Any Idea whats wrong ?

[yoxer]

Windows98. IE 5

 

No virus or spyware. System is clean.

 

Windows altered the time by 1hr to allow for summer/winter time settings this weekend.

The comp now starts up different showing windows symbols before turning into desk top icons. It can also take up to 5 minutes to open a prog from the start menu or by clicking on a desk top icon. Also takes 5 minutes to establish internet connection. It seems as if there is a background prog running and at first I suspected NAV trying for live up date. NAV and components have been successfully uninstalled and it still no better.The progs running when alt cntl del is pressed are , Cable Internet, Explorer, Gbtask, Systray, Loadqm, Confsvr, 3dldemon, Rnaapp, Trantor_ .Any idea what the problem is and how to fix it ?

[Newt]

Get Hijackthis 1.98.2, put it in a regular folder (not temp, not desktop), run a scan and post the scan log.

 

Once we get things working properly, update IE to either 5.5 or 6.0.

 

[ 02. November 2004, 08:14 AM: Message edited by: Newt ]

[yoxer]

downloaded to c:unzippedhijackthis. Ran scan but can not find log . The results wont cut & paste. What am I missing or done wrong ?

[yoxer]

Thanks to the mod for removing the last post.

The log results as follows . Ive removed the web address showing in the log as Im not certain if they are a security risk or not Newt.

 

Logfile of HijackThis v1.98.2

Scan saved at 10:50:11, on 02/11/04

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v5.00 (5.00.2919.6304)

 

Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL

C:WINDOWSSYSTEMMSGSRV32.EXE

C:WINDOWSSYSTEMMPREXE.EXE

C:WINDOWSSYSTEMmmtask.tsk

C:WINDOWSSYSTEMMSTASK.EXE

C:WINDOWSEXPLORER.EXE

C:MEDI95VI_GRM.EXE

C:WINDOWSSYSTEMSYSTRAY.EXE

C:WINDOWSSYSTEM3DLDEMON.EXE

C:WINDOWSTASKMON.EXE

C:PROGRAM FILESCABLE INTERNET VERSION 4.0BINCONFSVR.EXE

C:WINDOWSSYSTEMWMIEXE.EXE

C:PROGRAM FILESCABLE INTERNET VERSION 4.0BINGBTASK.EXE

C:WINDOWSSYSTEMRNAAPP.EXE

C:WINDOWSSYSTEMTAPISRV.EXE

C:PROGRAM FILESCABLE INTERNET VERSION 4.0BINGBDASH.EXE

C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE

C:UNZIPPEDHIJACKTHISHIJACKTHIS.EXE

 

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = www.blueyonder.co.uk/dial

R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = ;<local>

F1 - win.ini: load=C:MEDI95vi_grm.exe

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX

O4 - HKLM..Run: [systemTray] SysTray.Exe

O4 - HKLM..Run: [3DLabsHelperDemon] 3dldemon.exe nowakeup

O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe

O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM..Run: [PE2CKFNT SE] C:Program FilesUlead SystemsUlead Photo Express 2 SEChkFont.exe

O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM..RunServices: [schedulingAgent] mstask.exe

O4 - Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL

O13 - WWW. Prefix: http://

O16 - DPF: {DA04CC86-07A5-11D5-A700-0001031AD955} (TP_live Control) - http://Deleted as the address may have security implications.

O16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} (MSN Chat Control 4.0) - http:Deleted

O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http:Deleted

O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.Deleted

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[yoxer]

More info .... Once the comp is started it has never run as fast as it does now which is great.

However it loads the desk top up from starting up ok but very little ( programmes etc ) will open from either the desk top or start menu , without waiting for at least 5 minutes. Once the first programme opens , it is no problem after that and runs better than ever opening everything nearly instantly. It also takes about 5 minutes from connection to getting the home page ( or any other page ) loaded. While its never been quick to load pages, this is way over the normal time taken which is about 1.35 mins. Once the first page has loaded , again its no problem getting others up.

Im sure this has something to do with windows altering the clock setting to allow for the 1 hour change.

[Newt]

The HJT log looks pretty clean. No obvious baddies showing up there. As to security concerns, there were none. But had there been, the long, strange numbers like {08B0E5C0-4FCB-11CF-AAA5-00401C608501} will point any interested person to the same place.

 

You probably do need to make sure the version of Sun Java you are running is the latest. I think V5 is it for now.

 

You have several startup items that aren't any sort of malware but are a load on the system for very little benefit to you and if it were my PC, I'd run another HJT scan and click them for removal.

 

F1 - win.ini: load=C:MEDI95vi_grm.exe

Quick access to advanced features of your video card but you can get them via other means and I don't see the need for this running constantly in the background

 

O4 - HKLM..Run: [PE2CKFNT SE] C:Program FilesUlead SystemsUlead Photo Express 2 SEChkFont.exe

Used to check whether the fonts are installed properly on your computer or not for a scanner. Good idea to check the fonts once and again if you add new ones but to constantly check?

 

O4 - Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE

Microsoft says having this running will make for faster launch and operation of MS Office applications. I say that is nonsense and you benefit from not having it running all the time.

 

Regardless of what you do with the above, the log was useful for what it did not show. Your main source of sludge is elsewhere and I think a soup-to-nuts general cleanup will take care of most of it. From your described symptoms I'm betting that the registry compaction will do the most good but all these are things I found over the years to really help 98 systems that are doing funky things.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Dr. Newt's general clean-up instructions for Win95/98/ME

• Open a browser window and dump all TIF (temporary internet files) and cookies. Close.
  
• Open windows explorer and
  .. delete the contents of all temp folders
  .. delete any files in c: with a name filennnn.chk (where nnnn is any number so file0001.chk, file1034.chk, etc)
  
• verify that you have fewer than 500 files & folders directly under c:. If you are close to that number, remove or move some files.
  
• empty the recycle bin
  
• boot to DOS
  
• from the command prompt do the following
  .. scanreg /fix (press the ENTER key)
  .. scanreg /opt
  ****note that 95 does not have scanreg.exe but a copy from 98 or ME will run fine if you can get one
  .. scandisk c: /nosave /autofix /surface
  .. Win /D:M (forces a safe mode windows start)
  
• Run another scandisk (start~programs~accessories~system tools) and check for a standard scan and to fix all errors found. The DOS scan couldn't check for long file name issues.
  
• Run a defrag
  
• Reboot to normal Windows.
  

[yoxer]

Thanks Newt . The sun java prog was only put on yesterday to enable an online scan , and has since been uninstalled as Ive no idea why I should need it or what its used for.

Defrags and scan disk are run on a more or less regular basis and anything in the recycle bin is always deleted immeadiately . Same with cookies and temp files.Ive never deleted temp folders or any files with file"nnnn".chk and am not sure how to locate these if there are any.Same with the temp folders. Do you do this from windows explorer ? and only in the windows folder , or all of them ?

I suspect theres way over 500 files and folders under c drive , nothings ever been deleted from there since 1998 when this was built except for the temp files. There are prog files there such as the sun java prog that are no longer in use. Is it safe just to delete these ?

[Huge_Vitae]

Excuse me butting in Yoxer & Newt,

 

Yoxer,

 

Do you have SCSI devices attached to your system?

[yoxer]

ha ha your postin to a computer illerate , whats a SCSI device ? As far as I know theres only a scanner and a printer, other than mouse keyboard and moniter.

[Huge_Vitae]

Sorry Yoxer,

 

SCSI is a small computer serial interface.

 

It runs devices such as scanners and large disk drives (or did) it has mainly been phased out now with USB.

 

I ask because your original post says your comp is running Trantor_

 

As far as I remember Trantor_ was a device driver for SCSI units. Trantor The Company made CD writers and hard drives in the days when like 250meg H/Drives were like a BILLION pounds

 

The problem you describe, guessing you have no SCSI devices is the same as the computer 'scanning' periodically for SCSI devices, finding none it carries on. this can cause the system lag you describe.

 

You mention loading a program to 'do a scan' it is possible you didn't quite get it right and ended up with The SCSI driver on your system.