Posts by dlh6213

It came with Windows XP pre-installed so I have no discs and the warranty is up.

Are you sure it didn't come with a Recovery CD, Restore CD, or anything? If not, you're going to have to purchase another copy of XP, unless you can get the drive working long enough to copy it.

Check this thread for dual-booting:
http://www.daniweb.com/techtalkforums/thread11350.html

One good partitioning program is PartitionMagic.

There have been several questions and requests here regarding dual-booting. While there are many explanations on the web on how to do this, I have not found any that were fully clear and complete, so I created my own, which are attached here.

If you use these, and find any problems (something not clear enough, screen didn't come up as stated, typo's, whatever), please PM or email me so I can correct it (and let me know which one you were using!).

By the way, if you only wish to install one OS, these instructions should work for you as well, just use the part for your particular OS.

Gonna have to get a 'good' copy of Windows. In the meantime, guess you'll have to learn how to use hijackthis yourself (http://www.bleepingcomputer.com/forums/index.php?showtutorial=42)

Did we do away with the reputation points? I don't see the icon anywhere anymore. :confused:

You are missing a lot of critical updates to your system, you should use Windows Update to get them. Before upgrading to SP2, you should have a look at this thread:
http://www.daniweb.com/techtalkforums/thread10031.html

Someone should be along shortly to review you log.

Is your BIOS set to boot from CD? If it is, then I don't have any other ideas; unless someone else here has a suggestion, sounds like time to backup, format, and reinstall.

Before you post a new log, have hjt fix these entries:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 64.136.29.30;64.136.21.30;64.136.29.34;searchap.untd.com;127.0.0.1;localhost; *windowsupdate.microsoft.com;*windowsupdate.com;*wustat.windows.com; *profiles.yahoo.com;*.pogo.com;*test-speed.com;<local>

O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\SYSTEM\7OSOSG~1.DLL

O4 - HKCU\..\Run: [romahere2] C:\WINDOWS\SYSTEM\X5S9IMYIOYF3HN.EXE

Reboot into Safe Mode, go to the folder C:\WINDOWS\SYSTEM and delete this file:
X5S9IMYIOYF3HN.EXE

Reboot normally, scan with hjt, and now post a new log. :)
(Thank crunchie for this last bit, and thanks to Catweazle for editing the link in the original post.)

First, try these free online scans (set them to fix whatever they find):
http://housecall.trendmicro.com/
http://www.pandasoftware.com/activescan/com/activescan_principal.htm

Also, download CWShredder and run it. Select the fix button & it will fix everything related to CoolWebSearch that is stored in it's database. Close ALL windows before running CWShredder.
http://www.softpedia.com/progDownload/x-Download-8114.html

Reboot, scan with hjt and post a new log.

You should update hijackthis using either the Update feature within it, or from here:
http://www.softpedia.com/progDownload/x-Download-5034.html

In addition to the above recommendations:

Empty all temporary folders for all users.

Close all windows and scan with hjt; have it fix the following entries:
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cus...://my.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
O2 - BHO: (no name) - SOFTWARE - (no file)
O3 - Toolbar: (no name) - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - (no file)
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZCxdm327

Reboot into Safe Mode and go to C:\Program Files;
Delete the MyWebSearch folder.

Reboot normally. If you haven't done so already, install and run Ad-Aware and SpyBot.
Close all window, scan with hjt, and post a new log.

(That's weird, I thought I already replied to this. Well, here goes again, lol)
Hi Laura and welcome to DaniWeb! The first thing you should do is have a look at this thread:
http://www.daniweb.com/techtalkforums/thread5690.html
and follow the suggestions there. If you're still having problems after that, post a hjt log (explained in the thread) along with details about the remaing problems.

Good luck!

Did you boot into Safe Mode to delete this folder and file?
C:\PROGRAM FILES\WEB_REBATES-folder
C:\WINDOWS\SYSTEM\LJPBMZEJ.EXE-file
They're still showing in your log.

You should use the link in crunchie's signature to download spywareblater, it will help prevent reinfections (don't forget to update it).

Hi Laura, and welcome to DaniWeb!

The first thing you should do is check out this thread:
http://www.daniweb.com/techtalkforums/thread5690.html

If you're still having trouble after that, post a hijackthis log (explained in the thread) in the Security forum along with details about whatever problems you're still having.

Good luck!

Here's a link for hijackthis:
http://www.softpedia.com/progDownload/x-Download-5034.html

"...I need to be able to get to my email and other websites in a hurry for work..."

You may need to find an alternate means of doing this as fixing your problem may take a few days.

Also, you shouldn't run hjt from your desktop, it should be in it's own permanent folder (like c:\hjt\hijackthis.exe).

You should also use Windows Update to get all the Critical Updates to help prevent future problems.

Just to get your log cleaned up a bit so it's easier to read, close all windows and scan with hjt.

