1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Windows Freezing

Discussion in 'Earlier Versions of Windows' started by LsBd8, Jan 23, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    HELP!! I am running Windows ME and using IE6 and runnin AVG virus Protection. My computer is freezing and when i click on the alt, control, delete button, i noticed it says Rundll32 not responding. Would this have anything to do with my Windows Freezing? Sounds like a corrupt dll file to me and if so, how can this be fixed or where can i find the Rundll32 file? :mad:
     
  2. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,712
    Hi and welcome to TSG.
    Rundll32 is legit..runs dll files-exe files etc. [can sometimes cause a problem]
    How much Ram do you have installed?
    Are you running any Spyware programs?
     
  3. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    Thank You, glad to be here. I have a AMD Athlon, 1GHz Processor, 256MB PC133 SDRAM and no i don't have any Spyware Programs installed. I did a System Restore but that didn't help. This all came about when i was tryin to fix my color in my display settings and when i restarted i got a blue screen, wouldn't load windows so i did a System Restore which helped but now my Windows freeze and when i click alt, ctrl, del, i noticed it said in the box Rundll32 not respondin everytime. I use to have Ad-Aware before i had my motherboard replaced and have not reinstalled it. I appreciate any help you can give me.
     
  4. bonk

    bonk Banned

    Joined:
    Sep 8, 2005
    Messages:
    11,097
    Howdy,

    Why what was wrong with the color?
     
  5. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    The color was too dark, my contrast is set to 100% n brightness was set to 100% but my pages had an off white look to them instead of white.
     
  6. bonk

    bonk Banned

    Joined:
    Sep 8, 2005
    Messages:
    11,097
    Can not see this causing your problem......if you uninstalled a driver perhaps

    You say you don't have any Anti-Spyware installed but you do have Anti-Virus installed do you?
     
  7. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    Right, i have no adaware,spyware program installed but i do have AVG Free Edition. I did notice there were 2 dll files from my windows system in my AVG vault but i restored them, ran a scan, and healed them, ran another scan n my computer came up clean. I didn't uninstall no drivers that i know of.
     
  8. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,712
    Hi d/load Spybot..Ad-Aware..links below.
    D/load check for updates..scan.
    Remove all that Ad-Aware finds.
    All entries in Red in Spybot.
     
  9. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    Installed AdAware, here's the Log minus the Trackin Cookies:
    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Adware.MyToolbar(TAC index:3):2 total references
    Alexa(TAC index:5):8 total references
    Softomate Toolbar(TAC index:9):5 total references
    Tracking Cookie(TAC index:3):278 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects


    1-24-2007 2:41:44 PM - Scan started. (Full System Scan)

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [KERNEL32.DLL]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4291812595
    Threads : 4
    Priority : High
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Win32 Kernel core component
    InternalName : KERNEL32
    LegalCopyright : Copyright (C) Microsoft Corp. 1991-2000
    OriginalFilename : KERNEL32.DLL

    #:2 [MSGSRV32.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294941203
    Threads : 1
    Priority : Normal
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows 32-bit VxD Message Server
    InternalName : MSGSRV32
    LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998
    OriginalFilename : MSGSRV32.EXE

    #:3 [SPOOL32.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294939243
    Threads : 5
    Priority : Normal
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler Sub System Process
    InternalName : spool32
    LegalCopyright : Copyright (C) Microsoft Corp. 1994 - 1998
    OriginalFilename : spool32.exe

    #:4 [MPREXE.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294949523
    Threads : 2
    Priority : Normal
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : WIN32 Network Interface Service Process
    InternalName : MPREXE
    LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000
    OriginalFilename : MPREXE.EXE

    #:5 [MSTASK.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294851995
    Threads : 2
    Priority : Normal
    FileVersion : 4.71.2721.1
    ProductVersion : 4.71.2721.1
    ProductName : Microsoft® Windows® Task Scheduler
    CompanyName : Microsoft Corporation
    FileDescription : Task Scheduler Engine
    InternalName : TaskScheduler
    LegalCopyright : Copyright (C) Microsoft Corp. 2000
    OriginalFilename : mstask.exe

    #:6 [KB891711.EXE]
    FilePath : C:\WINDOWS\SYSTEM\KB891711\
    ProcessID : 4294886975
    Threads : 1
    Priority : Normal
    FileVersion : 4.10.2223
    ProductVersion : 4.10.2222
    ProductName : Microsoft(R) Windows(R) Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows KB891711 component
    InternalName : KB891711
    LegalCopyright : Copyright (C) Microsoft Corp. 1991-2005
    OriginalFilename : KB891711.EXE

    #:7 [LEXBCES.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294896999
    Threads : 8
    Priority : Normal
    FileVersion : 7.4
    ProductVersion : 7.4
    ProductName : MarkVision for Windows (32 bit)
    CompanyName : Lexmark International, Inc.
    FileDescription : LexBce Service
    InternalName : LexBce Service
    LegalCopyright : (C) 1993 - 2002 Lexmark International, Inc.
    OriginalFilename : LexBceS.exe

    #:8 [RPCSS.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294788755
    Threads : 5
    Priority : Normal
    FileVersion : 4.71.3328
    ProductVersion : 4.71.3328
    ProductName : Microsoft(R) Windows NT(TM) Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Distributed COM Services
    InternalName : rpcss.exe
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-1998
    OriginalFilename : rpcss.exe

    #:9 [LEXPPS.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294826407
    Threads : 10
    Priority : Normal
    FileVersion : 7.4
    ProductVersion : 7.4
    ProductName : MarkVision for Windows (32 bit)
    CompanyName : Lexmark International, Inc.
    FileDescription : LEXPPS.EXE
    InternalName : LEXPPS
    LegalCopyright : (C) 1993 - 2002 Lexmark International, Inc.
    OriginalFilename : LEXPPS.EXE
    Comments : MarkVision for Windows '95 New P2P Server (32-bit)

    #:10 [KB918547.EXE]
    FilePath : C:\WINDOWS\SYSTEM\KB918547\
    ProcessID : 4294736651
    Threads : 1
    Priority : Normal
    FileVersion : 4.10.2224
    ProductVersion : 4.10.2222
    ProductName : Microsoft(R) Windows(R) Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows KB918547 EXE component
    InternalName : KB918547
    LegalCopyright : Copyright (C) Microsoft Corp. 1991-2005
    OriginalFilename : KB918547.EXE

    #:11 [mmtask.tsk]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294708243
    Threads : 1
    Priority : Normal
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft Windows
    CompanyName : Microsoft Corporation
    FileDescription : Multimedia background task support module
    InternalName : mmtask.tsk
    LegalCopyright : Copyright © Microsoft Corp. 1991-2000
    OriginalFilename : mmtask.tsk

    #:12 [EXPLORER.EXE]
    FilePath : C:\WINDOWS\
    ProcessID : 4294712543
    Threads : 18
    Priority : Normal
    FileVersion : 5.50.4134.100
    ProductVersion : 5.50.4134.100
    ProductName : Microsoft(R) Windows (R) 2000 Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
    OriginalFilename : EXPLORER.EXE

    #:13 [STMGR.EXE]
    FilePath : C:\WINDOWS\SYSTEM\RESTORE\
    ProcessID : 4294751223
    Threads : 4
    Priority : Normal
    FileVersion : 4.90.0.2533
    ProductVersion : 4.90.0.2533
    ProductName : Microsoft (r) PCHealth
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft (R) PC State Manager
    InternalName : StateMgr.exe
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
    OriginalFilename : StateMgr.exe

    #:14 [TASKMON.EXE]
    FilePath : C:\WINDOWS\
    ProcessID : 4294665743
    Threads : 1
    Priority : Normal
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Task Monitor
    InternalName : TaskMon
    LegalCopyright : Copyright (C) Microsoft Corp. 1998
    OriginalFilename : TASKMON.EXE

    #:15 [SYSTRAY.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294655055
    Threads : 2
    Priority : Normal
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : System Tray Applet
    InternalName : SYSTRAY
    LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000
    OriginalFilename : SYSTRAY.EXE

    #:16 [S4TSR.EXE]
    FilePath : C:\WINDOWS\
    ProcessID : 4294591603
    Threads : 1
    Priority : Normal


    #:17 [SOUNDMAN.EXE]
    FilePath : C:\WINDOWS\
    ProcessID : 4294597575
    Threads : 2
    Priority : Normal
    FileVersion : 5.1.0.29
    ProductVersion : 5.1.0.29
    ProductName : Realtek Sound Manager
    CompanyName : Realtek Semiconductor Corp.
    FileDescription : Realtek Sound Manager
    InternalName : ALSMTray
    LegalCopyright : Copyright (c) 2001-2004 Realtek Semiconductor Corp.
    OriginalFilename : ALSMTray.exe
    Comments : Realtek AC97 Audio Sound Manager

    #:18 [WMIEXE.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294827783
    Threads : 3
    Priority : Normal
    FileVersion : 4.90.2452.1
    ProductVersion : 4.90.2452.1
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : WMI service exe housing
    InternalName : wmiexe
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
    OriginalFilename : wmiexe.exe

    #:19 [PDVDSERV.EXE]
    FilePath : C:\PROGRAM FILES\CYBERLINK\POWERDVD\
    ProcessID : 4294579779
    Threads : 1
    Priority : Normal
    FileVersion : 6.00.1027
    ProductVersion : 6.00.1027
    ProductName : PowerDVD
    CompanyName : Cyberlink Corp.
    FileDescription : PowerDVD RC Service
    InternalName : PowerDVD RC Service
    LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004
    OriginalFilename : PDVDSERV.EXE

    #:20 [DDHELP.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294626399
    Threads : 2
    Priority : Realtime
    FileVersion : 4.09.00.0900
    ProductVersion : 4.09.00.0900
    ProductName : Microsoft® DirectX for Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft DirectX Helper
    InternalName : DDHelp.exe
    LegalCopyright : Copyright © Microsoft Corp. 1994-2002
    OriginalFilename : DDHelp.exe

    #:21 [AVGCC.EXE]
    FilePath : C:\PROGRAM FILES\GRISOFT\AVG FREE\
    ProcessID : 4294629863
    Threads : 4
    Priority : Normal
    FileVersion : 7.5.0.418
    ProductVersion : 7.5.0.418
    ProductName : AVG 7.5 Anti-Virus System
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Control Center
    InternalName : AvgCC
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : AvgCC.EXE

    #:22 [AVGEMC.EXE]
    FilePath : C:\PROGRAM FILES\GRISOFT\AVG FREE\
    ProcessID : 4294650911
    Threads : 6
    Priority : Normal
    FileVersion : 7.5.0.432
    ProductVersion : 7.5.0.432
    ProductName : AVG Anti-Virus system
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG E-Mail Scanner
    InternalName : avgemc
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : avgemc.exe

    #:23 [AVGAMSVR.EXE]
    FilePath : C:\PROGRAM FILES\GRISOFT\AVG FREE\
    ProcessID : 4294621959
    Threads : 4
    Priority : Normal
    FileVersion : 7.5.0.420
    ProductVersion : 7.5.0.420
    ProductName : AVG 7.5 Anti-Virus System
    CompanyName : GRISOFT, s.r.o.
    FileDescription : AVG Alert Manager
    InternalName : avgamsvr
    LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
    OriginalFilename : avgamsvr.EXE

    #:24 [EM_EXEC.EXE]
    FilePath : C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\
    ProcessID : 4294689659
    Threads : 1
    Priority : Normal
    FileVersion : 9.79.019
    ProductVersion : 9.79.019
    ProductName : MouseWare
    CompanyName : Logitech Inc.
    FileDescription : Logitech Events Handler Application
    InternalName : Em_Exec
    LegalCopyright : (C) 1987-2003 Logitech. All rights reserved.
    LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
    OriginalFilename : Em_Exec.exe
    Comments : Created by the MouseWare team

    #:25 [PSTORES.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294404039
    Threads : 3
    Priority : Normal
    FileVersion : 5.00.2133.2
    ProductVersion : 5.00.2133.2
    ProductName : Microsoft(R) Windows (R) 2000 Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Protected storage server
    InternalName : Protected storage server
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
    OriginalFilename : Protected storage server

    #:26 [STIMON.EXE]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294319219
    Threads : 5
    Priority : Normal
    FileVersion : 4.90.3000.1
    ProductVersion : 4.90.3000.1
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Still Image Devices Monitor
    InternalName : STIMON
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
    OriginalFilename : STIMON.EXE

    #:27 [AD-AWARE.EXE]
    FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\
    ProcessID : 4294339175
    Threads : 2
    Priority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 0


    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Adware.MyToolbar Object Recognized!
    Type : Regkey
    Data :
    TAC Rating : 3
    Category : Adware
    Comment :
    Rootkey : HKEY_CLASSES_ROOT
    Object : typelib\{569304ba-83ed-4cff-ac26-be3e482f7208}

    Adware.MyToolbar Object Recognized!
    Type : Regkey
    Data :
    TAC Rating : 3
    Category : Adware
    Comment :
    Rootkey : HKEY_CLASSES_ROOT
    Object : interface\{c6f2214e-0b54-45a9-b90d-7dd4ba45ed0b}

    Softomate Toolbar Object Recognized!
    Type : Regkey
    Data :
    TAC Rating : 9
    Category : Data Miner
    Comment :
    Rootkey : HKEY_CLASSES_ROOT
    Object : clsid\{c1b4dec2-2623-438e-9ca2-c9043ab28508}

    Alexa Object Recognized!
    Type : Regkey
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    Value : MenuStatusBar

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    Value : Script

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    Value : clsid

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    Value : Icon

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    Value : HotIcon

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
    Value : ButtonText

    Softomate Toolbar Object Recognized!
    Type : Regkey
    Data :
    TAC Rating : 9
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{c1b4dec2-2623-438e-9ca2-c9043ab28508}

    Alexa Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 5
    Category : Data Miner
    Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
    Rootkey : HKEY_USERS
    Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
    Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 12
    Objects found so far: 12


    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 12

    Softomate Toolbar Object Recognized!
    Type : RegValue
    Data :
    TAC Rating : 9
    Category : Data Miner
    Comment :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : software\microsoft\internet explorer\toolbar
    Value : {c1b4dec2-2623-438e-9ca2-c9043ab28508}
     
  10. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    It is Safe to Delete or Quaratine All, am i Correct ?
     
  11. blues_harp28

    blues_harp28 Trusted Advisor Spam Fighter

    Joined:
    Jan 9, 2005
    Messages:
    18,712
    Hi yes all found entries in Ad-Aware can be removed.
    Suggest you d/load Spybot next. ;)
     
  12. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    OK, will do that but why do i need both ? Another ?, Notice on my Adaware Scan, i have 27 runnin Processes, Which ones do i actually need for Win ME ? I notice my old printer is still there n i have uninstalled it n went into my start up n unchecked it n somehow they keep gettin checked n accordin to this log, runnin on start up.
     
  13. bonk

    bonk Banned

    Joined:
    Sep 8, 2005
    Messages:
    11,097
    If we can see your startup list would help.

    Here's how

    Download Hijack This to your desktop
    Open it and click on the Hijack.exe it will open and use the default path
    Check do you wish an Icon.......
    Click on Icon and choose Open Misc Tools Section
    Then at the top Click on Generate a Startup list.... it will open in notepad

    Copy & Paste it in your next reply
     
  14. LsBd8

    LsBd8 Thread Starter

    Joined:
    Jan 23, 2007
    Messages:
    15
    i thought the Listing running processes on my log above was everything thats startin on start up on my computer.

