Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Multiple error messages and computer freeze


  • Please log in to reply

#31
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Thanks to both administrators!

Every time I click to a new link I get a message that says Runtime error 226 at (a long number), I click ok, then I get the same message again with a different long number.

Also, ran Adware again and it found over 100 items. Seems like everything I've done previous should have kept this number down?!

Here's the newest log:

Logfile of HijackThis v1.99.0
Scan saved at 7:30:10 AM, on 1/28/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\THE CLEANER\TCA.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\COMMON FILES\SERVICES\WSYS.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\WINDOWS\SYSTEM\HPZSTATX.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\MOSEARCH\BIN\MOSDMN.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBARBHO.DLL
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.EXE"
O4 - HKLM\..\Run: [USBMonit.exe] "C:\WINDOWS\SYSTEM\USBMonit.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Speed racer] C:\Program Files\Creative\PlayCenter\CTSRReg.exe
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\AVEO\ATTUNE\bin\attune_ce.exe
O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\MSBB.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [RxMon] C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon9x.exe
O4 - HKLM\..\Run: [MadExe] C:\PROGRAM FILES\DELL\RESOLUTION ASSISTANT\COMMON\BIN\LaunchRA.exe -boot
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RIYPGWM] C:\WINDOWS\RIYPGWM.exe
O4 - HKLM\..\Run: [Folder Service ] C:\Program Files\Common Files\Services\wssdtu.exe
O4 - HKLM\..\Run: [Enumeration Service ] C:\Program Files\Common Files\Services\wsys.exe
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [UpromiseRemindU] wjview /cp:p "C:\Program Files\UpromiseRemindU\System\Code" Main lp: "C:\Program Files\UpromiseRemindU"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe
O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe
O4 - HKLM\..\RunServices: [!Abgra] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgrb] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgrc] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgrd] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgre] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\PROGRAM FILES\ATI MULTIMEDIA\MAIN\LAUNCHPD.EXE"
O4 - HKCU\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe /q
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Startup: HandStory.lnk = C:\Program Files\Sony Handheld\HandStory.exe
O4 - Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Startup: Resolution Assistant.lnk = C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\matcli.exe
O4 - Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmtrans.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-17.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
  • 0

Advertisements


#32
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Do you have a program called PClock? What does it do?

I read up on it, but it tells very little. I don't know if that is prohibiting some fixes.

You have trojans and viruses. Is your anti-virus software up to date?

You have a number of randomonly named files on your system. We like to start with an online virus and trojan scan. Even though you have antivirus software on your system, it can become corrupted by malware.

Please run a free online virus scan here (tick the "Auto Clean" checkbox):
http://housecall.antivirus.com/

And a free trojan scan here:
http://www.moosoft.com/

Clean out your temp. files ---very important.

You may wish to print out a copy of these instructions to follow while you complete this procedure.

First, get rid of NewDotNet. Go to Control Panel:Add/Remove Programs and remove it. If it is not there, go here and follow Procedure 4: http://www.newdotnet.com

Please save Hijack This in a permanent folder (i.e. C:\HJT). This ensures backups are saved and accessible.

Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.


O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\MSBB.EXE

O4 - HKLM\..\Run: [RIYPGWM] C:\WINDOWS\RIYPGWM.exe
O4 - HKLM\..\Run: [Folder Service ] C:\Program Files\Common Files\Services\wssdtu.exe
O4 - HKLM\..\Run: [Enumeration Service ] C:\Program Files\Common Files\Services\wsys.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\MSBB.EXE

O4 - HKLM\..\Run: [UpromiseRemindU] wjview /cp:p "C:\Program Files\UpromiseRemindU\System\Code" Main lp: "C:\Program Files\UpromiseRemindU"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe

Please reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).
Be sure you're able to view hidden files, and remove the following files in bold (if found):



C:\WINDOWS\RIYPGWM.exe
C:\Program Files\Common Files\Services\wssdtu.exe
C:\Program Files\Common Files\Services\wsys.exe
C:\WINDOWS\MSBB.EXE
C:\Program Files\UpromiseRemindU\
C:\Program Files\Viewpoint\Viewpoint Manager
C:\Program Files\ClockSync

Reboot your PC.

If you would please, rescan with HijackThis and post a fresh log in this same topic, and we'll remove what's left. :tazz:
  • 0

#33
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
PCLock is a program that I have been using for over two years. It requires a Password to access the computer. I use it because I have three teenagers that I do not want on the computer without my knowledge. I could click on the PCLock icon on my bottom toolbar and the computer would be "locked" until I entered the password again. It also requires a login password when first rebooting. Somewhere in the process of deleting everything I lost my bottom toolbar icon, so now it only works when I reboot. That was something that I was hoping to resolve after all these other issues with error messages have been resolved. I would be surprised if PCLOck was the source of any problems, since I have been using it for quite some time.

Next, regarding your instructions above to run Housecalls and Moosoft scans, I just did this per your post on 1/24. Do you want me to scan again?

My Norton's Anti-Virsu probably is NOT up to date. I asked in a previous post what you recommended.

What procedure would you like me to use to clean up my termporary folders and is this necessary to do on an ongoing bases and how often? (I just did it a couple of days ago too!)
  • 0

#34
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
I'm sorry I missed that you asked about the Norton. As you can see, this has grown to three pages long, and I work on many people's machines. I cannot remember everything that you have asked.

Until you apply some type of anti-viral to your computer, you're wide open to infection. Each time we fix something, it gets more and more infected.

Please either pay to update Norton if that's what you want, or you can find some good free ones. I like the one from grisoft. If you download grisoft, uninstall Norton.

Running the cleaner, housecall, cleaning your temp. files is important each time we apply a fix.

So, yes, it is necessary.

The PC lock probably is not causing problems. But since it had the word lock, I wasn't sure if it was preventing us from fixing things. That happens frequently.

We can get your icon back inyour tray, but right now you have much larger problems to fix. No. 1 is getting anti-virus that is current on your machine. Until then, it's like emptying a sinking boat with a tea cup.
  • 0

#35
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
I stopped with Clean Temp files from your list of instructions from yesterday, because I have so many questions up to this point! I would rather have some understanding of what's going on than to blindly follow instructions!

Could you answer these questions, please.

The housecall antivirus did not locate any viruses, but the trojan scan located 7 trajans, then completely stalled out at 87% completion. I deleted the ones found. Should I rerun this to see if it will go to 100%?

By "Clean temp files" do you mean to do just do the "Disc clean up" through Properties in My Computer or is there a more extensive process by which I should be hand deleting individual folders?

What is Newdot.net, how could it have gotten on my system and why am I deleting it? I found this on their website:

Please note:
NewDotNet may not be the source of your problem even though a “reputable” company may have told you that it was. Unfortunately, there are several companies providing computer and Internet support who provide incorrect and sometimes detrimental information. These companies sometimes advise their customers that NewDotNet is causing system problems, without being certain this is the case. If you complete any of our uninstall procedures and are still having problems, please contact our Customer Support Department and we’ll be happy to confirm that NewDotNet is off of your system. However, as you are probably aware, many things can cause problems on your computer and we will not be able to resolve all of them.

The system will not allow me to delete Norton's. I tried through the Norton's uninstall, as well as through Add/Delete programs on control panel. I get the same message: Unable to locate installation file-Cannot complete uninstall.

I downloaded your suggested free anti-virus, but was not sure what to do about the rescue disk. Wouldn't it take many floppy to backup? Is there another better way to do ths backup? Does Norton's or McAfee's do a better job than this free download?

When I did the Disk Cleanup the AVG window popped up and said that the shiedl had located a trojan (I think!) I clicked on the "heal" button-was that the correct thing to do? WHat is the difference between "heal" and "delete" (I think that was the other one that I considered) WHat exactly is a trojan? Will it be necessary to run the Moosoft trojan scan in the future or does the AVG take care of this on an ongoing basis?

Finally, why do I have so many more programs running now? ie: When I Crl/Alt/Delete there are about 20 things running that I have not had in the past! My processor is constantly making that "running" noise and unfortunately my computer is MUCH slower than when I started all of this!

Thanks again!
  • 0

#36
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Now I really have a problem! My Quicken file seems to have disappeared-was working fine before all the deletes these past few days.

