Win98 Freezefest

Discussion in 'adware, spyware & hijack cleaning' started by MistisoMan, Mar 16, 2004.

Thread Status:
Not open for further replies.
  1. MistisoMan

    MistisoMan Registered Member

    Joined:
    Mar 16, 2004
    Posts:
    4
    I know, I know, a lot of people think 98 isn't that great of an OS. It has worked for me, though. Well, up until now at least. My computer freezes all the time, now. I barely got through a virus scan with Norton Antivirus 5.01.01C in safe mode yesterday. The definitions were up to date and no viruses were detected. I can't perform a disc scan anymore. I was able to when the freezing started last week, and when I did I would always get a bad sector consistently the same size. When my ocmputer does run, it crawls. I am only running a 733, but I have been running it for a while, and right now it appears to be going about 1/4 the speed of normal (it struggles loading the icons for my quickstart bar in my start menu). I've ran adaware numerous times (it is about the only thing I can do to clean my system). I ran HiJackThis and a copy of the log is pasted below. Nothing sticks out as foul to me. Any help would be greatly appreciated, as my friends and I are stumped (we're nothing special, though). I'm starting to think it is less and less of a spyware/virus problem as much as it is a hardware problem. :( Thanks to anyone who can shed some light on my situation, as I'm starting to lose hope.


    Logfile of HijackThis v1.97.7
    Scan saved at 5:50:39 PM, on 3/16/04
    Platform: Windows 98 Gold (Win9x 4.10.199:cool:
    MSIE: Internet Explorer v5.50 SP1 (5.50.4522.1800)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\D U METER\DUMETER.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: Discover deskshop Browser Helper Object - {8DB3D69D-DA5E-4165-B781-72A761790672} - C:\WINDOWS\SYSTEM\BHODSHOP.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
    O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
    O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
    O4 - Startup: D U Meter.lnk = C:\Program Files\D U Meter\DUMETER.EXE
    O8 - Extra context menu item: &Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: &Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: &Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: RoboForm (HKLM)
    O9 - Extra 'Tools' menuitem: RF &Toolbar (HKLM)
    O9 - Extra button: Fill Forms (HKLM)
    O9 - Extra 'Tools' menuitem: &Fill Forms (HKLM)
    O9 - Extra button: Save (HKLM)
    O9 - Extra 'Tools' menuitem: &Save Forms (HKLM)
    O9 - Extra button: Deskshop (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    O16 - DPF: Win32 Classes - file://C:\WINDOWS\Java\classes\win32ie4.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.140/code/PWActiveXImgCtl.CAB
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {5445BE81-B796-11D2-B931-002018654E2E} (MeadCo Security Manager) - http://www.livehelpcasino.com/wcsapp/weblib/Javascript/messaging/ie/SecMgr.cab
    O16 - DPF: {A48D0309-8DA3-41AA-98E4-89194D471890} (Pulse V5 ActiveX Control) - http://www.pulse3d.com/players/english/5.0/win/PulsePlayer5AxWin.cab
    O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - http://us.dl1.yimg.com/download.yahoo.com/dl/toolbar/ym/yiebio5_1_3_0.cab
    O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.brightstreet.com/cif/download/bin/actxcab.cab
    O16 - DPF: {8EDAD21C-3584-4E66-A8AB-EB0E5584767D} - http://toolbar.google.com/data/GoogleActivate.cab
    O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi MistisoMan,

    Please copy&paste the bold into an Internet Explorer Address Bar.
    javascript:navigator.userAgent
    Post the result that appears in the IE screen please.

    Also let us know what happens if you type a incorrect URL in the address bar of IE.

    Regards,

    Pieter
     
  3. MistisoMan

    MistisoMan Registered Member

    Joined:
    Mar 16, 2004
    Posts:
    4
    I'm at school right now so I can't check that url, atm, but I know for certain I get the standard microsoft bad url page. Last time I ran adaware I got back to the normal bad link page. I'll check again at home later on.
     
  4. MistisoMan

    MistisoMan Registered Member

    Joined:
    Mar 16, 2004
    Posts:
    4
    Back at home, here is what I get when using that link.
    Mozilla/4.0 (compatible; MSIE 5.5; Windows 9:cool:
     
  5. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi MistisoMan,

    Nothing wrong with that.
    I'm starting to fear your HD is starting to fail.
    Do you know the brand and type you have?

    And do you have backups of your important files and documents?

    Regards,

    Pieter
     
  6. MistisoMan

    MistisoMan Registered Member

    Joined:
    Mar 16, 2004
    Posts:
    4
    Sorry for the long response time. My system went completely on the fritz but for some reason putting everything into a different case let it work again. Oh well.

    I'm still having the freeze problems, and am all set to format and start a new (at least on the hdd which is giving me problems). Couple questions before I do it, though:

    1. Is there a way for me to copy off all my old drivers so I don't have to reinstall them onr piece at a time?
    and
    2. If not, is there a way for me to find out what parts I am using if I don't know them/if I can't find it on the hardware itself in order to make it easier for me to reinstall the drivers post reinstall?

    Oh, and, the drive is a 30gb WD 5400rpm from like 3 years ago.
     
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Before you start anew on this drive have a look at the Diagnostic tools here: http://support.wdc.com/download/

    There are several programs that will help you in finding out which hardware you have.
    I always used Aida32: http://www.aida32.hu/aida32.php
    but have seen good reviews on SiSoft Sandra and Lavalys as replacements for it.
    Not had a chance to try either of those. You may get some more qualified responses in the Software & Services forum.

    Regards,

    Pieter
     
Thread Status:
Not open for further replies.