1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I've had it....Computer crashes over and over again

Discussion in 'Virus & Other Malware Removal' started by sunny66, Dec 25, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    :eek: My computer freezes over and over again. I ran adwareSE, Spybot, and my anti-virus program, all to no avail. Spybot found WildTangent, but was unable to delete it. Spybot then ran right after starting the computer, but after scanning the computer froze again. This happened several times. What I find very strange is that if I want to shut off the computer it seems very busy and it takes forever to shut down. So something is definitely going on. ( Excuse my English....) Please help!!!
    This is my log file:
    Logfile of HijackThis v1.99.1
    Scan saved at 1:43:51 a.m., on 12/25/05
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    c:\windows\SYSTEM\KB891711\KB891711.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\OEMCFOS2\CFOSOEMD.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\PROGRAMME\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAMME\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAMME\GEMEINSAME DATEIEN\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\TEMP\AVSCHED32.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAMME\WINAMP\WINAMPA.EXE
    C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE
    C:\PROGRAMME\X-CABLE\X-CABLE.EXE
    C:\PROGRAMME\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\WINDOWS\OEMCFOS2\CFNDIS.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAMME\HIJACKTHIS\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
    F1 - win.ini: run=C:\WINDOWS\OEMCFOS2\cfosoemd.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [internat.exe] internat.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
    O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVSCHED32] C:\WINDOWS\TEMP\AVSCHED32.EXE /min
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
    O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
    O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min
    O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
    O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
    O4 - Startup: X-Cable.lnk = C:\Programme\X-Cable\X-Cable.exe
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Google-Suche - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
    O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Ähnliche Seiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Verweisseiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...ple.com/dribnif/de/win/QuickTimeInstaller.exe
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
    O16 - DPF: Yahoo! Chat - http://cs6.chat.sc5.yahoo.com/c381/chat.cab
    O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} (EModelNonVersionSpecificViewControl Class) - http://www.solidworks.com/plugins/edrawings/download.cfm?Release=rel
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {01118400-3E00-11D2-8470-0060089874ED} (SdcNetCheckCtl Class) - http://activex.microsoft.com/objects/ocget.dll
    O16 - DPF: {64D01C7F-810D-446E-A07E-365764235644} (AtlAtomadersCtlAttrib Class) - http://kraisoft.com/files/realone/atomaders.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab

    THANKS FOR HELPING!!!!
    Sunny
     
  2. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,750
  3. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    Hi! Thanks for responding!
    I tried the provided link (cleanboot), as well as pasting it, but it didn't work.
    Also, - I am an absolute beginner in regards to computers, so my knowledge is very limited (which means that I unfortunately need lots of explaining...).
    So, what should I do now, since I can't get to the clean boot site?
    Sunny:confused:
     
  4. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,750
  5. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    Hi, I looked into it, but it doesn't sound simple at all!!!
    I don't have a clue about registries, even though I read through several articles.
    What, if I do something wrong? I would really need someone to walk me through the process. I have many important files on my computer and I just can't afford something to happen to them. My floppy disc drive doesn't work (since years), so I can't back anything up. Sorry, to be such a "hard nut", but I really am afraid to do something wrong!!!:eek:
     
  6. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    I am terrified!!! I just printed out the instructions,went to the system configuration utility and unchecked several boxes (as told), then restarted my computer - and now everything looks just awful! I tried to change the color setting and restarted the computer, but it didn't save the changes. I tried it several times. I thought I should be courageous and just go and DO it., it was a huge mistake. HELP!!!
     
  7. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,750
    Hi..return to msconfig..and recheck (tick)boxes..
    Selective start up..
    config.sys
    autoexec.bat
    system ini
    win ini
    load start group items
    click apply and ok..reboot..
     
  8. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,750
  9. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    I am just running the virus scan.
    As I mentioned in the beginning, I have anti-vir, spybot, ad-adware, and hijackthis installed on my computer.
    I am not sure if I have a firewall. What do you advise me to do?
     
  10. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    Is it normal for that virus scan to take "forever"?
    I am not even sure what it does, right now. The bar above "scanning files and folders" is "full", but I can definitely hear something going on. Should I just wait?
     
  11. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    Back again.
    Well, housecall couldn't remove 1 detected spyware/ grayware (?).
    What should I do next?
     
  12. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,750
    Hi..there's a couple of things in your log...hopefully a log expert will check..
    F1-win.ini
    04.program\BackWeb.exe.
    D/load..Spywareblaster..Spywareguard..Zonealarm...links above..
    All needed to keep your system clean..;)
     
  13. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    Do you mean I should erase these things from my log via HijackThis?
    What about spywareblaster, Spywareguard, Zonealarm: Do you mean I should download them, even though I have Spybot installed?
    Sorry, I am not used to the "computer dialect"....
     
  14. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,750
    Hi..A log expert will tell you what to delete in Hjt log..Do Not delete until told to do so..
    Spywareblaster..Spywareguard..Zonealarm..are programs that you need to protect your system..D/load and read all info on updating.what they do .and how to use them..;)
     
  15. sunny66

    sunny66 Thread Starter

    Joined:
    Oct 20, 2005
    Messages:
    28
    Hi,
    Thank you so much for your help.
    I've downloaded everything, and will now wait for a log expert to contact me.
    Thanks again,
    Sunny
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/427793

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice