If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#11
|
|||
|
|||
-- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "Galen" wrote in message ... In , Noel Paton had this to say: All it takes is for one to get infected, and suddenly you have viruses crawling out of every orifice!! I'm not sure where nor when Noel but I am sure that there will eventually be a time and a place where comments like that are saved and etched in stone. I almost wet my pants. That could be because I'm getting older and perhaps incontinent but truth be told it's really because it was just that funny. Galen -- "My mind rebels at stagnation. Give me problems, give me work, give me the most abstruse cryptogram or the most intricate analysis, and I am in my own proper atmosphere. I can dispense then with artificial stimulants. But I abhor the dull routine of existence. I crave for mental exaltation." -- Sherlock Holmes |
#12
|
|||
|
|||
Thanks again, Noel, for staying with me on this. I did start a post
yesterday to let you know what the latest was, but during my typing, the mouse froze several times - and then unpaused ( typing is buffered during this time but NO HDD activity , but on the fourth time, the pause lasted 20 minutes before I realize I had to hit the reset ( Ctrl -Alt -Del didn't work). Of course, I wasn't in the mood to retype. In a nutshell, there does seem to be a correlation between this symptom and being connected to the net. I have observed that I can have absolutely no throughput over the connection and still a pause can occur. I don't know if I mentioned it, but my Ethernet card is from the dark ages. Although my MxBoard has PCI, AGP and ISA slots, my modem, Ethernet and sound card are ISA. Today, I uninstalled the Ethernet and connection software and reinstalled them with USB drivers. I noticed a definite bandwidth loss and the symptoms persisted. I do want to figure this out but I think a reinstall is prudent nevertheless. 'Been 2002 since I have had to done this so there's probably loads of garbage. 'Couple of other quirky things I cannot figure out: There is a desktop icon for WMP 9 series that reappears after I delete in on every reboot. Also, my Search function loads but when I enter a string it wont search. I suspect that a recent upgrade to PowerDesk6 ( disk utility ) may have something to do with this. Fortunately, it's search function is almost identical and still functions. Keep the advice coming, Randy Logfile of HijackThis v1.97.2 Scan saved at 22:05:24, on 2/06/05 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE C:\WINDOWS\TASKMON.EXE C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE C:\PROGRAM FILES\VCOM\POWERDESK\PDDLGHLP.EXE C:\UTILITIES\TRAYMENU\TRAYMENU.EXE C:\PHONE\POP PEEPER\POPPEEPER.EXE C:\PROGRAM FILES\BELL\ACCESS MANAGER\APP\TANGOMANAGER.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE C:\UTILITIES\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: McAfee Privacy Service - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\PROGRAM FILES\MCAFEE\MCAFEE PRIVACY SERVICE\GDIEHELP.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Linkman - {5C9DCA26-CEC4-4280-A831-D622D4DBF113} - C:\PHONE\LINKMAN\LINKMANCOM.DLL O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [asustweakenable] C:\PROGRAM FILES\ASUS\TWEAKING UTILITIES\ATWEAK.EXE /start O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McUpdate.exe O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McAgent.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe" O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding O4 - Startup: reminder.Lnk = C:\Extras\Reminder\reminder.exe O4 - Startup: Dialog Helper.Lnk = C:\Program Files\VCOM\PowerDesk\pddlghlp.exe O4 - Startup: TrayMenu.Lnk = C:\Utilities\traymenu\TrayMenu.exe O4 - Startup: POP Peeper.Lnk = C:\Phone\POP Peeper\POPPeeper.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE10\EXCEL.EXE/3000 O8 - Extra context menu item: Download with GetRight - C:\Phone\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - C:\Phone\GetRight\GRbrowse.htm O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O9 - Extra button: Yahoo! Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: Privacy Bar (HKLM) O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/game...ts/y/jt0_x.cab O16 - DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} (LocalExec Control) - https://intranet2.flemingc.on.ca/nps.../LocalExec.CAB O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/26e309ea...p/RdxIE601.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...3/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...20/mcgdmgr.cab "Noel Paton" wrote in message ... MajBach posted the below privately The saga of a CWS infection - AND a 180Solutions one! - immediately makes me think that something is still infested. I'd use HiJackThis to see what else it comes up with - either post the log here, or to one of the specialist forums (they'd certainly be better if the system is still badly infested, or has some of the more insidious CWS cr$pware on it. Look here for instructions http://forum.aumha.org/viewtopic.php...a5284f8336c d |
#13
|
|||
|
|||
I see you have TweakUI installed -check the following points.....
Note - there are a few cautions with TweakUI:- 1) Do *not* change the first icon from "My Documents" on the Desktop tab 2) Do *not* uncheck: Search Results on the Desktop tab 3) Do *not* hide the Tweak UI icon on the Control Panel tab 4) Do *not* uncheck: Show Control Panel on Start Menu on the IE tab 5) Do *not* uncheck: Shell enhancements on the IE tab 6) To move "My Documents" folder, right-click on the Folder, and click Properties. .. HTH -- Noel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's "MajBach1" wrote in message .. . Thanks again, Noel, for staying with me on this. I did start a post yesterday to let you know what the latest was, but during my typing, the mouse froze several times - and then unpaused ( typing is buffered during this time but NO HDD activity , but on the fourth time, the pause lasted 20 minutes before I realize I had to hit the reset ( Ctrl -Alt -Del didn't work). Of course, I wasn't in the mood to retype. In a nutshell, there does seem to be a correlation between this symptom and being connected to the net. I have observed that I can have absolutely no throughput over the connection and still a pause can occur. I don't know if I mentioned it, but my Ethernet card is from the dark ages. Although my MxBoard has PCI, AGP and ISA slots, my modem, Ethernet and sound card are ISA. Today, I uninstalled the Ethernet and connection software and reinstalled them with USB drivers. I noticed a definite bandwidth loss and the symptoms persisted. I do want to figure this out but I think a reinstall is prudent nevertheless. 'Been 2002 since I have had to done this so there's probably loads of garbage. 'Couple of other quirky things I cannot figure out: There is a desktop icon for WMP 9 series that reappears after I delete in on every reboot. Also, my Search function loads but when I enter a string it wont search. I suspect that a recent upgrade to PowerDesk6 ( disk utility ) may have something to do with this. Fortunately, it's search function is almost identical and still functions. Keep the advice coming, Randy Logfile of HijackThis v1.97.2 Scan saved at 22:05:24, on 2/06/05 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE C:\WINDOWS\TASKMON.EXE C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE C:\PROGRAM FILES\VCOM\POWERDESK\PDDLGHLP.EXE C:\UTILITIES\TRAYMENU\TRAYMENU.EXE C:\PHONE\POP PEEPER\POPPEEPER.EXE C:\PROGRAM FILES\BELL\ACCESS MANAGER\APP\TANGOMANAGER.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE C:\UTILITIES\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: McAfee Privacy Service - {cc4b2ee5-4803-11d7-8a38-00b0d0c6b814} - C:\PROGRAM FILES\MCAFEE\MCAFEE PRIVACY SERVICE\GDIEHELP.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Linkman - {5C9DCA26-CEC4-4280-A831-D622D4DBF113} - C:\PHONE\LINKMAN\LINKMANCOM.DLL O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [asustweakenable] C:\PROGRAM FILES\ASUS\TWEAKING UTILITIES\ATWEAK.EXE /start O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McUpdate.exe O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McAgent.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe" O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding O4 - Startup: reminder.Lnk = C:\Extras\Reminder\reminder.exe O4 - Startup: Dialog Helper.Lnk = C:\Program Files\VCOM\PowerDesk\pddlghlp.exe O4 - Startup: TrayMenu.Lnk = C:\Utilities\traymenu\TrayMenu.exe O4 - Startup: POP Peeper.Lnk = C:\Phone\POP Peeper\POPPeeper.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE10\EXCEL.EXE/3000 O8 - Extra context menu item: Download with GetRight - C:\Phone\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - C:\Phone\GetRight\GRbrowse.htm O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O9 - Extra button: Yahoo! Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: Privacy Bar (HKLM) O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com.../c381/chat.cab O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/game...ts/y/jt0_x.cab O16 - DPF: {2B1AA38D-2D12-11D5-AAD0-00C04FA03D78} (LocalExec Control) - https://intranet2.flemingc.on.ca/nps.../LocalExec.CAB O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/26e309ea...p/RdxIE601.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...3/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...20/mcgdmgr.cab "Noel Paton" wrote in message ... MajBach posted the below privately The saga of a CWS infection - AND a 180Solutions one! - immediately makes me think that something is still infested. I'd use HiJackThis to see what else it comes up with - either post the log here, or to one of the specialist forums (they'd certainly be better if the system is still badly infested, or has some of the more insidious CWS cr$pware on it. Look here for instructions http://forum.aumha.org/viewtopic.php...a5284f8336c d |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Reinstalling WinME | Chuck Thomerson | General | 3 | January 30th 05 11:22 AM |
USB Mouse not working in WinME | Al | General | 4 | January 22nd 05 08:59 AM |
Disappearing Partitions (WinME) | Renta-Geek | General | 3 | December 13th 04 02:03 PM |
WinME can't read CD filesystem; DVDs are OK | Spam Averse | General | 0 | November 24th 04 02:20 PM |
WinME on 80GB hard drive? | Old Geezer | General | 11 | August 9th 04 07:51 PM |