Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Internet Explorer shutting down


  • Please log in to reply

#16
admin

admin

    Founder Geek

  • Administrator
  • 24,501 posts
Looking Good, just a couple left:

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART

Reboot in Safe mode (by tapping F8 at startup) and delete:
C:\WINDOWS\System32\P2P Networking <-Delete this folder (just the P2P Networking folder)

Restart, and you should be all clear <_<

Are you still getting any error messages or browser crashes?
  • 0

Advertisements


#17
ferndoodle

ferndoodle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
<_<

Hi, I did the first things you told me to fix. I rebooted in safe mode but I really don't understand where I find that file and how I delete it. I don't want to delete the wrong thing. Could you explain this a bit more? Here's the scan after the first things that I fixed.

Logfile of HijackThis v1.97.7
Scan saved at 1:19:50 PM, on 2/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ISP50\MAXSPEED\propelac.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ISP50\bin\bartshel.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM95\aim.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Kontiki\bin\kontiki.exe
C:\Program Files\PhotoWorks\Uploader\PWComm.exe
C:\Program Files\Broderbund\Screen Shot Deluxe 4.0\Sshot4.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\PROGRA~1\ISP50\bin\ppshared.exe
C:\Documents and Settings\Owner\My Documents\New Folder\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.peoplepc.com/homepage
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
F1 - win.ini: load= c:\InfoCntr\LOADIBOX.EXE
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.../7_0/home.html"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\np9w2otr.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\np9w2otr.slt\prefs.js)
O1 - Hosts: comments (such as these) may be inserted on individual
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: Freedom Popup Killer - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {3DE88907-3E38-11D4-BEB2-CBE76C0598DD} - C:\Program Files\ISP50\bin\BandObject.dll
O2 - BHO: Freedom BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: SafeGuard Popup Blocker - {B824E7B0-E8E3-4D75-895E-2C309EA4CC5D} - C:\Program Files\SafeGuard Popup Blocker Pro\SGPopupBlocker.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Propel Accelerator] C:\Program Files\ISP50\MAXSPEED\propelac.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Bart Station] C:\Program Files\ISP50\hta\station.sbrt
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Zero Knowledge Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [cnet] "C:\Program Files\Kontiki\bin\kontiki.exe" -s cnet -q
O4 - Startup: Screen Shot Deluxe 4.0.lnk = C:\Program Files\Broderbund\Screen Shot Deluxe 4.0\Sshot4.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: PhotoWorks Uploader.lnk = C:\Program Files\PhotoWorks\Uploader\PWComm.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Get It With Kontiki - res://C:\Program Files\Kontiki\bin\bh309190.dll/201
O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\ISP50\MAXSPEED\pac-page.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\ISP50\MAXSPEED\pac-image.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: Popup Blocker Options (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
  • 0

#18
admin

admin

    Founder Geek

  • Administrator
  • 24,501 posts
No problem, I probably should have explained better. <_<

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART

Reboot in Safe mode (by tapping F8 at startup) and Click on My Computer, Select the C Drive, Click on the Windows folder, click on the system 32 folder (if you get a warning screen click "show the contents of this folder"), find the P2P Networking folder, use your right mouse button to select it, chose delete from the pop-up menu. Restart your computer.
  • 0

#19
ferndoodle

ferndoodle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
<_<

Thank you, that explanation was much easier for me. *lol* Sorry, I'm not real technical and I appreciate you making it a little more plain for me. Here is my latest scan:

Logfile of HijackThis v1.97.7
Scan saved at 1:49:05 PM, on 2/8/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\VetMsgNT.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ntvdm.exe
C:\HP\KBD\KBD.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ISP50\MAXSPEED\propelac.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ISP50\bin\bartshel.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\AIM95\aim.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\Kontiki\bin\kontiki.exe
C:\Program Files\PhotoWorks\Uploader\PWComm.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\PROGRA~1\ISP50\bin\ppshared.exe
C:\Documents and Settings\Owner\My Documents\New Folder\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.peoplepc.com/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.peoplepc.com/homepage
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
F1 - win.ini: load= c:\InfoCntr\LOADIBOX.EXE
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.../7_0/home.html"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\np9w2otr.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Owner\Application Data\Mozilla\Profiles\default\np9w2otr.slt\prefs.js)
O1 - Hosts: comments (such as these) may be inserted on individual
O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program Files\Kontiki\bin\bh309190.dll
O2 - BHO: Freedom Popup Killer - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: (no name) - {3DE88907-3E38-11D4-BEB2-CBE76C0598DD} - C:\Program Files\ISP50\bin\BandObject.dll
O2 - BHO: Freedom BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: SafeGuard Popup Blocker - {B824E7B0-E8E3-4D75-895E-2C309EA4CC5D} - C:\Program Files\SafeGuard Popup Blocker Pro\SGPopupBlocker.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Propel Accelerator] C:\Program Files\ISP50\MAXSPEED\propelac.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Bart Station] C:\Program Files\ISP50\hta\station.sbrt
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\Coloreal\coloreal.exe"
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPINST~1\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Zero Knowledge Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [cnet] "C:\Program Files\Kontiki\bin\kontiki.exe" -s cnet -q
O4 - Startup: Screen Shot Deluxe 4.0.lnk = C:\Program Files\Broderbund\Screen Shot Deluxe 4.0\Sshot4.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: PhotoWorks Uploader.lnk = C:\Program Files\PhotoWorks\Uploader\PWComm.exe
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: Get It With Kontiki - res://C:\Program Files\Kontiki\bin\bh309190.dll/201
O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\ISP50\MAXSPEED\pac-page.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\ISP50\MAXSPEED\pac-image.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra 'Tools' menuitem: Popup Blocker Options (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installen...gine/isetup.cab
  • 0

#20
admin

admin

    Founder Geek

  • Administrator
  • 24,501 posts
P2P Networking is refusing to leave <_<

Give me a little time to check with some other experts and I'll reply. :D

P.S. Are you still experiencing any Internet problems?
  • 0

#21
ferndoodle

ferndoodle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
<_<

Ok, I really haven't had much time to be on the internet to be truthful with you.
Been concentrating on getting this problem fixed. I do know that I'm not getting the run time error at least. I will check how the internet explorer works as soon as I can.

While I'm here, how do I avoid this happening to my computer again? I also have another computer running Windows 98. What can I do to make sure that it's not full of spyware too?

I'll wait for your answer and thank you for all of your help so far. You have been terrific.
  • 0

#22
admin

admin

    Founder Geek

  • Administrator
  • 24,501 posts
Looks easy, try this: Click Start -> Control panel -> Add or Remove Programs. Find P2P Networking, and click remove.

Please see the Spyware Tools link in my signature. To search for spyware use the Ad-aware and Spybot links. To prevent infection try the Spyblaster link. <_<
  • 0

#23
ferndoodle

ferndoodle

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts
<_<

Thank you so much for all your help. My computer is running so much faster now and I haven't seen anymore problems with my internet explorer. I don't know what I would do without you guys. Hopefully I can get my laptop running just as smoothly.

Thank you for the info on the spyware programs as well. I will check them out.
Keep up the great work!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP