Tech Support Guy banner
  • Please post in our Community Feedback thread for help with the new forum software! If you are having trouble logging in, please Contact Us for assistance.
Status
Not open for further replies.
1 - 15 of 15 Posts

·
Registered
Joined
·
28 Posts
Discussion Starter · #1 ·
:eek: My computer freezes over and over again. I ran adwareSE, Spybot, and my anti-virus program, all to no avail. Spybot found WildTangent, but was unable to delete it. Spybot then ran right after starting the computer, but after scanning the computer froze again. This happened several times. What I find very strange is that if I want to shut off the computer it seems very busy and it takes forever to shut down. So something is definitely going on. ( Excuse my English....) Please help!!!
This is my log file:
Logfile of HijackThis v1.99.1
Scan saved at 1:43:51 a.m., on 12/25/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\OEMCFOS2\CFOSOEMD.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\PROGRAMME\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMME\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAMME\GEMEINSAME DATEIEN\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\TEMP\AVSCHED32.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAMME\WINAMP\WINAMPA.EXE
C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE
C:\PROGRAMME\X-CABLE\X-CABLE.EXE
C:\PROGRAMME\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\OEMCFOS2\CFNDIS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMME\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
F1 - win.ini: run=C:\WINDOWS\OEMCFOS2\cfosoemd.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVSCHED32] C:\WINDOWS\TEMP\AVSCHED32.EXE /min
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: X-Cable.lnk = C:\Programme\X-Cable\X-Cable.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google-Suche - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Ähnliche Seiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Verweisseiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...ple.com/dribnif/de/win/QuickTimeInstaller.exe
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: Yahoo! Chat - http://cs6.chat.sc5.yahoo.com/c381/chat.cab
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} (EModelNonVersionSpecificViewControl Class) - http://www.solidworks.com/plugins/edrawings/download.cfm?Release=rel
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {01118400-3E00-11D2-8470-0060089874ED} (SdcNetCheckCtl Class) - http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {64D01C7F-810D-446E-A07E-365764235644} (AtlAtomadersCtlAttrib Class) - http://kraisoft.com/files/realone/atomaders.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://download.shockwave.com/pub/otoy/OTOYAX.cab

THANKS FOR HELPING!!!!
Sunny
 

·
Super Moderator
Joined
·
19,815 Posts

·
Registered
Joined
·
28 Posts
Discussion Starter · #3 ·
Hi! Thanks for responding!
I tried the provided link (cleanboot), as well as pasting it, but it didn't work.
Also, - I am an absolute beginner in regards to computers, so my knowledge is very limited (which means that I unfortunately need lots of explaining...).
So, what should I do now, since I can't get to the clean boot site?
Sunny:confused:
 

·
Registered
Joined
·
28 Posts
Discussion Starter · #5 ·
Hi, I looked into it, but it doesn't sound simple at all!!!
I don't have a clue about registries, even though I read through several articles.
What, if I do something wrong? I would really need someone to walk me through the process. I have many important files on my computer and I just can't afford something to happen to them. My floppy disc drive doesn't work (since years), so I can't back anything up. Sorry, to be such a "hard nut", but I really am afraid to do something wrong!!!:eek:
 

·
Registered
Joined
·
28 Posts
Discussion Starter · #6 ·
I am terrified!!! I just printed out the instructions,went to the system configuration utility and unchecked several boxes (as told), then restarted my computer - and now everything looks just awful! I tried to change the color setting and restarted the computer, but it didn't save the changes. I tried it several times. I thought I should be courageous and just go and DO it., it was a huge mistake. HELP!!!
 

·
Registered
Joined
·
28 Posts
Discussion Starter · #9 ·
I am just running the virus scan.
As I mentioned in the beginning, I have anti-vir, spybot, ad-adware, and hijackthis installed on my computer.
I am not sure if I have a firewall. What do you advise me to do?
 

·
Registered
Joined
·
28 Posts
Discussion Starter · #10 ·
Is it normal for that virus scan to take "forever"?
I am not even sure what it does, right now. The bar above "scanning files and folders" is "full", but I can definitely hear something going on. Should I just wait?
 

·
Registered
Joined
·
28 Posts
Discussion Starter · #13 ·
blues_harp28 said:
Hi..there's a couple of things in your log...hopefully a log expert will check..
F1-win.ini
04.program\BackWeb.exe.
D/load..Spywareblaster..Spywareguard..Zonealarm...links above..
All needed to keep your system clean..;)
Do you mean I should erase these things from my log via HijackThis?
What about spywareblaster, Spywareguard, Zonealarm: Do you mean I should download them, even though I have Spybot installed?
Sorry, I am not used to the "computer dialect"....
 
1 - 15 of 15 Posts
Status
Not open for further replies.
Top