Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Quick Help Wanted.. 98se Hjt Help


  • Please log in to reply
2 replies to this topic

#1 x-talim-x

x-talim-x

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 20 August 2007 - 11:25 AM

Ok, brief explanation, im sitting here infront of my grandmothers ancient 98se computer...now that she's finally bought a new machine (on Vista *slaps head*..but hey, better than nothing) shes asked me to sort out some of the problems on her old machine..

low and behold ive came across all sorts of problems

first and foremost, i dont know is HJT can show you this or not, but a few years ago she got a virus on this machine, and sent the tower off to a "specialist"

well this smart *** "specialist" manage to create 2 versions of windows, C:\WINDOWS and C:\WINDOWS.000 ... waste of space, and just freaking odd if you ask me.. is there any way (within reason) to solve this, or just ignore it as it only uses an extra 530megs??

Second problem, she once had Power Quest Second Chance (PQSC) on her machine, and after it was uninstalled it began asking for

C:\PQSC\PROGRAM\PGCPC.VXD

on boot-up.. now considering this has supposedly succesfully removed from the system, why is it asking for it?

-=-=-=-=-=-=-=-=-=-=-=-=-

few other small things.. being as this machine only has 128meg RAM too many programs running at start up has always been an issue..

so, i want to know, is it safe to remove "Exif Launcher" from boot up starting, and getting rid of this rediculous "task schedular" which ive never used in my life, same as windows update.. tres virus please?

...

so after this inanely long rant (many apologies) please can you help me, and quick...i'm getting a migraine from this freaking PC, and i wish it would run faster.. (9gig HD's just dont cut it >_< i'm used to 340 and above with atleast 2 gigs of RAM and another 4 on virtual..)

here is my HJT log... comb away please guys.. and that is a major plea

-=-=-=-=-=-=-=-=-=-=-=-=-=-

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:39:30, on 20/08/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\SPOOL32.EXE
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\WINDOWS.000\SYSTEM\MSTASK.EXE
C:\WINDOWS.000\SYSTEM\mmtask.tsk
C:\WINDOWS.000\EXPLORER.EXE
C:\WINDOWS.000\SYSTEM\RPCSS.EXE
C:\WINDOWS.000\TASKMON.EXE
C:\WINDOWS.000\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS.000\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\HP\HP SOFTWARE UPDATE\HPWUSCHD2.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\EXIF LAUNCHER\QUICKDCF.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQTRA08.EXE
C:\WINDOWS.000\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETGEAR\WG111V2 CONFIGURATION UTILITY\RTLWAKE.EXE
C:\PROGRAM FILES\NETGEAR\WG111V2 CONFIGURATION UTILITY\RTWLAN.EXE
C:\PROGRAM FILES\HP\DIGITAL IMAGING\BIN\HPQSTE08.EXE
C:\WINDOWS.000\SYSTEM\HPZIPM12.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\WINDOWS.000\DESKTOP\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hotmail.co.uk/
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS.000\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS.000\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [SecondChance] C:\PQSC\PROGRAM\CPCTray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS.000\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [HP Port Resolver] $SYSTEM\hpbpro.exe
O4 - HKLM\..\RunServices: [HP Status Server] $SYSTEM\hpboid.exe
O4 - .DEFAULT Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe (User 'Default user')
O4 - .DEFAULT Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (User 'Default user')
O4 - .DEFAULT Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe (User 'Default user')
O4 - .DEFAULT Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (User 'Default user')
O4 - .DEFAULT Startup: WG111v2 Smart Wizard Wireless Setting.lnk = C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe (User 'Default user')
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Exif Launcher.lnk = C:\Program Files\Exif Launcher\QuickDCF.exe
O4 - Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Startup: WG111v2 Smart Wizard Wireless Setting.lnk = C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS.000\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS.000\web\related.htm
O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll

--
End of file - 3991 bytes


-=-=-=-=-=-=-=-=-=-=-=-

Many thanks, Adam W (x-talim-x)

BC AdBot (Login to Remove)

 


m

#2 x-talim-x

x-talim-x
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:15 AM

Posted 20 August 2007 - 12:36 PM

someone has just told me it should be safe to uninstall Exif launcher.. is that true?

and come on guys, please help me quickly

Edited by x-talim-x, 20 August 2007 - 01:38 PM.


#3 Blender

Blender

    I will eat your Malware


  • Malware Response Team
  • 2,363 posts
  • OFFLINE
  •  
  • Location:Ontario
  • Local time:12:15 AM

Posted 30 August 2007 - 12:51 AM

Hi,

Sorry for delay.
Still need help? Let me know please and post fresh hijackthis log please.

You will have to excuse the possibility of some minor errors/inconsistancies in my wording for some instructions.
I run XP and have not had 98 in a few years.

Exif launcher... related to Quickbooks and often Fuji digital Camera.
Have/use either of those on this machine?

As for having the parallel installs of windows on the same partition (C:\Windows and C:\windows.000)... I'm not sure how to safely remove one without ending up formatting.
I will have a look around to see what I can dig up tho. Might be best to ignore if we can't find workable solution and format is not an option.

Second Chance....
For now you can disable it like this:

Click start> run> type msconfig and hit enter.
click "startup" tab. (I think that is what it is on 98. I have not run 98 in forever LOL!)
Locate SecondChance and uncheck it.
Uncheck Microsoft Office while you are there too. No reason to have that running at boot as it is a hog.
She can start Office from desktop shortcuts or the start menu.
Microsoft Works Calendar Reminders.lnk <-- Uncheck this too if she does not need/want calander reminders.
HP Software Update <-- Uncheck (she can check for printer updates from start menu)
Task Scheduler... I believe that can be disabled via MSConfig as well. (SchedulingAgent)

Leave the rest.

Apply & OK changes.
Reboot when told.

I can't remember if on 98 systems at boot if you will get a "msconfig" nag informing you that you made changes or not.
If you do... there should be a checkbox to "not tell me this again" then say OK.
Otherwise you will get that nag every boot.

Let me know how things are after that. :thumbsup:

Thanks
I'll have an order of massive trojan attack please with a side order of rootkit and virus dip.
Pre-course order of fresh spyware salad please with a side order of polymorphic dressing.
And to drink...a nice tall glass of adware!

For dessert; can I have a bowl of the freshest worms you have please?.

Never Give Up!

If you are happy with the service I provided, please consider making a donation to help me continue the fight against Malware Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users