The icon is there but the screen is blank when I open the program.
  • 0

#37
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Here is a great tutorial that can answer all your questions about how to fix Hijack This logs.

http://www.bleepingc...tutorial42.html
  • 0

#38
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
That's a little bit too much information! I am not a computer literate person, not do I have the time to become one.

Bottom line: I'm concerned because my computer now has more problems than I started with! Many things are now missing (such as Quicken screens), my computer is running EXTREMELY slow, I have 30+ things running at start-up that I didn't have before, and error messages I didn't have before. I'm concerned because I have followed so many instructions to do different things, not realizing that additional problems could be created.

Is there anyway to restore my computer to it's original condition, before I started with all the HiJack stuff?
  • 0

#39
coachwife6

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
1. Get anti-viral installed and then

2. Post another log.

I gave you the instructions on how to analyze a hijack this log because you had so many questions.
  • 0

#40
Major Payne

Major Payne

    Retired Staff

  • Retired Staff
  • 5,307 posts

Is there anyway to restore my computer to it's original condition, before I started with all the HiJack stuff?

View Post


Even with all the very good advice given, these problems that crop up can be extremely hideous in their reapplication of malware and viruses. I had one I cleaned several times affecting all of my AOL directories. Kept putting 25Kb files in each directory with all kinds of extensions hoping I would open one. Each directory contained over 1.5 Mb of these files when it was done and this was after each cleaning! Track the problem down to a file that was hiding and would run on each boot-up replacing all the removed files! Removing this file and then cleaning all the directories again worked fine...that time.

If you have all your install disks available, I would suggest reformatting the harddrive and then re-install everything that you want to use. If possible, try to backup only the very important files you need after insuring they are not infected before you do this. Sometimes this is the only solution and I've had to do it numerous times until I got a good firewall, anti-virus programs and anti-spyware apps installed and used often. In fact, ClamWin just caught one on a scheduled scan in IE6.0 yesterday. Shredded it with Spybot's Secure Shredder tool.

Admin and ditto give some very good advice in this forum which you can read at any time. I would follow their recommendations.

Ron
  • 0

Advertisements


#41
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Don't mean to be difficult, just a little frustrated at this point. I'm just very concerned that something has been deleted that should not have been!


Trojan and virus scans were clean. Installed your suggested antivirus, but per my question above, I was not sure if I should do anything about the rescue disk. Also, as I mentioned above, the system will not delete Norton's.

Also, wanted to make sure that I was following your instructions regarding temp files correctly : By "Clean temp files" do you mean to do just do the "Disc clean up" through Properties in My Computer or is there a more extensive process by which I should be hand deleting individual folders?

I did not delete/fix the itmes you suggested in your most recent 1/28 post, because I wanted to make sure that I had handled the above questions correctly first.



Here's the latest log:

