My HiJackThis Results

Discussion in 'Computer Support' started by Stephanie, Oct 11, 2003.

  1. Stephanie

    Stephanie Guest

    Any help would be appreciated! Thanks, Stephanie

    Logfile of HijackThis v1.97.3
    Scan saved at 4:06:14 AM, on 10/10/03
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\RTVSCN95.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\DEFWATCH.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\VPTRAY.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACRORD32.EXE
    C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    http://[deleted--my personal homepage]
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
    Internet Explorer provided by Comcast
    N1 - Netscape 4: user_pref("browser.startup.homepage", "http://[deleted--my
    personal homepage]"); (C:\Program Files\Netscape\Users\[my user
    name]\prefs.js)
    O2 - BHO: (no name) - {FFCBEECE-FB0C-11D2-AB16-00104B9BBBD2} -
    C:\WINDOWS\SYSTEM\AHIEHELP.DLL (file missing)
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM
    FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
    c:\windows\googletoolbar_en_2.0.95-deleon.dll
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio -
    {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    c:\windows\googletoolbar_en_2.0.95-deleon.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
    O4 - HKLM\..\Run: [vptray] C:\Program Files\Norton AntiVirus\vptray.exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
    powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [rtvscn95] C:\Program Files\Norton
    AntiVirus\rtvscn95.exe
    O4 - HKLM\..\RunServices: [defwatch] C:\Program Files\Norton
    AntiVirus\defwatch.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
    powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program
    Files\FinePixViewer\QuickDCF.exe
    O8 - Extra context menu item: &Google Search -
    res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page -
    res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages -
    res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links -
    res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate Page -
    res://C:\WINDOWS\GOOGLETOOLBAR_EN_2.0.95-DELEON.DLL/cmtrans.html
    O9 - Extra button: ComcastHSI (HKCU)
    O9 - Extra button: Help (HKCU)
    O9 - Extra button: Support (HKCU)
    O12 - Plugin for .pif: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .avi: C:\PROGRAM
    FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npavi32.dll
    O12 - Plugin for .mpga: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
    O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
    O12 - Plugin for .tiff: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin5.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
    http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} (Register Class) -
    http://content.hiwirenetworks.net/inbrowser/cabfiles/2.5.30/Hiwire.cab
    O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) -
    http://www117.coolsavings.com/download/cscmv5X.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37848.963611111
    1
     
    Stephanie, Oct 11, 2003
    #1
    1. Advertising

  2. Stephanie

    °Mike° Guest

    On Sat, 11 Oct 2003 04:39:40 -0400, in
    <>
    Stephanie scrawled:

    >Any help would be appreciated! Thanks, Stephanie
    >
    >Logfile of HijackThis v1.97.3
    >Scan saved at 4:06:14 AM, on 10/10/03
    >Platform: Windows 98 SE (Win9x 4.10.2222A)
    >MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)


    <snip>

    >O2 - BHO: (no name) - {FFCBEECE-FB0C-11D2-AB16-00104B9BBBD2} -
    >C:\WINDOWS\SYSTEM\AHIEHELP.DLL (file missing)


    Have HijackThis fix this.



    >O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun


    http://www.answersthatwork.com/Tasklist_pages/tasklist_r.htm
    "Registry Shaver task installed when you install the software for
    Fuji Finepix digital cameras. At the time of writing we have no
    idea as to what REGSHAVE actually does.

    Recommendation :
    We always disable REGSHAVE and we have never experienced
    adverse effects from doing so. Thus our recommendation is that
    you disable this task with Starter."



    >O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\
    >QuickDCF.exe


    http://www.answersthatwork.com/Tasklist_pages/tasklist_q.htm
    "Recommendation :
    Down to user preference. If you take a lot of pictures then it
    is convenient to be able to start the application from the System
    Tray, otherwise you may want to keep your System Tray to the
    bare minimum, and so disable QUICKDCF with Startup Manager
    and always start it via "Start \ Programs". "



    >O16 - DPF: {28F00B0F-DC4E-11D3-ABEC-005004A44EEB} (Register Class) -
    >http://content.hiwirenetworks.net/inbrowser/cabfiles/2.5.30/Hiwire.cab


    Have HijackThis fix this.



    >O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) -
    >http://www117.coolsavings.com/download/cscmv5X.cab


    Have HijackThis fix this.


    --
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html
     
    °Mike°, Oct 11, 2003
    #2
    1. Advertising

  3. Stephanie

    why? Guest

    X-No-Archive: Yes
    On Sat, 11 Oct 2003 04:39:40 -0400, Stephanie wrote:

    >Any help would be appreciated! Thanks, Stephanie


    You are looking for, concerned about anything in particular on the list?
    What's the reason you ran the report?


    >Logfile of HijackThis v1.97.3
    >Scan saved at 4:06:14 AM, on 10/10/03
    >Platform: Windows 98 SE (Win9x 4.10.2222A)
    >MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
    >
    >Running processes:
    >C:\WINDOWS\SYSTEM\KERNEL32.DLL
    >C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    >C:\WINDOWS\SYSTEM\SPOOL32.EXE

    <snip>

    Me
     
    why?, Oct 11, 2003
    #3
  4. Stephanie

    Stephanie Guest

    "°Mike°" <> wrote in message
    news:...

    >
    > >O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun

    >
    > http://www.answersthatwork.com/Tasklist_pages/tasklist_r.htm
    > "Registry Shaver task installed when you install the software for
    > Fuji Finepix digital cameras. At the time of writing we have no
    > idea as to what REGSHAVE actually does.
    >
    > Recommendation :
    > We always disable REGSHAVE and we have never experienced
    > adverse effects from doing so. Thus our recommendation is that
    > you disable this task with Starter."
    >
    >



    I am not sure either, but I don't want to delete/disable anything, since I
    have temporarily lost the Fine Pix CD.


    >
    > >O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\
    > >QuickDCF.exe

    >
    > http://www.answersthatwork.com/Tasklist_pages/tasklist_q.htm
    > "Recommendation :
    > Down to user preference. If you take a lot of pictures then it
    > is convenient to be able to start the application from the System
    > Tray, otherwise you may want to keep your System Tray to the
    > bare minimum, and so disable QUICKDCF with Startup Manager
    > and always start it via "Start \ Programs". "
    >
    >



    Well, the thing is, the only way I can get my pictures from the camera to my
    computer is to plug in the USB cable, at which point the Quick DCF, which
    runs in the background, activates, and auctomatically gets my pics. If I
    start Fuji Fine Pix software manually (from the "Start" menu), I do not
    think I will be able to get my pics to my computer. The manual from Fuji
    does not help much at all about this. they want you to use

    Re the other suggestions, I will do all of these, and get back to you.
    Thanks!

    S.
     
    Stephanie, Oct 11, 2003
    #4
  5. Stephanie

    Stephanie Guest

    "why?" <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote in message
    news:...
    > X-No-Archive: Yes
    > On Sat, 11 Oct 2003 04:39:40 -0400, Stephanie wrote:
    >
    > >Any help would be appreciated! Thanks, Stephanie

    >
    > You are looking for, concerned about anything in particular on the list?
    > What's the reason you ran the report?
    >


    thanks. Well, my computer has been running really slowly lately, and another
    poster here a few days ago recommended that I do this, and post the results
    here.

    S.
     
    Stephanie, Oct 11, 2003
    #5
  6. Stephanie

    why? Guest

    On Sat, 11 Oct 2003 04:39:40 -0400, Stephanie wrote:

    >Any help would be appreciated! Thanks, Stephanie
    >
    >Logfile of HijackThis v1.97.3
    >Scan saved at 4:06:14 AM, on 10/10/03
    >Platform: Windows 98 SE (Win9x 4.10.2222A)
    >MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
    >
    >Running processes:
    >C:\WINDOWS\SYSTEM\KERNEL32.DLL

    <snip>

    >C:\WINDOWS\SYSTEM\WMIEXE.EXE
    >C:\WINDOWS\SYSTEM\DDHELP.EXE
    >C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    >C:\WINDOWS\SYSTEM\PSTORES.EXE
    >C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACRORD32.EXE


    This one ^^^^^^

    I find slows downs can be caused by Acrobat Reader sitting aroung 60%+
    CPU utilisation even after it's been closed (reader) and the browser
    window it was launched from closed as well.

    Selecting terminate the process often speeds things up.

    Don't know if Win98SE has a task manager like NT/2000/XP, but if you
    have no PDFs open, reader, or a browser running it's worth looking to
    see if you can see the %CPU utilisation for that process.