Have it fix all items ending with (file missing)
And these:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
O8 - Extra context menu item: Web Savings - file://C:\Program Files\WebSavingsfromEbates\System\Temp\ebateswebsavings_script0.htm
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softw...006_regular.cab

Scan again and post a new log. I believe you will need to run aboutbuster to finish cleaning this up, but someone else will have to guide you through it.

Have you looked at this thread yet?
http://www.daniweb.com/techtalkforums/thread7507.html

You have a virus; go to this thread and follow the instructions:
http://www.daniweb.com/techtalkforums/thread7370.html

If you have any more trouble with this issue, post your HJT in the Security Forum.

Do you have a Windows 98 CD and a startup disk?

If so, go to this thread:
http://www.daniweb.com/techtalkforums/thread10966.html
In the 3rd post down, you will find an attachment; it's for a dual-boot installation, but the first part will give you all the instructions you need to install Win98.

There are a couple of thing you can do to help prevent infections.

The first thing would be a hardware firewall, Norton Internet Security is good, but with DSL, a hardware firewall really is recommended.

The next thing would be to install something that blocks pests from getting into your system should they get past the firwalls. Something like SpywareBlaster which can be downloaded from here:
http://www.javacoolsoftware.com/spywareblaster.html
Remember to keep it updated!

I agree with qt, if you formatted your drive, the first thing you should do after installing the OS is to install the motherboard drivers, and then any additional drivers. Device Manager may not show any errors because it could be using generic drivers, not necessarily the ones best suited to your hardware.

If you can boot into Safe Mode, try a System Restore first; if that doesn't work, try to do an In-place Upgrade:
http://support.microsoft.com/defaul...kb;en-us;315341

I would probably vote for Dani if she were running.

Who's philips?

Bush will probably win.

To help keep your system safe, look in crunchies signature for "How you got infected" and install Spywareblaster (don't forget to update it).

Here's another way to get into Safe Mode:
Close all open programs.
Click Start, and then click Run. The Run dialog box appears.
Type msconfig and then click OK.
The System Configuration Utility appears, check the "/SAFEBOOT" option, and then click OK.
You then see the prompt to restart the computer. Click Restart.
The computer will then restart in Safe Mode. Another box will open asking if you want to run in Safe Mode, click Yes.

You're a doll!

:o

How's the reinstall coming?

We broke a record this morning:

Most users ever online was 392, Today at 06:29 AM.

09/21/04

I ran across this thread where they're discussing different Operating Systems (mostly Win2K & WinXP) and thought you might want to have a look when you get some free time:
http://www.daniweb.com/techtalkforums/thread11050.html

Since none of the pros are here right now, I'll get you started, but there will be more to fix later.

Close all windows and scan with hijackthis. Have it fix the following entries:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus10.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus10.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus10.hpwis.com/
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

Reboot, scan again and post a new log.

First, hijackthis should be in it's own permanent folder -- not a temporary folder -- so it can save backups (in case something needs to be restored).
QUOTE]
:o Oops, should have included this before: HJT should be in a folder like c:\hjt\hijackthis.exe

I'm a bit confused -- are you using Netscape or Internet Explorer?

To get access to the ActiveX controls in Internet Explorer, Open IE, click on Tools, click on Internet Options, click on the Security tab, click on the Custom Level Button near the bottom. Scroll down a bit to ActiveX controls and plug-ins; here you will have several options. If you Enable all the options, you are leaving your system open to infections.

Here is how I have my settings:
Download signed ActiveX controls -- Prompt
Download unsigned ActiveX controls -- Disable
Initialize and script ActiveX controls not marked as safe -- Disable
Run ActiveX controls and plug-ins -- Enable
Script ActiveX controls marked safe for scripting -- Enable

The more of these you have Disabled, the safer you system is, but there will be sites that you can't access. Prompting is the next best thing, but constantly clicking OK can be tedious and usually you don't know whether it should be allowed or not. The described combination works best for me, but not be best for you -- it is just shown as a reference.

Hope this helps.

Hey Dreamy, welcome to DaniWeb!

There are things in your hjt log that need to be fixed, but before doing that there are a couple of things you should do.

First, hijackthis should be in it's own permanent folder -- not a temporary folder -- so it can save backups (in case something needs to be restored).

Next, you need to update it using either the Update feature within it or from here:
http://www.softpedia.com/progDownload/x-Download-5034.html

Then, go to C:\documents and settings, for each user on this computer, go to local settings\temp and delete the contents.

Now, close all windows, scan with the updated hjt (from the new folder), and post a new log.

My collie pup has developed a real liking to the cat6 and the phone cords!

Can't you run your cables through the attic, or under the house, or at least under carpets to keep puppy from chewing them up?

If using dial-up, you can probably get the Windows Updates without worrying as much about being infected. Granted it will take longer, but as long as you have an antivirus program installed, you should be okay.

In your second post you said you had DSL, in this last one you mentioned dial-up, which do you have?

Thks again DLH, printing out the instructions from your attachment and will follow them. will also dl spyblaster, adware se, spybot...what are the advantages to win 2000 over win 98 se? Is it worth the upgrade you think?