Logfile of HijackThis v1.99.0
Scan saved at 4:46:22 PM, on 1/30/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\DEVLDR16.EXE
C:\PROGRAM FILES\COMMON FILES\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\CTNOTIFY.EXE
C:\PROGRAM FILES\THE CLEANER\TCA.EXE
C:\PROGRAM FILES\THE CLEANER\TCM.EXE
C:\PROGRAM FILES\CREATIVE\SHAREDLL\MEDIADET.EXE
C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\DELL\RESOLUTION ASSISTANT\COMMON\BIN\RXMON9X.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
C:\PROGRAM FILES\COMMON FILES\SERVICES\WSYS.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\DVZCOMMON\DVZMSGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBARBHO.DLL
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL
O4 - HKLM\..\Run: [Pop-Up Stopper] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER\DPPS2.EXE"
O4 - HKLM\..\Run: [USBMonit.exe] "C:\WINDOWS\SYSTEM\USBMonit.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [tcactive] C:\PROGRAM FILES\THE CLEANER\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\PROGRAM FILES\THE CLEANER\tcm.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Speed racer] C:\Program Files\Creative\PlayCenter\CTSRReg.exe
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [AttuneClientEngine] C:\PROGRA~1\AVEO\ATTUNE\bin\attune_ce.exe
O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [msbb] C:\WINDOWS\MSBB.EXE
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [RxMon] C:\Program Files\Dell\Resolution Assistant\Common\bin\RxMon9x.exe
O4 - HKLM\..\Run: [MadExe] C:\PROGRAM FILES\DELL\RESOLUTION ASSISTANT\COMMON\BIN\LaunchRA.exe -boot
O4 - HKLM\..\Run: [AudioHQ] C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RIYPGWM] C:\WINDOWS\RIYPGWM.exe
O4 - HKLM\..\Run: [Folder Service ] C:\Program Files\Common Files\Services\wssdtu.exe
O4 - HKLM\..\Run: [Enumeration Service ] C:\Program Files\Common Files\Services\wsys.exe
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [UpromiseRemindU] wjview /cp:p "C:\Program Files\UpromiseRemindU\System\Code" Main lp: "C:\Program Files\UpromiseRemindU"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe
O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe
O4 - HKLM\..\RunServices: [!Abgra] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgrb] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgrc] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgrd] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [!Abgre] C:\WINDOWS\SYSTEM\pclasys.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\PROGRAM FILES\ATI MULTIMEDIA\MAIN\LAUNCHPD.EXE"
O4 - HKCU\..\Run: [ClockSync] C:\Program Files\ClockSync\Sync.exe /q
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [Registry Cleaner] "C:\PROGRAM FILES\REGISTRY CLEANER\REGCLEAN.EXE"
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Startup: HandStory.lnk = C:\Program Files\Sony Handheld\HandStory.exe
O4 - Startup: DataViz Messenger.lnk = C:\WINDOWS\DvzCommon\DvzMsgr.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\Sony Handheld\HOTSYNC.EXE
O4 - Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O4 - Startup: Resolution Assistant.lnk = C:\Program Files\Dell\Resolution Assistant\MotiveAssistant\bin\matcli.exe
O4 - Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page - res://C:\WINDOWS\GOOGLETOOLBAR.DLL/cmtrans.html
O8 - Extra context menu item: &Viewpoint Search - res://C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT TOOLBAR\VIEWBAR.DLL/CXTSEARCH.HTML
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM95\AIM.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg...l_v1-0-3-17.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab

Is this an unusually large number of running processes, and if so, could this be the reason that my computer is running SOOOO slow?

Other big concern, as mentioned before: ALL of my Quicken data has disappeared. This is business and personal info that I really need this time of year!
  • 0

#42
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Good news! This is really wierd, but my Quicken information has reappearred and appears to be okay! Whew!

The only thing I did between yesteday and today is to reboot because AVG said that it had located a trojan. I assume that AVG is constantly running, just like Norton's- does it always require rebooting to "heal" a problem?

Still have the problem with very slow computer (processor is constantly making that processing sound) and 40+ processes running when I do Crl-Alt-Delete. Where did they all come from and is there a way to get rid of them?

Thanks, CoachesWife or anyone else out there who can help! PS:Still waiting on reply to my 1/30 Hijackthis log and previous questions.
  • 0

#43
Major Payne

Major Payne

    Retired Staff

  • Retired Staff
  • 5,307 posts
Hi :

Hopefully someone will checkout your log. I see a lot of stuff that really shouldn't be there, but I'm not the expert on Hijack This logs. Can you list information on which operating system you're using. There is a way to shut down a lot of stuff you may not need which loads at boot up. If you have 40+ processes going, I'm not surprised that your pc is running slow. Probably darn close to running out of resources.

Will take a stab at this : Try going to Start>Run and type msconfig in the "Run" window then click OK. Go to the Startup tab where it has a bunch of boxes checked. This is what is running after you've booted up. You can maximize the window to see all of them better. Now on Win ME, you can make three choices right off the bat on the General tab and choose "Selective startup" and uncheck the "Load startup group items" and see how your pc responds after rebooting. You can post the list of what you have in the Startup listed if you want to go to the trouble.

AVG does run constantly and what it does with anything it finds depends on what your settings are. It doesn't need to reboot to clean, but not all bugs found are cleanable and may wind up in the Virus Vault. Bring up Control Center, click on "Shell Extension" and the the "Settings" button. If "Automatically heal infected files" is unchecked then check it. I would also not depend on AVG alone. TrendMicro's Housecall and McAfee's free online scans are worthwhile. Also, ClamWin has caught 4 on my pc that AVG and the others missed.

If the Hijack This experts don't get to you fast enough, go to Help2Go.com's forum and following their forum instructions for posting a log.

Ron
  • 0

#44
lghay

lghay

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts
Hi Major Payne,

Thank you for coming back!

First of all I have Windows ME.

I followed your advice and checked "Selective startup" and unchecked the "Load startup group items". That constant processing noise is gone, and when I do Ctrl-Alt-Delete there are only two things running: Explorer and Devldr16 (whatever that is?!) Much better!!

I assume that my antivirus programs are now NOT running at start up. This would seem to be a bad thing! I also have a program called PCLoc which requires a security password to access the desktop (I have teenagers in the home and do not want them to have access without my knowledge). This did not load at start up. Is there a way to select certain programs to load at start up and not others?

Also I received a message on reboot that said "You are using the Selective Start up for trouble shooting your system". Does this mean that I should not use selective start up on a regular basis? If not, then how do I solve the problem permanently?

What exactly is the Virus Vault (AVG antivirus)? Does that mean that the virus will still be on the system? I will follow you advice regarding checking "Automatically heal infected files".

I have manually run TrendMicro's Housecall. Are ClamWIn and McAfee's free online scans also scans which must be run manually? How often do you recommend running them?

A few more questions, if you would be so kind! I have downloaded and run multiple programs that have been recommended on this website. However, I am not sure which might be duplicating eachother (I also regular computer maintenance such as Defragment and Scandisc set up on my system) These are the programs that I currently have downloaded:
The Cleaner (trojan scanner and cleaner)
Registry Cleaner (by registryoptimizer.com)
Spybot Search and Destroy
AdAware Se
AVG Free (as posted previously, I was not able to uninstall Norton's for some reason. Whenever I try, it says that it cannot find the install file. Seems I read somewhere that it was necessary to delete Norton's or it would interfere with the operation of AVG. Is this true?)


Should all of the above programs be running at start up, and if not, how often should I manually run them?
Are any of them duplicating others, so that I should delete one or more?
Are there others that you would recommend as preferable to what I have or in addition to?
I have also heard talk of "firewalls", but am not sure what these are, if I have one, or if I need one!

Again, thanks so much for your assistance!
  • 0

#45
Major Payne

Major Payne

    Retired Staff

  • Retired Staff
  • 5,307 posts
I would make a new Restore point at this time and back up the registry files.

Yes, your antivirus programs and a lot of other stuff should not have started at boot up when you unchecked the Startup group. I only have AVG and ClamWin running because AVG checks e-mail and ClamWin I've set up to run a check on certain directories on a regular schedule. If you wish to do all this manually on a regular basis, you do not need these running all the time. Nor do you need to have AdAwareSE, Spybot S & D, nor any other program running at the same time if you do a regular cleaning with these utilities.

You need to have a firewall running at all times though! I use ZoneAlarm which keeps all my ports stealthed. You also should have TaskMonitor, SystemTray, PCHealth, LoadPowerProfile, Startup Manager Scanner, SchedulingAgent and *StateMgr selected in your Startup group. If you use a firewall program, all it's stuff should be checked.

If PCLoc is needed as a personal preference, then recheck it in the Startup group.

There is no problem using selective start up at every boot up. Once you have the programs that have to start at boot up just checked the little box on the message window (believe it's lower-left corner) and the message should not appear any more. Your System Configuration (msconfig) will always have Selective startup checked now and, if all items in the start up group are not checked, that window will have a check mark in it and look slightly grayed out.

The Virus Vault in AVG is where it puts the infected stuff until you delete it. Norton will not interfere with AVG if it is not set to run. Some apps run fine together at the same time like AVG and ClamWin I'm using. You will have to go to your Program Manager and see if you can delete Norton from the Add/Remove Programs App. If you get same about can not find install file, then either it is missing or corrupted and you will have to manually delete it in your C:\Program Files and Registry. Of course, since you have an app called Registry Cleaner, you may be able to just delete Norton from the directories and let it clean the references for Norton in the Registry. You may still not get all that was installed.

We are going on 3 pages here so I am PMing my e-mail address to you until we get a final solution to your problem which can be the last post for others to read.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP