• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
ccdesan

Very sick computer

5 posts in this topic

Can someone help me with a final step of cleanup?

 

I've run RemoveCWS_Killer, CWShredder, the latest versions of AdAware and Spybot, bhblaster, spywareblaster, ie-spypad, Registry Mechanic and AVG Free. I still have the following symptoms (Running Windows 98)

 

Popups that are bypassing Panicware's Popup Stopper :grrr:

WindowKey-E hangs the system, but I can get to Explorer ffrom the Start Menu

Control Panel from the Start Menu hangs the system, but it works from "My Computer" :grrr:

 

My HijackThis log follows:

 

Logfile of HijackThis v1.97.7

Scan saved at 5:21:50 PM, on 06/16/2004

Platform: Windows 98 Gold (Win9x 4.10.1998)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\CAPM1RS.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\ATICWD32.EXE

C:\WINDOWS\SYSTEM\ATITASK.EXE

C:\WINDOWS\SYSTEM\WLANSTA.EXE

C:\PROGRAM FILES\WINAMP3\WINAMPA.EXE

C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE

C:\WINDOWS\TEMP\NQH0982QM.EXE

C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE

C:\WINDOWS\RUNDLL32.EXE

C:\WINDOWS\UPTODATE.EXE

C:\WINDOWS\RUNDLL32.EXE

C:\PROGRAM FILES\AUTOUPDATE\AUTOUPDATE.EXE

C:\WINDOWS\SYSTEM\VERSTAB.EXE

C:\WINDOWS\RunDLL.exe

C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE

C:\WINDOWS\SYSTEM\AWFC16GT.EXE

C:\WINDOWS\SYSTEM\CAPM1LA.EXE

C:\WINDOWS\SYSTEM\CAPM1SW.EXE

C:\PROGRAM FILES\SYSAI\SYSAI.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\WINDOWS\DESKTOP\SPYWARE KILLERS\HIJACKTHIS.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\SYSTEM/left.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com/ext/gw/home.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - URLSearchHook: (no name) - _{4FC95EDD-4796-4966-9049-29649C80111D} - (no file)

O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\PROGRAM FILES\SEP\SEP.DLL

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL

O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - (no file)

O2 - BHO: (no name) - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINDOWS\SYSTEM\STLBDIST.DLL

O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:\PROGRAM FILES\SYSAI\APROPOSPLUGIN.DLL

O2 - BHO: (no name) - {087173EF-9829-4F49-8340-A524177D3F60} - C:\WINDOWS\SYSTEM\INETP60.DLL

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O3 - Toolbar: Band Class - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - C:\PROGRAM FILES\SEP\SEP.DLL

O3 - Toolbar: Search - {2CF0B992-5EEB-4143-99C0-5297EF71F444} - C:\WINDOWS\SYSTEM\STLBDIST.DLL

O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [inkWatch] C:\PROGRA~1\GATEWAY\GATEWA~1\InkWatch.exe

O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe

O4 - HKLM\..\Run: [AtiKey] Atitask.exe

O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off

O4 - HKLM\..\Run: [WLANSTA.EXE] WLANSTA.EXE START

O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe

O4 - HKLM\..\Run: [NQH0982QM.EXE] C:\WINDOWS\TEMP\NQH0982QM.EXE

O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP

O4 - HKLM\..\Run: [bakra] C:\WINDOWS\SYSTEM\IEHost.exe

O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINDOWS\SYSTEM\STLBDIST.DLL,DllRunMain

O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINDOWS\UPTODATE.EXE

O4 - HKLM\..\Run: [Rundll32_8] rundll32.exe C:\WINDOWS\SYSTEM\INETP60.DLL,DllRunServer

O4 - HKLM\..\Run: [AutoLoaderoAoy1IOlJIXM] "C:\WINDOWS\SYSTEM\VERSTAB.EXE" /PC="AM.WILD" /HideUninstall

O4 - HKLM\..\Run: [AutoUpdater] "c:\Program Files\AutoUpdate\AutoUpdate.exe"

O4 - HKLM\..\Run: [op7O36T] VERSTAB.EXE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe

O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM\aim.exe -cnetwait.odl

O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"

O4 - HKCU\..\Run: [ZEoERWfnS] AWFC16GT.EXE

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: Canon PC1200 iC D600 iR1200G Status Window.LNK = C:\WINDOWS\SYSTEM\CAPM1LA.EXE

O9 - Extra button: AIM (HKLM)

O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab

O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = OCH

O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.1.1,4.2.2.2,38.9.213.2

 

Thanks for your generous help!

-ccdesan

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0