Yeah, I couldn't afford the upgrade to xp on both computers...i hear most software companies are doing this now too...like if you purchase and dl a program, you can only use the key on that one computer. i wonder if trojanhunter is like this too. thks again cheryl

Ummm, it's actually SpywareBlaster, not spyblaster -- that was probably just a typo, but just to make sure...

Basically, Windows 2000 is more reliable and stable then Windows9x. It also has many features that the 9x series does not. Here are a couple of links you can check out:
http://www.microsoft.com/windowsxp/pro/evaluation/whyupgrade/featurecomp.mspx
http://www.eng.uwaterloo.ca/~erick/nexus/why.htm
You can find the system requirements for Win2K here:
http://www.microsoft.com/windows2000/professional/howtobuy/upgrading/default.asp

In addition, Microsoft is planning to end support for Windows 98, which means no more updates.

One bad thing is Windows 2000 isn't as good for a lot of games that work with Win9x, but I doubt this is an issue for you.

Is it worth the upgrade? That'll have to be your decision :).

Sounds like you two need a UPS -- Uninterruptible Power Supply -- like a battery backup for you computer that also has a surge suppressor.

IDE is your hard drive (don't ask me what it stands for, I don't remember!) It should be set for Auto Detect.

I'm attaching a document here -- it is for dual booting, but you only need to follow the first part in order to install Win98 (you should go ahead and follow the instructions to make 2 partitions though).

After you get Windows and your antivirus all set up, check out this thread and look for SpywareBlaster and install it, this will help prevent reinfection (help prevent, not stop!):
http://www.daniweb.com/techtalkforums/thread5690.html

I like Window98 too; the only thing I don't like about XP is it's price and the fact that you can only put it on one computer. Windows 2000 is a good compromise, more stable then 98, less expensive then XP and can be put on more then one computer.

Okay, well it won't let me attach it because I've already attached it in another thread. Look for the attachment in the 3rd post to this thread:
http://www.daniweb.com/techtalkforums/thread10966.html

This appears to be a 'false positive' Your antivirus is seeing this as an infection, but really it's not. Check this thread at CastleCops:
http://computercops.biz/postt45950.html

First of all I'm curious, where did you find a new computer with Windows 98?

Before you fdisk and format, make sure you back up any data on there that she want to keep. If it's new, there probably isn't much.

You will want to set your hard drives to Auto Detect as well, not just the CD.

Since she's using DSL, I would recommend getting a hardware firewall before going online to update Windows (which should be your first step after all the drivers are installed). Otherwise she most likely will be reinfested before she can get updated. I've been through that with a Window 2000 install and it's pretty frustrating.

Hope this helps some.

Oh, and I doubt very much if the hard drive is full, there must be some pest causing that message to come up.

Well, it's looking better but that's about all I can help with, it's up to one of the pro's now. :)

Is this a recent problem or has it been this way since you've had Norton Security? You definitely have problems shown in your hjt that need to be addressed, but the problem with Norton could just be configuration. Check this link to see if it helps:
http://service1.symantec.com/SUPPORT/nip.nsf/429934053165308488256d8e0076af48/0b00821f98643c5088256df2005e8fb4?OpenDocument&prod=Norton%20Internet%20Security&ver=2004%20for%20Windows%2098/Me/2000/XP&src=sg&pcode=nis&svy=&csm=no

An hjt expert should be along sometime to review your log. In the meantime, check out the sticky thread near the top of this forum about Helping Yourself; try running ad-aware, spybot and such.

I just ran it in Safe mode and it worked as advertised. Thanks.

Good. After all your other problems get fixed, it should run from normal mode.

One of the experts will need to help you with a lot of the stuff you have there, but I can help you get started so they will have less to deal with.

First, hijackthis should not be run from your desktop, it should be in it's own permanent folder (like c:\hjt\hijackthis.exe).

After you get hjt in a permanent folder, close all windows, scan, and have it fix the following entries (if they are still there):
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O4 - HKLM\..\Run: [WebRebates0] "C:\PROGRAM FILES\WEB_REBATES\WebRebates0.exe"
O8 - Extra context menu item: Web Rebates - file://C:\PROGRAM FILES\WEB_REBATES\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/...&c=2c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/...&c=2c00&LC=0409 (file missing)
O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/...&c=2c00&LC=0409 (file missing)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - http://search.presario.net/scripts/...&c=2c00&LC=0409 (file …

I have no idea why this is happening, but try running it in Safe Mode and see if it works.

Some information from Symantec (Norton) regarding SP2:
http://www.symantec.com/techsupp/sp2/faq.html#4

This may help, it says free online support:
http://www.symantec.com/techsupp/support_options.html

May be the same issue several others are having:
http://www.daniweb.com/techtalkforums/thread11089.html

See this thread:
http://www.daniweb.com/techtalkforums/thread11089.html

There have been quite a few posts over the last several days regarding access to Hotmail, so I'm pretty sure it's 'their' problem and not much you can do about it but wait. I've heard they're planning some big upgrade this fall, so they're probably adding servers and stuff.