1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help with Hijack this log..having troubles with ram

Discussion in 'Virus & Other Malware Removal' started by JustMeBren, Apr 27, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. JustMeBren

    JustMeBren Thread Starter

    Joined:
    Nov 8, 2002
    Messages:
    11
    Using Win98 SE..512 Meg Ram...yet still seem to have to run rambooster and keep optimizing and computer running slow..not sure how to end running processes..attaching hijack this log..have run spybot..and adaware..as well as panda..and pest patrol...mostly just see cookie info for the most part and continue to delete them as they are found...thanking you in advance for your help

    Bren

    StartupList report, 4/27/04, 1:45:06 AM
    StartupList version: 1.52
    Started from : E:\DOWNLOAD\HIJACKTHIS\HIJACKTHIS.EXE
    Detected: Windows 98 SE (Win9x 4.10.2222A)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\PANDA SOFTWARE\PANDA ANTIVIRUS PLATINUM\FIREWALL\PAVFIRES.EXE
    C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\PROGRAM FILES\PANDA SOFTWARE\PANDA ANTIVIRUS PLATINUM\APVXDWIN.EXE
    C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE
    C:\PROGRAM FILES\PANDA SOFTWARE\PANDA ANTIVIRUS PLATINUM\PAVPROXY.EXE
    E:\DOWNLOAD\HIJACKTHIS\HIJACKTHIS.EXE

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
    TaskMonitor = C:\WINDOWS\taskmon.exe
    Apvxdwin = C:\Program Files\Panda Software\Panda Antivirus Platinum\apvxdwin.exe
    PPMemCheck = C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    PestPatrol Control Center = C:\PROGRA~1\PESTPA~1\PPControl.exe
    CookiePatrol = C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    PAVFIRES = C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
    DkService = C:\Program Files\Executive Software\DiskeeperLite\DkService.exe

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    RamBooster = C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE

    --------------------------------------------------

    C:\WINDOWS\WININIT.BAK listing:
    (Created 27/4/2004, 1:22:36)

    [Rename]
    NUL=c:\program files\pestpatrol\quarantine\20040427005940260.zip
    NUL=c:\windows\cookies\[email protected][1].txt
    NUL=c:\windows\cookies\[email protected][1].txt
    NUL=C:\WINDOWS\TEMP\Del8191.exe

    --------------------------------------------------

    C:\AUTOEXEC.BAT listing:

    SET PATH=C:\PROGRA~1\PANDAS~1\PANDAA~1;%PATH%;"C:\Program Files\Executive Software\DiskeeperLite\"
    C:\PROGRA~1\PANDAS~1\PANDAA~1\PAVCLSHE C:\PROGRA~1\PANDAS~1\PANDAA~1\

    --------------------------------------------------


    Enumerating Browser Helper Objects:

    (no name) - C:\PROGRAM FILES\YAHOO!\COMMON\YCOMP5_1_6_0.DLL - {02478D38-C3F9-4efb-9B51-7695ECA05670}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL - {53707962-6F74-2D53-2644-206D7942484F}

    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

    --------------------------------------------------
    End of report, 3,539 bytes
    Report generated in 0.128 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only


    Logfile of HijackThis v1.97.7
    Scan saved at 1:45:43 AM, on 4/27/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\PROGRAM FILES\PANDA SOFTWARE\PANDA ANTIVIRUS PLATINUM\FIREWALL\PAVFIRES.EXE
    C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\PROGRAM FILES\PANDA SOFTWARE\PANDA ANTIVIRUS PLATINUM\APVXDWIN.EXE
    C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE
    C:\PROGRAM FILES\PANDA SOFTWARE\PANDA ANTIVIRUS PLATINUM\PAVPROXY.EXE
    E:\DOWNLOAD\HIJACKTHIS\HIJACKTHIS.EXE
    C:\WINDOWS\NOTEPAD.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.excite.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.yahoo.com
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMMON\YCOMP5_1_6_0.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMMON\YCOMP5_1_6_0.DLL
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [Apvxdwin] C:\Program Files\Panda Software\Panda Antivirus Platinum\apvxdwin.exe
    O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
    O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
    O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
    O4 - HKLM\..\RunServices: [PAVFIRES] C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
    O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
    O4 - HKCU\..\Run: [RamBooster] C:\PROGRAM FILES\RAMBOOSTER\RAMBOOSTER.EXE
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: Yahoo! Login (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Login (HKLM)
    O15 - Trusted Zone: http://*.windowsupdate.com
     
  2. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
    your log is clean, try taking out a stick of Ram, you really don't need 512 RAM for WIn 98, it might actually be counter productive, 256RAM is plenty for WIn 98, only XP really needs 512RAM

    khaz
     
  3. khazars

    khazars

    Joined:
    Feb 15, 2004
    Messages:
    12,302
  4. JustMeBren

    JustMeBren Thread Starter

    Joined:
    Nov 8, 2002
    Messages:
    11
    thanks so much for your quick replies...the memory is only one stick so cant quite remove it...but did run the memtest with no errors...and after defrag seems to be working better..thanks again..

    Bren
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/224243

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice