Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
Did you use the latest versions of Ad-Aware and Spybot? Older versions will report they are up to date when they really aren't.
Please post the HijackThis log on here. The Scan button changes to Save Log when it done, click on it and it will appear in Notepad. Copy and Paste the log here.
I am having sorta the same problem that member "disoriented" has. I have the Windows 98 operating system. I'm getting the Microsoft Visual C++ Runtime Library error. It says "This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information". When clicking on the ok button it shuts down the computer. I don't know anything about the ad-aware, spybot and Hijack you were talking about. What should I do to fix this problem?
Thanks
Didn't find the information you thought to find? Check out these Similar Threads
Hi and welcome to the forum. I split your post away from the thread Here since chances are the problems are not identical.
Please provide all the detail about your issue that you think is important and we'll take a stab at solving it for you.
This is what markp62 advised me to do.
Spybot, Ad-Aware and HijackThis are malware cleaning tools, and they are free. The Quicklinks page has the download sites for these. Install Spybot and Ad-Aware and then immediately update them. Use Adware with the Custom Full Scan, and let Spybot remove everything already checked off. Reboot. Then use HijackThis to do a scan, when the scan finishes, the scan button changes to save log, click on it and it will open in Notepad. Copy and Paste the entire log into a new thread.
I downloaded and installed Spybot and Ad-Aware. Then I rebooted the computer and when it brought up my desktop I got an error that said "RUNDLL Error loading C:\PROGRA~1\WILDTA~1\APPS\COA\CDAENG~1.DLL The system cannot find the path specified." Then I clicked on the ok button and it went away. So I went to download and install the HijackThis and noticed there were two I could click on, HijackThis.exe and hijackThis.zip and I didn't know which one I suppose to download.
Realisticone, post the log on here, in this new thread.
Newt, this was begun in PM, was just waiting for the log.
Logfile of HijackThis v1.98.2
Scan saved at 2:39:22 PM, on 10/12/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
First unzip HJT into it's own folder, so that it is not running in a temp folder like it is now.
Uninstall P2P Networking and reboot.
Remove these items.
Reboot and delete this files.
C:\WINDOWS\aqadcup.exe
C:\WINDOWS\Qwrx.exe
C:\WINDOWS\jawa32.exe
C:\WINDOWS\SYSTEM\CDSM32.DLL
C:\WINDOWS\SYSTEM\LMF32.DLL
Delete this folder.
C:\WINDOWS\SYSTEM\P2P NETWORKING
You should go to RAV Online Scan for a free online AV scan, as you have at least three viruses.
Please post the log from the scan, and a new HJT log.
Do I just put the HJT into a folder in the C drive just not under another folder like I did? To remove P2P Networking I can go to my control Panel and go to Add/Remove Programs to remove it, is that correct? After rebooting how do I go about removing the other items?
Last edited by realisticone; 13th October 2004 at 21:27.
Create a new folder. C:\HJT is what I use but some prefer c:\antispyware or something. Unzip the HJT file to that folder.
Correct on removing P2P from Add/Remove in control panel.
After the P2P uninstall and reboot, run HJT again and have it scan. Then place a check mark by the items he listed (R0 thru 018 but only the ones he listed) and let HJT fix the items. Reboot.
Open windows explorer and delete the files and the folder he listed.
Next, do the virus scan and copy the log to a reply here along with the scan log from a new run of HJT.
I went to uninstall the P2P Networking and I got a warning saying "The following applications are dependant on P2P Networking:
ASM
Kazaa Media Desktop
Uninstalling P2P Networking may prevent these applications from working. If you wish to uninstalling P2P Networking it is suggested that you first uninstall the above applications." Then it gives me two buttons I can click on: Uninstall P2P Networking and the button Cancel. So I tried to uninstall the Kazaa Media desktop. I found it in the list as Kazaa Lite K++ v 2.4.3 so I uninstall that and rebooted. Then went back to try to remove the P2P networking and I got the same message. So how do I remove the two items its asking to remove or do I just ignore that and click on the button Uninstall P2P Networking?
While the name P2P Networking sounds like something you need, it isn't doing what the name implies. It is downloading stuff you do not want on your computer, the reason you are cleaning out your system now. And it was installed by Kazaa, and Kazaa will quit working. There are other file sharing programs recommended by other members on a different thread here, which do not have this malware attached to it.
After uninstalling P2P Networking and rebooted I remove the items but 2 of the where not listed. The 2 that was not listed were 04-HKLM\..\Run:[P2P NETWORKING]C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE/AUTOSTART and 016-DPF:{1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer)- Then I rebooted and delete the files you had listed. When I went to delete C:\WINDOWS\jawa32.exe I got the error message that said "Error Deleting File cannot delete jawa32: The specified file is being used by Windows." and I could not find these 2 files to delete: C:\WINDOWS\SYSTEM\CDSM32.DLL and C:\WINDOWS\SYSTEM\LMF32.DLL and I did not see the folder C:\WINDOWS\SYSTEM\P2P NETWORKING to delete it. Then I ran the RAV Online Scan shown below:
Found
============================
Viruses found: 2
Suspicious files: 0
Disinfected files: 0
Mail files: 71
After run RAV Online Scan I ran the HJT scan listed below:
Logfile of HijackThis v1.98.2
Scan saved at 12:03:47 AM, on 10/15/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Here is how to get rid of those files for good, and you have Win98, which makes it easier. Restart in Dos Mode, and do these commands at the prompt, pressing Enter at the end of each line. deltree c:\windows\jawa32.exe
deltree c:\progra~1\common~1\wintools
deltree c:\windows\system\idleui.dll
Press a Y that you want to delete, check for typos at this time.
It's fine that you did not find the P2P folder, and it's startups, and amazes me the uninstall did so well.
Remove this with HJT.
O4 - HKCU\..\Run: [Jawa322] C:\WINDOWS\jawa32.exe
How do you bring up Dos Mode when you restart the computer and get back out of it when I finish entering the commands you listed? Also should I delete the items from my recycle bin that you had me delete before?
When you choose to Shut Down the computer, there is an option to select, "Restart in Dos Mode", choose it and it restarts in dos mode. When you are done with the commands, reboot the computer, by hitting the Reset button or pressing CTRL+ALT+DEL at the same time.
Empty the Recycle Bin.
