Posts by DMR

Ok folks-

<end rant>, and end it now- civility is key here. Let's stick to our job of solving problems and put the egos aside please.

If the personal attacks and jousting continue, this thread will be closed.

hi
don't use windows xp, and don't use IE 6 and go to www.symantec.com and download the removal tools for the blaster worm and the sasser worm and tell the person who is using the pc to not download anything from the internet and not to be visiting bad websites!

David, not to offend, but:

-Many people don't have time to overcome the curve involved in learning a new OS; if they're used to Windows, they will want to continue using Windows.

-I certainly agree about not using IE, and recommend that to my clients as well. Unfortunately, for the reason I gave above, most will continue using IE. The best thing to do in that case is to make sure that you keep absolutely current on MS security patched and updates.

-You do not have to download anything or visit "bad websites" to get with some of this stuff; the problem of "malware" has become much more widespread than that.

omg, thank you so much!!

I'm assuming that means you're set now-

Marking this one as solved.

*** To any members having a similar issue: please start your own thread and post your question there as opposed to "tagging on" to this thread.

Thanks. :)

As YzK said, download and run HijackThis and post the log file it generates. That will allow us to see exactly what "guests" you've still got in your system.

Also, Ad Aware, SpyBot, and the like will usually nail 99% of the "malware" programs, but only if you keep them very up to date!!! Use the "check for new updates" functions of utilities often; updates are sometimes released within days of each other. Just like your anti-virus program, these utilites are useless if you don't keep them current.

It depends- what browser (including version) do you use?

Moved to the new Security forum, as this is a spyware/malware issue. :)

The sasser worm is quite recent. If Norton wasn't updated regularly, the virus signature files wouldn't have identified it.

Yup; new sasser detection/removal tools were posted just two days ago.

If it is one of the recent virii, download and run McAfee's Stinger utility. It will deal with both the Sasser and MSBlaster worms. After that, definitely make sure that your anti-virus program is set to auto-update itself; even being a week or two out of date on your virus definitions can put you at risk.

OK, here's more info on the original error:

http://www.google.com/search?hl=en&lr=lang_en&ie=UTF-8&oe=UTF-8&q=%22IRQL_NOT_LESS_OR_EQUAL%22+NTOSKRNL.EXE&btnG=Search

You might have a hardware or driver problem; check Microsoft's Hardware Compatibility List (and search the web) to see if there are any known issues with your particular motherboard and system components.

As for the new drive, you might want to find a way to wipe the thing entirely; it sounds like problems are just getting compounded here. Since the CD-ROM approach doesn't seem to be getting you anywhere, a Win boot disk with the fdisk program on it, or putting the drive in another computer, are a couple of possibilities.

Yay, I downloaded a new driver and everything is good again. Thanks so much for the help Caperjack, and DMR. I really appreciate it.

Glad we could help you get it sorted- after all, that's why we're here. :mrgreen:

Hmm, it sounds like it's using the ATI driver, but you might try a driver update/reinstall anyway; it could have gotten corrupted somehow. Go to ATI's site and download whatever is the most current Win 98 driver package for your card.

Are there any other steps I need to take after this to help restore the color and size?

Sounds like something might have forced your card into using a generic VGA driver. Under your video card's properties in Device Manager, check to see which driver the card is currently using. If it's set to use a generic VGA/SVGA driver, either locate/reinstall the ATI driver for your card or download it from ATI's driver site.

Please post the exact and complete text of the error message; we need that information to make an accurate assesment.

If the error related to lsass.exe crashing, you almost certainly have a variant of the sasser worm. See this article for more information and a link to the removal utility.

BTW- I see that this is your first post. Welcome! :)

If you mean the "NTLDR missing" error, that can happen for a few reasons.

1. Sometimes the install just glitches, and a second try will work.

2. The drive's IDE cable isn't seated properly, or the Master/Slave jumpers on the drive are set incorrectly.

3. Your drive's geometry is incorrectly interpreted by the BIOS.

4. Your boot.ini file is misconfigured. Assuming a single partition on the Primary Master drive, the relevent boot.ini entries should be similar to:

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect

Note the "multi", "disk", "rdisk", and "partition" values; they should be as given above. If they aren't, you'll have to boot from a floppy or the install CD and edit the file.

5. The NTLDR and/or NTDETECT.COM file is corrupt. You can try to fix this by booting into the rescue console from the CD. Locate the two file on the CD and copy them both to the root directory of your drive and reboot.

There could be a number of reasons for that particular stop error. Look through the links from the following Google search, epecially the first link (from microsoft):

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=windows+%22STOP%3A+0X0000000A%22&btnG=Google+Search

The "&gt" tag is the HTML code for the ">" symbol. In email replies or forwards, it is common for each line of the original text to be prefixed with > to differentiate it from any text you add to the message before you reply/forward. Further replies/forwards will append further ">" symbols in a nested fashion.

Just a guess (I don't use Hotmail), but one reason you might be experiencing this now (when you weren't before) is that you switched your preferences from composing emails in HTML format to composing them in text format.

lol. Note to self: "Do not post until at least one full pot of coffee is circulating in body."

:mrgreen:

Ceilidh,

Can't figure out why it doesn't recognize the whole 200 unless it was the fact that I had to FDISK the big drive to even get it to boot.

That's probably where you got stuck with the 137G. What version of fdisk did you use? Most versions floating around out there have problems with disks over 64G. This article sheds a little light.

Smileys? What smileys, Christian? :cheesy:

(I fixed it for you)

It's the combination of the ":" and ")" characters; they get parsed into the :) smiley. Try ":" and "D"; they'll turn into :D

On the reply page there's an option check-box below the text entry box where you can disable smileys on a per-post basis.

Sorry, erased this and trying to figure out how to start a nw thread for my question.

Thank you, Majestic- much appreciated.

:)

Much information on svchost, the legit Windows programs that use it, viewing the programs that are using it, and how it can be compromised by a virus or other hack, can be found here:

http://ask-leo.com/archives/000105.html

:)

Thew need to be some way to locking the old threads once the problem is solved . to stop the piggiebacking

There definitely is- the mods have the ability to lock threads, but the problem is that quite often the original poster's question hasn't even been answered/solved before the piggybacking happens. We don't want to lock a thread at that point because in doing so we'd also be locking the original poster out of a solution.

Don't worry though, we now have The Sacred Wet Trout:

[img]http://www.stevewolfonline.com/Downloads/DMR/Visuals/fishwhack.gif[/img]

A couple of TroutSlaps, and even the most reticent members will fall in line...

:D:D:D

Do u think that a reinstallation might be good. I talked to the company that I got the computer from and they said that I may have to reinstall:sad: but I dont want to. Is there any last hope type thing I could do to try to fix this problem without having to reinstall or do a system restore?

A reinstall should always be your last resort- if you haven't done this already, run SpyBot again and let it fix the problems it finds. Many of the spyware removal programs will make changes to your registry, because the programs they're designed to remove altered your registry in the fist place. SpyBot does flag some things that aren't necessarilly threats (only questionable objects), but I've never had it remove something it shouldn't, and I have used it a lot.

Hey folks.

Please- Do not post your questions in someone else's pre-existing thread.

It becomes too confusing to keep track of which answers relate to which question. It also creates a lot of work for the moderators, as we have to weed through these "piggybacked" threads and untangle the mess by splitting out the piggybacked questions (and their answers) into separate threads.

Dani (the site Admin) has outlined our policy in the posting guidelines in the "Announcement" thread at the top of each forum. Please read those guidelines if haven't already:

"Every question or new thought should have its own thread. Replies to a previous post should be thread replies to that particular thread. Do not piggyback threads by posting your question as a reply to another question."

robinrofkar,

Please delete your post here and start your own thread.

Thanks

Please, ICEMAN_FIRE- I've already asked that you not piggyback your questions onto this or other pre-existing threads. We would really appreciate it if you would honor our posting policies; it just helps everybody out- posters and those responding alike.

As I asked earlier, post any further questions in the thread I set up for you, not here. The answer to origins and function of the bridge.dll file have been addressed in other threads, but I'll post the answer in your other thread ASAP (might take a bit though; it's been a busy here today, and it's getting well toward dinner time in my end of the world).

Thanks again,

- Dave

No problem, you're a new member; I'm sure it was just a case of not being familiar with our guidelines. :)

As far as what to do next goes, try to patient. Our members are pretty attentive, but we've all got real-life things like work or school to take care of. I'm sure you'll get some responses (in the new thread I created for you) shortly.

Moved to the (brand spankin' new) Security forum, as that is where we're now concentrating security/spyware/adware/etc.-related threads.

:)

ICEMAN_FIRE (and others),

Please do not "piggyback" your questions onto this thread- start a new, separate thread of your own.

While your problem may be similar (or even identical) to the original poster's question, it becomes very difficult to keep track of which answers relate to which question otherwise.

Thanks for understanding. :)

ICEMAN_FIRE,

If you haven't gotten my message yet, I've split your question (and the answers it received) into their own thread, located here; please follow up with your troubleshoot in that thread.

A system restore might work, but than again it might not.

Sorry for the short and cryptic response, but I'm just on my way out the door to make meeting with a client; I'll try to get back to this as soon as I can.

In terms of svchost, you can think of it as program/service "launcher", much like run32.dll. An explanation is here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;250320

It's often normal to see multipe instances of svchost running for the reason given above, but malware programs can be launched by svchost as well, so I'd go ahead with SpyBot and see what happens from there.

Many of the malware programs do make registry modifications, and the removal utilities (including SpyBot) will detect those- that's part of their job. I've never had a problem with SpyBot or Ad Aware deleting something they shouldn't, but if you're unsure about deleting any entries those programs found, let us know and we can you if they're safe to delete or not.

I have an error myself. When I try to open my Windows Media Player..A window pops up saying "killah has caused an error in KERNEL.32.DLL" how can I get rid of this error?

A) While your problem might be related to spyware or the like, your specific error isn't directly related to this thread. You should delete your post here and start a separate thread, giving more information abvout the problem (when did it start, what changes you might have made just prior to the problems' occurrence, etc.). One of the Moderators has posted a notice concerning the "piggybacking" of one problem into/onto a pre-existing thread, and it makes sense:

please! if you have your own problem start your OWN thread about it.

i dont like having to split threads and whatnot, plus its hard for us to deal with two problems in the same thread.

Thanks

B) Download and run the spyware/adware removal tools mentioned in this and many other of our recent threads.

Um, psst!:

http://support.microsoft.com/default.aspx?scid=kb;en-us;324103

;)

RUNDLL32 caused an invalid page fault in
module FX20.CPY.DLL at 0167:10016bf3.

You've still got a piece of spyware stuck in your teeth... :cheesy:

The xxxx.cpy.dll is a spyware component responsible for "phoning home" to download ads when you log on to the Net. The filename itself is randomly generated, but it will always have cpy.dll as part of the name. Basically, you need to find and delete any xxxx.cpl.dll and related files; there'sa good walkthough of the removal process in this link:

http://www.computing.net/security/wwwboard/forum/11144.html

How does getting rid of ads and spyware affect my procesor?
Does spyware run in the background or something?

Yes, that's the whole idea of malware programs. Depending on the particular program, it might also be generating network/Interent traffic that you aren't even aware of.

How much memory do you have in your system? If you've got 256 or more and you're still experiencing slowdowns, I would seriously check your system for spyware/malware.

OK- I'll bet you've probably picked up a bunch of spyware/malware, and that's what is clogging up your system. Download, install, and run the following (free) malware removal tools:

Ad Aware: www.lavasoftusa.com
SpyBot Search & Destroy: http://www.safer-networking.org/
SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
HijackThis: http://www.spywareinfo.com/~merijn/downloads.html

I would suggest running Ad Aware and SpyBot together; run one of them, reboot to make sure the fixes take effect, and then immediately run the other. Close all unnecessary program before doing the runs.

Also, you should use Window's Automatic Update function to install the latest security patches and bug fixes for the operating system, Internet Explorer, and Media Player- Microsoft has recently posted some new updates which, among other things, can help make your system more immune to the effects of malicious programs like spyware/adware/malware.

You're welcome :)

Yeah, it sounds as though you might have something flaky on the mobo- try a replacement, before the warranty runs out :sad:

Sometimes weird toolbars come up but I get rid of those programs.

It certainly sounds like a spyware/malware issue- exactly how are you removing the offending programs, toolbars, etc.? There have been a number of posts here in the last few days which deal with effectively getting rid of malware- take a look through those for solutions.

What is the Windows switcher power toys?

Fast user switching- this Google search will give you info on that:

http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=windows+%22power+toy%22+%22fast+user+switching%22&btnG=Google+Search

In Task Manager, look in the "processes" tab and see if you can determine which process is chewing up your resources.

Does this happen randomly, or does it seem (think carefully) to be related to running a certain program or performing a certain task?
Close down any programs you don't need and disable items in your system tray (anti-virus, etc.). If that cures the problem, restart the applications you closed one at a time to see if you can pinpoint the culprit.

Do you get a POST beep code? If so, what is it? The particular code can point you toward the culprit.

If you haven't done so already:

- Triple-check all of your connections/cables, jumper settings, card seating, etc.

- Remove all non-essential hardware, leaving only the hard drive, floppy, video card, and 1 stick of RAM. Does it boot?

- If not, swap the RAM with another stick and try again.

- If it does boot, reinstall the removed components one at a time, booting the machine after each piece is installed. That way you might be able to determine which component is bringing the system down.

- If none of that works, remove AC power form the system and pull the CMOS battery. Keep the battery removed from the system for 15-30 minutes to allow any residual charge to dissipate. Reinstall the battery and see if she boots.

- Reset the motherboard. The motherboard usually has a jumper to perform this function; check your documentation.

As others have alluded to, you have spyware/adware/malware on your system. One of those components is almost certainly responsible for the pop-ups. Anti-virus programs don't detect these intruders, so you'll need to install utilities specifically designed for the job.

Ad Aware and SpyBot Search and Destroy are two excellent utilities for detecting and removing these types of offensive programs. Both are free to download and very easy to use. I highly suggest installing both programs and running them consecutively; one program will often catch something that the other missed.

Linkage:

Ad Aware: http://www.lavasoftusa.com/

SpyBot S&D: http://www.safer-networking.org/index.php

I tried typing in that address (192.168.0.1) and i got a login and password thing. Since its my network i thought that i could just hit OK and id get in but it says i need to put in a login and password.

When you type in the router's address, you're accessing the router's internal Web-based setup program. The user/password dialog is a login message from the router itself; it is not a login prompt from your Windows network.

Different makes of routers have different default user/password combinations, which you will find in the router's manual. Linksys, for example, often uses a blank username and a default password of "admin".

Have you done any low-level troubleshooting on this? For example, after going through the network setup, have you verified that you can at least ping between machines using their IP address and hostname? Have you tried viewing and/or mounting network shares from the command line using the "net view" and "net use" commands?

Considering the fact that NICs are very cheap, I'd definitely try that next (especially since you say the problem is getting worse over time). Since you seem to have ruled out all other hardware, the NIC is about all that's left. With everything else you say you've done, if the problem still occurs with a new NIC, you're almost certainly looking at a software prblem/conflict.

Running the fsck command is pretty straightforward; you can run it on one partition/filesystem at a time, or have fsck automatically walk its way through all filesystems listed in /etc/fstab. The latter should happen if you simply issue the command itself (with no options/arguments). To specify a partition, just do, for example:

fdisk /dev/hda1

Read the fsck man page for a full description.

You might also want to boot into rescue mode from your installation CD and run fsck from there; it might be a bit safer.

You can't really do anything about it other than format and start over, along with an fdisk /mbr before you reinstall 98.

Restoring the MBR by running "fdisk /mbr" from a Win 98/DOS rescue disk might do the trick by itself; worth a try before you go for a full reformat.