Win98 VXD VMM(01)

I ran all the online scans and cleaned out a bunch of stuff on this machine. I then booted into safe mode and tried to run AdAware se and I recieve a fatal exception 0E has occurred at 0028:C00078C0 in VXD VMM(01) + 000068C0. This same error occurs when trying to do other scans in safe mode as well. All scans work fine in regular boot mode. I normally solve this problem by reinstalling/repairing windows. This is not my machine, but is a friends and I would really rather not do that. Besides, this error usually occurs in regular boot mode as well, but this time it only occurs in safe mode. Any ideas?

Thanks,

mrfrerichs

 

What malware problems are you currently having?

 

Well, I cannot really tell you because every time I try to run an Adaware scan it finds 2 problems but then blue screens too fast to see what they are or where they were located. The scan runs clean in regular mode as do all others. All other scans crash in safe mode as well. I am currently at a differnet location, but am headed back now and will post th HJT log. I think I will suggest backing up what he can and reinstalling.

Thanks,

mrfrerichs

 

Here is my HJT log from regular boot mode.

I am pretty sure this is clean.

 

Scan with HijackThis and Check the Boxes for the following:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
(Keep this one if you need it)

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
(This was most likely added from Spybot or Ad-Aware, this needs to be removed)

O9 - Extra button: Dell Home - {20B75A40-259C-11D4-9E63-A0A652C10000} - http://www.dellnet.com/ (file missing) (HKCU)

Make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Run CCleaner to clean up cookies and temp files.

Please download Spy Sweeper

• Click the link above to download the program.
• Install it. Once the program is installed, it will open.
• It will prompt you to update to the latest definitions, click Yes.
• Once the definitions are installed, click Options on the left side.
• Click the Sweep Options tab.
• Under What to Sweep please put a check next to the following:
  
  • Sweep Memory
  • Sweep Registry
  • Sweep Cookies
  • Sweep All User Accounts
  • Enable Direct Disk Sweeping
  • Sweep Contents of Compressed Files
  • Sweep for Rootkits
  • Please UNCHECK Do not Sweep System Restore Folder.
• Click Sweep Now on the left side.
• Click the Start button.
• When it's done scanning, click the Next button.
• Make sure everything has a check next to it, then click the Next button.
• It will remove all of the items found.
• Click Session Log in the upper right corner, copy everything in that window.
• Click the Summary tab and click Finish.
• Paste the contents of the session log you copied into notepad and save it as spysweeper.txt and attach it to your next post along with a fresh HJT log.

 

Thank you very much for the assist, but that did not work and the guy wants his computer. So, he is going to get nasty and backup and reinstall, and he is going to get a new computer for Christmas. Again thanks for the assist, just didn't work out this time.

mrfrerichs

 

We could have fixed the issue eventually, sorry hear we can't continue on this.

Surf Safely!

 

Thank again for your help.

I've been doing this spyware/virus removal thing for a while now, and I had yet to see a blue screen only in safe mode. Have you ever come across that? Granted I have not worked on that many Win98 machines, but isn't that weird to you? Usually it is the other way around.

Anyway, I had removed all of the spyware I could get to in regular mode, and all of the scans came up clean. So, I did what I could in the time I had with it. Let me know about that blue screen in safe mode thing.

Thanks again,

mrfrerichs

 

Weird, I don't know much about Win98, I know just about everything about XP and that's about it for OS's.

You can post this in the software forum, those guys should be able to tell you something about it.