    StartupList report, 1/24/2007, 3:58:18 PM
    StartupList version: 1.52.2
    Started from : C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE
    Detected: Windows ME (Win9x 4.90.3000)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\S4TSR.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\WINDOWS\SYSTEM\LEXBCES.EXE
    C:\WINDOWS\SYSTEM\LEXPPS.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
    TaskMonitor = C:\WINDOWS\taskmon.exe
    PCHealth = C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    SystemTray = SysTray.Exe
    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
    nwiz = nwiz.exe /install
    DisableEHCI = C:\WINDOWS\S4TSR.EXE
    SoundMan = SOUNDMAN.EXE
    RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    Logitech Utility = Logi_MwX.Exe
    AVG7_CC = C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    AVG7_EMC = C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    AVG7_AMSVR = C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    QuickTime Task = "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    Lexmark X74-X75 = "C:\Program Files\Lexmark X74-X75\lxbbbmgr.exe"
    LexStart = lexstart.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    SchedulingAgent = mstask.exe
    *StateMgr = C:\WINDOWS\System\Restore\StateMgr.exe
    KB891711 = C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
    KB918547 = C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE

    --------------------------------------------------

    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command

    (Default) = C:\WINDOWS\NOTEPAD.EXE %1

    --------------------------------------------------

    C:\WINDOWS\WININIT.BAK listing:
    (Created 24/1/2007, 15:26:20)

    [Rename]
    NUL=C:\PROGRA~1\LEXMAR~2\INSTALL\X86\UNINST.EXE
    NUL=C:\PROGRA~1\LEXMAR~2\INSTALL\X86\UNICOWS.DLL
    NUL=C:\PROGRA~1\LEXMAR~2\INSTALL\X86\ENGINE.DLL
    NUL=C:\WINDOWS\SYSTEM\LXPMONRC.DLL

    --------------------------------------------------

    C:\AUTOEXEC.BAT listing:

    SET PATH=C:\WINDOWS;C:\WINDOWS\COMMAND
    SET windir=C:\WINDOWS
    SET winbootdir=C:\WINDOWS
    SET COMSPEC=C:\WINDOWS\COMMAND.COM
    SET PROMPT=$p$g
    SET TEMP=C:\WINDOWS\TEMP
    SET TMP=C:\WINDOWS\TEMP

    --------------------------------------------------

    C:\WINDOWS\WINSTART.BAT listing:

    C:\WINDOWS\tmpcpyis.bat

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\WINDOWS\SYSTEM\GEBCDDB.DLL - {2771D8F7-933D-4D4E-B79F-DEF857511A82}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Tune-up Application Start.job
    PCHealth Scheduler for Data Collection.job
    Maintenance Wizard.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Update Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?39051.3670833333

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH9B.OCX
    CODEBASE = http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [Shockwave ActiveX Control]
    InProcServer32 = C:\WINDOWS\SYSTEM\macromed\Director\SwDir.dll
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    [QuickTime Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\QTPLUGIN.OCX
    CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

    [Virtools WebPlayer Class]
    InProcServer32 = C:\PROGRAM FILES\VIRTOOLS\3D LIFE PLAYER\WEBPLAYER.OCX
    CODEBASE = http://a532.g.akamai.net/f/532/6712....akamai.com/6712/player/install/installer.exe

    [{33564D57-0000-0010-8000-00AA00389B71}]
    CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

    [Lexmark eDiagnostics Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ACTIVEX_ATL_LEXMARK.DLL
    CODEBASE = https://ediagnostics.lexmark.com/serval.cab

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
    AUHook: C:\WINDOWS\SYSTEM\AUHOOK.DLL

    --------------------------------------------------
    End of report, 6,153 bytes
    Report generated in 0.192 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
  15. bonk

    bonk Banned

    Joined:
    Sep 8, 2005
    Messages:
    11,097
    I do not see to much there running on start up.......your new printer is a Lexmark I assume.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/537855

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice