 |  |  |  |  |  |  |  |
Having issues... fntldr.exe, WIN.INI BAH!!!
 |
Okay, simply put, I have no idea what I am doing here, and probably less business being here on this site. But, this is my issue: I am trying to update a free photo gallery page for my son and the damn thing keeps saying "this program has performed an illegal..." and closes it. It does take cookies, and I haven't changed those settings. Error message:
IEXPLORE caused an invalid page fault in
module MSHTML.DLL at 017f:70d64aed.
Registers:
EAX=00000000 CS=017f EIP=70d64aed EFLGS=00010246
EBX=00000000 SS=0187 ESP=0109fb04 EBP=0109fb28
ECX=029b09c0 DS=0187 ESI=029b09c0 FS=1b4f
EDX=029b09c0 ES=0187 EDI=029b6c34 GS=0000
Bytes at CS:EIP:
8b 08 8d 55 fc 52 68 a0 fd c4 70 50 ff 11 8b d8
Stack dump:
01917084 0109fb8c fffffff8 00000000 00000000 00000000 00000000 029b6c34 00000000 0109fb54 70d64c3a 0297ff00 800113be 00470ffc 0109fb8c 0109fb84
Which I obviously have NO idea what that means.
Also, when I go to restart, I get this error message, "could not load or run 'fntldr.exe' specified in the WIN.INI file. Make sure the file exists on your computer or remove the reference to it in the WIN.INI file.
Please, someone take pity on this idiot (meaning, well, me)
TIA
IEXPLORE caused an invalid page fault in
module MSHTML.DLL at 017f:70d64aed.
Registers:
EAX=00000000 CS=017f EIP=70d64aed EFLGS=00010246
EBX=00000000 SS=0187 ESP=0109fb04 EBP=0109fb28
ECX=029b09c0 DS=0187 ESI=029b09c0 FS=1b4f
EDX=029b09c0 ES=0187 EDI=029b6c34 GS=0000
Bytes at CS:EIP:
8b 08 8d 55 fc 52 68 a0 fd c4 70 50 ff 11 8b d8
Stack dump:
01917084 0109fb8c fffffff8 00000000 00000000 00000000 00000000 029b6c34 00000000 0109fb54 70d64c3a 0297ff00 800113be 00470ffc 0109fb8c 0109fb84
Which I obviously have NO idea what that means.
Also, when I go to restart, I get this error message, "could not load or run 'fntldr.exe' specified in the WIN.INI file. Make sure the file exists on your computer or remove the reference to it in the WIN.INI file.
Please, someone take pity on this idiot (meaning, well, me)
TIA
•
•
•
•
Originally Posted by andreandjason
Okay, simply put, I have no idea what I am doing here, and probably less business being here on this site. But, this is my issue: I am trying to update a free photo gallery page for my son and the damn thing keeps saying "this program has performed an illegal..." and closes it. It does take cookies, and I haven't changed those settings. Error message:
IEXPLORE caused an invalid page fault in
module MSHTML.DLL at 017f:70d64aed.
Registers:
EAX=00000000 CS=017f EIP=70d64aed EFLGS=00010246
EBX=00000000 SS=0187 ESP=0109fb04 EBP=0109fb28
ECX=029b09c0 DS=0187 ESI=029b09c0 FS=1b4f
EDX=029b09c0 ES=0187 EDI=029b6c34 GS=0000
Bytes at CS:EIP:
8b 08 8d 55 fc 52 68 a0 fd c4 70 50 ff 11 8b d8
Stack dump:
01917084 0109fb8c fffffff8 00000000 00000000 00000000 00000000 029b6c34 00000000 0109fb54 70d64c3a 0297ff00 800113be 00470ffc 0109fb8c 0109fb84
Which I obviously have NO idea what that means.
Also, when I go to restart, I get this error message, "could not load or run 'fntldr.exe' specified in the WIN.INI file. Make sure the file exists on your computer or remove the reference to it in the WIN.INI file.
Please, someone take pity on this idiot (meaning, well, me)
TIA
peace
•
•
Join Date: Aug 2003
Posts: 9,587
Reputation: 
Solved Threads: 494
You have a browser hijack causing you some problems ,the 'fntldr.exe' is a coolwebsearch parasite variant. I would like to help you with it but still learning how!!go here for a program to remove it from your system .
http://mjc1.com/mirror/hjt/
Don't remove anything with this program with out help from the people in the fourm.
http://tomcoyote.org/forums/
http://mjc1.com/mirror/hjt/
Don't remove anything with this program with out help from the people in the fourm.
http://tomcoyote.org/forums/
•
•
Join Date: Oct 2003
Posts: 73
Reputation:
Solved Threads: 1
Junior Poster in Training
Please Download hijackthis from
http://www.merijn.org/files/hijackthis.zip
Unzip, doubleclick HijackThis.exe, and hit "Scan".
After the scan has finished the "scan" button will turn into a "save log" button
save the log file and paste it here
Do not delete anything yet, as most things hijackthis finds are harmless and needed.
steam
http://www.merijn.org/files/hijackthis.zip
Unzip, doubleclick HijackThis.exe, and hit "Scan".
After the scan has finished the "scan" button will turn into a "save log" button
save the log file and paste it here
Do not delete anything yet, as most things hijackthis finds are harmless and needed.
steam
•
•
Join Date: Aug 2003
Posts: 9,587
Reputation:
Solved Threads: 494
Steamwiz ,I'm Just trying to lighten you load by posting the hijack fourm link,as it seems you are the only one here who knows how to read the hijack log.
Linux boot cd http://www.knopper.net/knoppix/index-en.html
•
•
Join Date: Oct 2003
Posts: 73
Reputation:
Solved Threads: 1
Junior Poster in Training
Hi caperjack
That's ok...I analyse logs on several forums
But if I didn't have the time to look at them here I wouldn't ask for them.
In future you could copy and paste my request for a log in any posts here where you think it may help......or refer them to another forum.
It's your shout....I don't mind either way
steam
That's ok...I analyse logs on several forums
But if I didn't have the time to look at them here I wouldn't ask for them.
In future you could copy and paste my request for a log in any posts here where you think it may help......or refer them to another forum.
It's your shout....I don't mind either way
steam
•
•
Join Date: Oct 2003
Posts: 73
Reputation:
Solved Threads: 1
Junior Poster in Training
No problem
We both come here to help
steam
We both come here to help
steam
Yes it's a virus hangover. I know because I had it too and your message was one I read when looking for a soln. Well I have the answer now:
You have just experienced this virus - Symantec Security Response - Adware.SearchCounter which will have modified your computer in oh 30 or so different ways http://search.symantec.com/custom/us/query.html (pleasant!)
If you have Norton it may well clear it all up in one go. If you don't and do not fancy cleaning up all this mess yourself go to download.com (so you know the copies are not themselves hacked) and get the programs ad-aware and spybot. Run ad-aware first. It will clear up the mess in your registry but miss something called a hosts redirect - the main sign of which will be that when you type something into the internet explorer address bar that is not recognised the autosearch function will have been hijacked and you will be taken to the website of the hacker's choice. Now run Spybot which will spot and repair this "hosts redirect" for you. ...29 down and one to go.
Finally edit the win.ini file in your windows directory to prune out fntldr.exe from the run= line. You can use the notepad to do this. ..You may have other things there you want to keep. Track the files down in windows explorer to right click them, look at the version details and find out who made them. Make a note of the original line and think about trial removal of any you were not expecting. You can always edit them back in if they were required after all.
Oh - and public thanks to the moron who wrote this adware in the first place! They are real scumbags. :evil:
You have just experienced this virus - Symantec Security Response - Adware.SearchCounter which will have modified your computer in oh 30 or so different ways http://search.symantec.com/custom/us/query.html (pleasant!)
If you have Norton it may well clear it all up in one go. If you don't and do not fancy cleaning up all this mess yourself go to download.com (so you know the copies are not themselves hacked) and get the programs ad-aware and spybot. Run ad-aware first. It will clear up the mess in your registry but miss something called a hosts redirect - the main sign of which will be that when you type something into the internet explorer address bar that is not recognised the autosearch function will have been hijacked and you will be taken to the website of the hacker's choice. Now run Spybot which will spot and repair this "hosts redirect" for you. ...29 down and one to go.
Finally edit the win.ini file in your windows directory to prune out fntldr.exe from the run= line. You can use the notepad to do this. ..You may have other things there you want to keep. Track the files down in windows explorer to right click them, look at the version details and find out who made them. Make a note of the original line and think about trial removal of any you were not expecting. You can always edit them back in if they were required after all.
Oh - and public thanks to the moron who wrote this adware in the first place! They are real scumbags. :evil:
|
Similar Threads
- Major Issues (Viruses, Spyware and other Nasties)
Other Threads in the Windows 95 / 98 / Me Forum
- Previous Thread: Display Problems
- Next Thread: Upgrade
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Windows 95 / 98 / Me Posts
- Today's Posts
- Unanswered Threads