    <snip>

    Me
     
    why?, Oct 11, 2003
    #6
  7. Stephanie

    Helen Guest

    "Stephanie" <> wrote in message
    news:...
    :
    : "why?" <fgrirp*sgc@VAINY!Qznq.fpvragvfg.pbz> wrote in message
    : news:...
    : > X-No-Archive: Yes
    : > On Sat, 11 Oct 2003 04:39:40 -0400, Stephanie wrote:
    : >
    : > >Any help would be appreciated! Thanks, Stephanie
    : >
    : > You are looking for, concerned about anything in particular on the list?
    : > What's the reason you ran the report?
    : >
    :
    : thanks. Well, my computer has been running really slowly lately, and
    another
    : poster here a few days ago recommended that I do this, and post the
    results
    : here.
    :
    : S.
    :
    :

    Stephanie,
    Try this: Start/Run and then type in msconfig. Click OK then go to the
    Start Up tab. Click it and look at the list. UNclick EVERY thing EXCEPT
    LoadPowerProfile, and systray. Click OK and reboot. When it boots up, then
    run scandisk. Start/Run and type in Scandisk. After it finishes. Run
    Defrag. Reboot when defrag is done. This is the way to trim down the
    start-up file. You don't need all those programs starting up and running
    all the time. Have them start up when you need them.

    After you've ran Defrag and rebooted. Go back to Start/Run type in
    msconfig and go check your AV and firewall...if you want them to start
    everytime your computer starts up. If you are using Adobe Reader...you can
    leave it unchecked in the start up. It's a hog on resources and will slow
    your machine down. Also, the same is true for ZoneAlarm and Real Player.
    These are all hoggy programs and will slow down the machine. The same is
    true of Norton. So you must pick and choose. I'd get Outpost for a
    firewall or one of the others that's less demanding on system resources than
    ZA, I'd stop Adobe Reader from running at start-up by UNchecking it. I'd
    make sure there's nothing in my Start-Up folder. All these will help with
    the wise use of limited resources. BTW, just because you don't have a
    program starting at bootup doesn't mean it's unusable... it can still be
    used at any time you choose to use it, by simply clicking on it. All the
    UNchecking it in the start-up means is that it doesn't start up and run all
    the time, everytime you turn the computer on. HTH

    Helen
     
    Helen, Oct 11, 2003
    #7
  8. Stephanie

    °Mike° Guest

    On Sat, 11 Oct 2003 10:52:19 -0400, in
    <>
    "Helen" <@abuse.roman.gov> scrawled:


    <snip>
    >
    >Stephanie,
    >Try this: Start/Run and then type in msconfig.


    No, no, no. Disable programs from their preferences/options
    whenever possible. Msconfig is a diagnostic tool, and many
    applications will reinstate themselves automatically when they
    are run.

    >Click OK then go to the Start Up tab. Click it and look at the list.
    >UNclick EVERY thing EXCEPT LoadPowerProfile, and systray.


    No, no, no. Scanregistry (scanregw /autorun) should NOT be disabled
    in a Windows 98 system! Similarly, any 'Services' should not be
    disabled.

    <snip>

    > After you've ran Defrag and rebooted. Go back to Start/Run type in
    >msconfig and go check your AV and firewall...if you want them to start
    >everytime your computer starts up.


    See my comments above about 'Services', which firewalls and
    antivirus components often install.

    >BTW, just because you don't have a program starting at bootup
    >doesn't mean it's unusable...


    No, but a 'Service' should not be disabled, since it needs to be
    executed BEFORE other applications at bootup.

    >All the UNchecking it in the start-up means is that it doesn't start
    >up and run all the time, everytime you turn the computer on. HTH


    No, that's not quite what it means. Please be careful with your
    'advice'.

    --
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html
     
    °Mike°, Oct 11, 2003
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. B.Al.Zeebub

    Re: Hijackthis question

    B.Al.Zeebub, Aug 29, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    413
    longshotjohn7
    Aug 29, 2003
  2. Zephyr

    Re: Hijackthis question

    Zephyr, Aug 29, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    473
    longshotjohn7
    Aug 30, 2003
  3. °Mike°

    New version of HijackThis

    °Mike°, Oct 10, 2003, in forum: Computer Support
    Replies:
    7
    Views:
    522
    °Mike°
    Oct 10, 2003
  4. UnderDog

    HijackThis Log

    UnderDog, May 8, 2004, in forum: Computer Support
    Replies:
    5
    Views:
    5,620
    Boomer
    May 8, 2004
  5. Gary

    Help with hijackthis results

    Gary, Sep 25, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    2,019
    The Tech Guy
    Sep 28, 2004
Loading...

Share This Page