WINDOWS\OPTIONS\OEMRESET.EXE
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [WorksFUD] c:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] c:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [3dfx Tools] rundll32.exe 3dfxCmn.dll,CMNUpdateOnBoot
    O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [antivirus32] ANTIVIRUS.EXE
    O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
    O4 - HKCU\..\RunOnce: [antivirus32] ANTIVIRUS.EXE
    O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Startup: PowerReg Scheduler V3.exe
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
    O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...ple.com/drakken/us/win/QuickTimeInstaller.exe
    O16 - DPF: Yahoo! Checkers - http://download.games.yahoo.com/games/clients/y/kt3_x.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
     
  2. jd_957

    jd_957 Banned

    Joined:
    Dec 30, 2004
    Messages:
    1,099
    if you can, download the new HJT and repost. you are running the old version. if not, i am sure we can get something from the one you have..

    http://www.tomcoyote.org/hjt/
     
  3. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,728
    First Name:
    Frank
    You've also got way too many unnecessary programs loading during startup and running in the background.

    You can disable the following programs by unchecking them in the MSCONFIG "Startup" tab:

    AHQTB.EXE

    WKFUD.EXE


    QTTASK.EXE
    (Also, do a "find" for the QTTASK.EXE file and delete it)

    ICQNET.EXE
    (You can manually start this program when you're ready to chat)

    MSTASK.EXE
    (If you don't have your computer set to run maintenance tasks at certain times, which most people don't, you can disable it)

    MSGPLUS.EXE
    (You should actually uninstall this because it causes problems and it's full of spyware)

    YPAGER.EXE
    (You can manually start this program when you're ready to chat)

    MSNMSGR.EXE
    (You can manually start this program when you're ready to chat)

    OSA9.EXE
    (This one is a big resource hog)

    Once you finish, click Apply - OK, then reboot.

    Doing the above does not uninstall any of these programs. It merely prevents them from loading during startup and running in the background.

    The larger the startup load is kept, the longer it will take to start up, the slower its overall performance will be, and the more problems you will have with freezes and error messages.

    ----------------------------------------------------------------

    Make good use of Ad-aware SE Personal 1.05 and Spybot - Search & Destroy 1.3 to keep spyware and other "nasties" at bay. Make sure to use the most current version, and make sure to keep them up-to-date about once a week. You can get them both here.

    ----------------------------------------------------------------
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/326073

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice