# My computer is not working......



## AFCutie (Feb 28, 2003)

I don't know what's wrong with my computer. I have a wireless DSL network on my computer and all of the sudden MSN stopped working. I'd try to sign in and the web page will load but then it gives me a message saying MSN has experienced and internal error and needs to restart. So it closes and restarts but the same thing happens all the time. I am able to sign into my MSN Messenger and AIM and I'm not having any problems with those. I have tried to unistall MSN, defragged my computer, installed Norton Anti-Virus 2003 which wouldn't completely install, and none of those worked.

I'm also having problems with my Internet Explorer. I can get into it, but sometimes it will tell me it has performed an illegal opperation and must close. After it closes, my active desktop goes white and gives me instructions on how to reactivate it. Also, when I use Internet Explorer, if I click on a link within a web page it will not load a web page. I can see the bar at the top that says Microsoft Internet Explorer but that is all, there is no page, it isn't even white, I am just seeing whatever is behind the screen.

I have a Dell Laptop and I need to switch out my Floppy drive with my CD-ROM drive which also is not working. I can't even open the Bay Device Manager.

If anyone has any suggestions I would appreciate them very much! I have tried as many things as I know to do with computers but they simply aren't working. Let me know if you can help, it would be great!

Start Up:

StartupList report, 2/28/03, 9:58:17 PM
StartupList version: 1.52
Started from : C:\WINDOWS\TEMP\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\LINKSYS\WPC11 CONFIG UTILITY\WPC11CFG.EXE
C:\PROGRAM FILES\MICROSOFT BROADBAND NETWORKING\MSBNTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\WINDOWS\SOL.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
Microsoft Broadband Networking.lnk = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LoadQM = loadqm.exe
ccApp = c:\Program Files\Common Files\Symantec Shared\ccApp.exe
ccRegVfy = c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
SystemTray = SysTray.Exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SSDPSRV = C:\WINDOWS\SYSTEM\ssdpsrv.exe
SchedulingAgent = mstask.exe
ccEvtMgr = c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

AIM = C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
msnmsgr = "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
Yahoo! Pager = C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

C:\WINDOWS\WININIT.INI listing:
(Created 28/2/2003, 17:0:58)

[rename]
nul=c:\windows\TEMP\~ef7194.tmp

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 27/2/2003, 18:21:2)

[rename]
c:\windows\SYSTEM\schannel.dll=c:\windows\SYSTEM\schannel.001
c:\windows\SYSTEM\crypt32.dll=c:\windows\SYSTEM\crypt32.001
c:\windows\SYSTEM\schannel.dll=c:\windows\SYSTEM\schannel.002
c:\windows\SYSTEM\softpub.dll=c:\windows\SYSTEM\softpub.001
c:\windows\SYSTEM\shell32.dll=c:\windows\SYSTEM\shell32.001
c:\windows\SYSTEM\shell32.dll=c:\windows\SYSTEM\shell32.002

--------------------------------------------------

Enumerating Browser Helper Objects:

(no name) - C:\WINDOWS\IPINSIGT.DLL - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9}
(no name) - C:\PROGRAM FILES\FLT\FLT.DLL (file missing) - {665ACD90-4541-4836-9FE4-062386BB8F05}
NAV Helper - c:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
BabeIE - C:\PROGRAM FILES\COMMONNAME\TOOLBAR\CNBABE.DLL - {00000000-0000-0000-0000-000000000000}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Symantec NetDetect.job
Norton AntiVirus - Scan my computer.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job

--------------------------------------------------

Enumerating Download Program Files:

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate.microsoft.com/R563/V31Controls/x86/w98/en/actsetup.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab

[YInstStarter Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YINSTHELPER.DLL
CODEBASE = http://download.yahoo.com/dl/installs/yinst.cab

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT45.OCX
CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

[{4E888414-DB8F-11D1-9CD9-00C04F98436A}]
CODEBASE = https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

--------------------------------------------------
End of report, 6,601 bytes
Report generated in 1.420 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


----------



## bandit429 (Feb 12, 2002)

Hello

Can you download? Are you on that computer now? If you can download go to the site I posted a link to below and download then run the startuplist program then run it and paste the generated text back here in a post so we can look at it. It could be the problem is there.

Click here


----------



## bandit429 (Feb 12, 2002)

Have you already run spybot S & D? If not then go to the link and download and run it,, then remove only the items selected in red.

Now This may or may not help your situation,, either way your definitely not finished. Just do that first and post back. If you already have let me know and we will go on to the next step.

Click here


----------



## AFCutie (Feb 28, 2003)

Well, I did actually have Spybot installed, but right after I installed it, it seemed like the problem began so I unistalled Spybot and a few other things I had installed the same day to see if that would fix the problem, but it didn't. Should I reinstall Spybot?


----------



## bandit429 (Feb 12, 2002)

I have never heard of it causing trouble before,, thats the first time. But if it did then this is what I'm concerned about
(BabeIE - C:\PROGRAM FILES\COMMONNAME\TOOLBAR\CNBABE.DLL)

From what I've read its not good,, I'll post a link at the bottom. There are also others. Their is another program which may remove it called hijack this if you will wait a few minutes I will get a link for you and some instructions. I think that would be the best way to go as far as removing it.

http://www.doxdesk.com/parasite/CommonName.html


----------



## bandit429 (Feb 12, 2002)

Go to http://www.spywareinfo.com/downloads.php#det , and download 'Hijack This!'. 
Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button. 
Press that, save the log somewhere, and please show us its contents.


----------



## AFCutie (Feb 28, 2003)

Alright, I was thinking it might be commonname as well. I tried to unistall it, except you have to do that from the website and the website wasn't loading so I could never get it completely unistalled. I will try that link you gave me and I will let you know if it works. Thanks a bunch!


----------



## bandit429 (Feb 12, 2002)

Your welcome,, I will look at it tonight but I will not post till morning, I'm kinda tired and this could turn out to be tough, I want to be wide awake for it.


----------



## Byteman (Jan 24, 2002)

Hi, I know bandit429 is helping with this, but would like to offer this thread for you to read about one item I see that is spyware...the thread mentions that removing Common Name software without an updated version of SpyBot SS&D can destroy your Internet connection....though I am not sure that is what has happened, by any chance did you use AdAware 5.83 recently to remove anything? That version has been replaced- to v.6.0 and is a very good program. BUT- a problem seems to have developed with the 6.0 version, too. Read here:
http://www.lurkhere.com/links600.html
It has this to say about it:
" "The original release of Ad-aware 6 does indeed remove all three of these programs improperly and does break internet access in the process. Lavasoft has released a new build which hopefully fixes this.

If you are running Ad-aware 5.x, remove it. It is obsolete. If you are running Ad-aware 6, check that you have build 162 and not build 160. You can see which build you have by clicking the information button along the upper right of the main screen (screenshot). The new build 162 reportedly fixes this problem as far as NewDotNet is concerned...If you need to update your version, you can download it from Lavasoft's download page at http://www.lavasoft.de/support/download/

At this point, I would urge everyone to not remove these three programs with any version of Ad-aware until this is sorted out. If you have Webhancer or CommonName, Spybot removes them perfectly. http://security.kolla.de/.""

info:http://forums.techguy.org/t110854/s.html

The CNbabe or Common Name toolbar may have come with Kazaa. You should at least switch to the KaZaa Lite version, no scumware in that one. 
I hope this helps.


----------



## AFCutie (Feb 28, 2003)

Here is the log, thank you so much for helping me!

Logfile of HijackThis v1.92.0
Scan saved at 10:42:08 PM, on 2/28/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=Microsoft Internet Explorer provided by America Online
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\7pz27qci.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\7pz27qci.slt\prefs.js)
O1 - Hosts: 216.239.37.101 www.kazaagold.com
O1 - Hosts: 216.239.37.101 www.k-lite.com
O2 - BHO: (no name) - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} - C:\WINDOWS\IPINSIGT.DLL
O2 - BHO: (no name) - {665ACD90-4541-4836-9FE4-062386BB8F05} - C:\PROGRAM FILES\FLT\FLT.DLL (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: BabeIE - {00000000-0000-0000-0000-000000000000} - C:\PROGRAM FILES\COMMONNAME\TOOLBAR\CNBABE.DLL
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Startup: Microsoft Broadband Networking.lnk = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Dell Home (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab


----------



## bandit429 (Feb 12, 2002)

Hey Byteman,, thanks I'm tired and I really appreciate the help. There is a lot there but the one thats made all the registry changes is the one I'm concerned about..I'm gonna have to give it up till morning. I don't feel sharp enough for a tough one right now.

http://www.doxdesk.com/parasite/CommonName.html


----------



## AFCutie (Feb 28, 2003)

Ok guys, I just wanted to let you know I reinstalled Spybot and I am running it right now. You do not know how much I appreciate all of your help!!


----------



## bandit429 (Feb 12, 2002)

Your welcome,, could you repost after you run it and lets see whats there?


----------



## AFCutie (Feb 28, 2003)

Alexa Related, Avenue A. Inc, 27 Common Name problems, 6 Cydoor problems, 14 eAcceleration problems, 3 eZula Hot Text problems, 5 Hot Track problems, 2 Gator problems, Internet Explorer, 2 IPinsight problems, MS Media Player, and New.net


----------



## bandit429 (Feb 12, 2002)

Ok post hijack again,, I would like to see it if its ok. Just for the education.


----------



## Byteman (Jan 24, 2002)

Hi AF- Be sure to get all Includes as updates for SpyBot.
Reboot after you run Spybot. 
Run it AFTER you get all updates.
Run it again after the reboot.
Here is another spyware you have:

http://www.doxdesk.com/parasite/FlashTrack.html
I think I have seen that one flash by as SpyBot is running and checking things...it should remove it.

EDIT: No, neither AAW or SS&D will remove the FLT one, it says at the time of writing at the doxdesk site....whenever that was....
There is the manual removal method posted at doxdesk. That's up to you. If you do, be sure to back up the Registry.
Other than that, there are some things running that you can turn off from starting when Windows does, such as the Microsoft Office Find Fast feature. 
RealPlayer can be turned off at startup.
There are some others....after you get the bad stuff out of the system, perhaps tomorrow the experts here will have you in good shape by trimming programs that load up at bootime.


----------



## AFCutie (Feb 28, 2003)

Logfile of HijackThis v1.92.0
Scan saved at 11:15:04 PM, on 2/28/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=Microsoft Internet Explorer provided by America Online
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://home.netscape.com/bookmark/7_0/home.html"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\7pz27qci.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\7pz27qci.slt\prefs.js)
O1 - Hosts: 216.239.37.101 www.kazaagold.com
O1 - Hosts: 216.239.37.101 www.k-lite.com
O2 - BHO: (no name) - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} - C:\WINDOWS\IPINSIGT.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] c:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [ccEvtMgr] c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
O4 - Startup: Microsoft Broadband Networking.lnk = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Dell Home (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/potb_x.cab


----------



## AFCutie (Feb 28, 2003)

I think that log was the same as the other. I'm going to reboot my computer because Spybot needs me to reboot in order to fix a few other problems.


----------



## bandit429 (Feb 12, 2002)

Good I learned something,, thanks,, spybot got the bad one and left this one

O2 - BHO: (no name) - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} - C:\WINDOWS\IPINSIGT.DLL 

Which in fact it did say it removed,, I think it wise to follow bytemans instruction and then if its still there you can have hijack fix that one and repost, be sure all ie windows are closed when you do it. Again thanks for the extra time.


----------



## AFCutie (Feb 28, 2003)

Thanks a whole bunch to both of you! You have helped a lot, hopefully my computer will be working as if it were brand new in no time! Thanks again!!!


----------



## bandit429 (Feb 12, 2002)

If you want to do the removal manually or your afraid of losing ground, then you can back up your registry like this 
go to start,, run,,and paste this in 
regedit /e reg.reg 
then hit ok.. a new blue block icon should appear on your desktop..thats your registry backup.


----------



## AFCutie (Feb 28, 2003)

After I rebooted my computer, I let Spybot run again, and this time it found a few different things it didn't find last time, including My Search. There was also a bunch of Common Name and it said it couldn't fix a few of the problems but would try on the next reboot. They are the same problems it wanted to fix the last time I restarted. They are Common Name: Program Directory, Common Name: Typelib, IPinsight: Executable, and IPinsight: Typelib. I don't know if that helps you at all of brings up any more problems.


----------



## bandit429 (Feb 12, 2002)

Some of that is normal, others I think you may have to try hijack, I'm sure that the person who taught me has a reason for using the 2 removal tools,, I just don't know what the reasons are well enough to explain it. But do the reboot,, before you get to your desktop spybot will start scanning..I would backup though as I posted above.

Then if its still the same let hijack fix these three if they are there.

O2 - BHO: (no name) - {000004CC-E4FF-4F2C-BC30-DBEF0B983BC9} - C:\WINDOWS\IPINSIGT.DLL 

O2 - BHO: (no name) - {665ACD90-4541-4836-9FE4-062386BB8F05} - C:\PROGRAM FILES\FLT\FLT.DLL (file missing) 

O2 - BHO: BabeIE - {00000000-0000-0000-0000-000000000000} - C:\PROGRAM FILES\COMMONNAME\TOOLBAR\CNBABE.DLL


----------



## AFCutie (Feb 28, 2003)

Alright, I think that got all the Spyware off my computer, I am still having problems with Internet Explorer and MSN however.


----------



## bandit429 (Feb 12, 2002)

Which version of explorer,, and what type of problem? The same?


----------



## VirtualMe (Sep 27, 2002)

What version of Real Player do you have?

So we can find how to stop it from running at startup.

http://www.answersthatwork.com/Tasklist_pages/tasklist_r.htm

RealPlay
Real Player

(Real Networks)
This is the System Tray icon for Real Player. A majority of users find this icon extremely frustrating as it slows down the boot-up time of your PC, and Real Player can be accessed through Start \ Programs anyway  in fact, in most cases Real Player comes up on its own when you click on a web link.

Recommendation :
Visit our "Miscellaneous" document library and download the instructions on how to disable it.

======================================================
http://www.answersthatwork.com/Tasklist_pages/tasklist_w.htm

Winampa
Winampa.exe

(Nullsoft)
Background task from Winamp which has two purposes : on the one hand it provides the Winamp System Tray icon, and on the other it maintains file associations so that other applications do not take over file associations which Winamp normally handles. As a System Tray icon Winamp is rarely used; most users use Winamp through double-clicking on an MP3 file rather than through actually starting it through Start \ Programs. Therefore, for most users there is no need for a Tray icon which just adds to the clutter. * More worryingly, in our experience WINAMPA seems to cause unexplained crashes in Netscape and Internet Explorer, and a few other programs*. Disabling WINAMPA totally seemingly gets rid of the crashes.

Recommendation : 
Disable Winamp Agent in Winamp itself. Click on the top left corner of Winamp, then choose "Options \ Preferences", then "Setup \ Agent" in the left bar, then take the tick OFF "Enable Winamp Agent" and all sub-options on the right-hand side. Click CLOSE. Close Winamp. Reboot your PC.


----------



## AFCutie (Feb 28, 2003)

I installed IE 6. I can't click on links, but I can open up a web page by clicking on the Desktop Icon. Also, my MSN 8 is giving me an error saying it has experienced an internal error and must restart.


----------



## bandit429 (Feb 12, 2002)

I really should have seen that from your first startup list, sorry. There are other things you could eliminate from your startup, but what I'm wondering is did this suddenly occur? Or did it seem to happen over a period of time? Did I E 6 work okay before? When did it happen?


----------



## VirtualMe (Sep 27, 2002)

AFCutie,

*WINAMPA* can cause unexplained crashes in Netscape and Internet Explorer, and a *few other programs*. Sometimes disabling *WINAMPA* from running at startup may get rid of the crashes.

Also *Real Player* has been know to cause it's own problems on some systems if it is ran at startup.

You have both of these running in startup according to the startup list you posted.

====================

As for the reinstalling Norton Anti-Virus 2003 problem.

This is what you most like will have to do to get Nortons to reinstall. I had to once.

*Note:* You may want to wait till you disable the above from startup first. After you get rid of your errors.

1. *Make a backup of the Windows registry*

2. How to uninstall Norton AntiVirus by using the Rnav2003.exe removal utility

3. How to uninstall Norton AntiVirus 2003 or Norton AntiVirus 2003 Professional Edition


----------



## AFCutie (Feb 28, 2003)

I unistalled Real Player because I never use it, and I disabled Winamp from running during start up, so hopefully that will work. Thanks for the help!


----------



## VirtualMe (Sep 27, 2002)

Your Welcome,

Just let us know one way or the other if it helps or not, after it has time to settle down.


----------



## AFCutie (Feb 28, 2003)

start-up 
StartupList report, 3/1/03, 3:19:06 PM
StartupList version: 1.52
Started from : C:\WINDOWS\TEMP\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\DOCKAPP.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\LXSUPMON.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\PROGRAM FILES\LINKSYS\WPC11 CONFIG UTILITY\WPC11CFG.EXE
C:\PROGRAM FILES\MICROSOFT BROADBAND NETWORKING\MSBNTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\KAZAA LITE\KAZAA.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Instant Wireless Configuration Utility.lnk = C:\Program Files\Linksys\WPC11 Config Utility\WPC11Cfg.exe
Microsoft Broadband Networking.lnk = C:\Program Files\Microsoft Broadband Networking\MSBNTray.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = c:\windows\scanregw.exe /autorun
TaskMonitor = c:\windows\taskmon.exe
SystemTray = SysTray.Exe
CPortPatch = C:\WINDOWS\Quick Install\CPPatch.exe
BayMgr = DockApp.exe
ATIPOLAB = ati2plab.exe
AtiPTA = Atiptaxx.exe
LoadQM = loadqm.exe
SystemTasks = C:\load.exe
LexStartxe = Lexstart.exe
LXSUPMON = C:\WINDOWS\SYSTEM\LXSUPMON.EXE RUN

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Once

SpyBotSnD = C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY 1.1\SPYBOTSD.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Services

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

AIM = C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
Weather = C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE 1
msnmsgr = "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
Yahoo! Pager = C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe -quiet

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=
drivers=mmsystem.dll power.drv

--------------------------------------------------

C:\WINDOWS\WININIT.INI listing:
(Created 1/3/2003, 14:14:34)

[rename]
NUL=c:\windows\TEMP\_iu14D2N.tmp

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 28/2/2003, 17:0:58)

[rename]
nul=c:\windows\TEMP\~ef7194.tmp

--------------------------------------------------

Enumerating Task Scheduler jobs:

Symantec NetDetect.job
Norton AntiVirus - Scan my computer.job
Maintenance-Defragment programs.job
Maintenance-ScanDisk.job
Maintenance-Disk cleanup.job

--------------------------------------------------

Enumerating Download Program Files:

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate.microsoft.com/...en/actsetup.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/...ash/swflash.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/...ector/swdir.cab

[YInstStarter Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YINSTHELPER.DLL
CODEBASE = http://download.yahoo.com/dl/installs/yinst.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.c...7649.7702430556

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT45.OCX
CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

[{4E888414-DB8F-11D1-9CD9-00C04F98436A}]
CODEBASE = https://webresponse.one.microsoft.c...iveX/winrep.cab

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

--------------------------------------------------
End of report, 5,972 bytes
Report generated in 2.224 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


----------

