# Please Help!!!!!!!!!!!!!!



## brett489 (Dec 7, 2002)

hey im having troubles with my startup... when I start up my computer sometimes my gamma won't load and when i try to open some programs they wont even open......Also other times when i startup not all of my desktop icons will load and i wont be able to click on anything on the screen.... Iv tried cleaning up my startup as much as i can but no luck can anyone help me????


----------



## steamwiz (Oct 4, 2002)

Hi brett489

If you post your startup list we may be able to spot something

Please post your startup list by doing the following :-

Please go here and download startuplist 1.51 :-

http://www.lurkhere.com/~nicefiles/

Download to any folder or your desktop 
Unzip the zipfile 
Double click the exe file 
go to Edit - select all - copy - and paste the results in a new post here

steam


----------



## brett489 (Dec 7, 2002)

StartupList report, 05/02/03, 7:32:41 PM
StartupList version: 1.51
Started from : C:\WINDOWS\TEMP\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v5.00 (5.00.2614.3500)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SM56HLPR.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MESSENGER PLUS! EXTENSION\MSGPLUS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\TWEAKNOW POWERPACK\RAM_98.EXE
C:\WINDOWS\FSSCRCTL.EXE
C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\AOL CANADA 6.0\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe
Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
Mstask.lnk = C:\WINDOWS\SYSTEM\MSTASK.EXE
stimon.exe.lnk = C:\WINDOWS\SYSTEM\stimon.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = c:\windows\scanregw.exe /autorun
TaskMonitor = c:\windows\taskmon.exe
SystemTray = SysTray.Exe
SM56ACL = sm56hlpr.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
LoadQM = loadqm.exe
MessengerPlus = "C:\Program Files\Messenger Plus! Extension\MsgPlus.exe"
NvCplDaemon = RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
nwiz = nwiz.exe /install
RegShave = C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
NAV Agent = C:\PROGRA~1\NORTON~3\NAVAPW32.EXE
RAM Idle Professional = C:\Program Files\TweakNow PowerPack\RAM_98.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
ScriptBlocking = "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 25/1/2003, 14:11:10)

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

PATH c:\windows;c:\windows\COMMAND;C:\EXCEL;C:\WINWORD;C:\BITWARE\MPLY
c:\windows\a4init.exe
C:\MediaKey\FGetKey.exe

--------------------------------------------------

Enumerating Browser Helper Objects:

Activater - (no file) - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F}
NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Symantec NetDetect.job
Norton AntiVirus - Scan my computer.job

--------------------------------------------------

Enumerating Download Program Files:

[HeartbeatCtl Class]
InProcServer32 = C:\WINDOWS\DOWNLO~1\HRTBEAT.OCX
CODEBASE = http://fdl.msn.com/zone/datafiles/heartbeat.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\SHOCKWAVE 8\DOWNLOAD.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[Macromedia Authorware Web Player Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\AUTHORWA\AWSWAX.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxm.cab

[Yahoo! Audio Conferencing]
InProcServer32 = C:\PROGRAM FILES\YAHOO!\MESSENGER\YACSCOM.DLL
CODEBASE = http://cs3.chat.yahoo.com/v/yacscom.cab

[MSNChatFrame Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT10.OCX
CODEBASE = http://chat.msn.ca/bin/msnchat.cab

[{FA13A9FA-CA9B-11D2-9780-00104B242EA3}]
CODEBASE = http://www.wildtangent.com/install/wdriver/adrenaline/microsoft/wtinst.cab

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate.microsoft.com/R553/V31Controls/x86/w98/en/actsetup.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\SWFLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[NetworkPlace Class]
InProcServer32 = C:\WINDOWS\DOWNLO~1\NETPLACE.DLL
CODEBASE = http://www.driveway.com/partners/msoe/netplace.cab

[EAC_DownloadRec Class]
InProcServer32 = C:\PROGRA~1\COMMON~1\EACCEL~1\EAC_DREC.DLL
CODEBASE = http://www6.buttonware.net/canary_eacceleration_webcelerator_4.cab

[CoGSManager Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\GSMANAGER.DLL
CODEBASE = http://gamingzone.ubisoft.com/packages/GSManager.cab

[Measurement Service Client]
InProcServer32 = C:\WINDOWS\DOWNLO~1\MSC.OCX
CODEBASE = http://ccon.madonion.com/global/msc.cab

[{7A32634B-029C-4836-A023-528983982A49}]
CODEBASE = http://fdl.msn.com/public/chat/msnchat42.cab

[YInstStarter Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\YINSTHELPER.DLL
CODEBASE = http://download.yahoo.com/dl/installs/yinst.cab

[ActiveDataObj Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\ACTIVEDATA.DLL
CODEBASE = https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab

[Symantec RuFSI Registry Information Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL
CODEBASE = http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab

[MSN Chat Control 4.5]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNCHAT45.OCX
CODEBASE = http://fdl.msn.com/public/chat/msnchat45.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37654.5841087963

[Ikonic Menu Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\IKMENU.OCX
CODEBASE = http://activex.microsoft.com/controls/iptdweb/ikcntrls.cab

--------------------------------------------------
End of report, 7,092 bytes
Report generated in 0.567 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


----------



## Rollin' Rog (Dec 9, 2000)

I don't see any obvious causes, but for troubleshooting purposes I would recommend you disable these items under msconfig > startup. Msconfig is the system configuration utility. To start it, run *msconfig*

Exif Launcher
ScreenSave control
regshave
loadqm
Ram Idle Prof

And under the Autoexec tab, uncheck:

c:\windows\a4init.exe
C:\MediaKey\FGetKey.exe

You can utilize this list to decide on whether to leave items unchecked or disable others as well.

http://www.pacs-portal.co.uk/startup_pages/startup_full.htm

This is also a rather peculiar if not suspicious Browser Helper Object, though probably not related to your problems:

Activater - (no file) - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F}

BHO Demon could be used to disable it or HiJackThis to remove it:

http://www.spywareinfo.com/downloads.php

HiJackThis should be used to remove only those items you do not want to see again, use with caution.

You should also go to Internet Options > Settings > View Objects and remove the "Wild Tangent" entry in Download Programs. I would leave only objects associated with major vendors such as Microsoft, Macromedia, Yahoo, etc..


----------



## brett489 (Dec 7, 2002)

I downloaded the Hijack this program and it came up with some stuff im just not sure if i should fix the problems will i beable to restore them if something goes worng i just dont wanna do somethin bad...


----------



## steamwiz (Oct 4, 2002)

Don't delete anything with "hijackthis" - post the log here and we'll tell you what is safe to delete

When the scan has finished, the scan button turns into a save log button - save the log somewhere, then copy and paste it in a new post in this thread

steam


----------



## brett489 (Dec 7, 2002)

Logfile of HijackThis v1.91.2
Scan saved at 8:14:29 PM, on 06/02/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL=http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant=about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=Microsoft Internet Explorer provided by Sympatico
O2 - BHO: Activater - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SM56ACL] sm56hlpr.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [MessengerPlus] "C:\Program Files\Messenger Plus! Extension\MsgPlus.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~3\NAVAPW32.EXE
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\TweakNow PowerPack\RAM_98.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - Startup: Mstask.lnk = C:\WINDOWS\SYSTEM\MSTASK.EXE
O4 - Startup: stimon.exe.lnk = C:\WINDOWS\SYSTEM\stimon.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O11 - Options group: [Multimedia] Multimedia
O12 - Plugin for .avi: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} (Macromedia Authorware Web Player Control) - http://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxm.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://cs3.chat.yahoo.com/v/yacscom.cab
O16 - DPF: {7944C497-34C7-11D3-B09C-00C04F612FF1} (MSNChatFrame Class) - http://chat.msn.ca/bin/msnchat.cab
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} - http://www.wildtangent.com/install/wdriver/adrenaline/microsoft/wtinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {06B28923-0447-44BE-BB19-9C7A330BCDBD} (NetworkPlace Class) - http://www.driveway.com/partners/msoe/netplace.cab
O16 - DPF: {8869786C-8E72-45DC-911D-AB3416AC1DF1} (EAC_DownloadRec Class) - http://www6.buttonware.net/canary_eacceleration_webcelerator_4.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/packages/GSManager.cab
O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} - http://fdl.msn.com/public/chat/msnchat42.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37654.5841087963
O16 - DPF: {F5131C24-E56D-11CF-B78A-444553540000} (Ikonic Menu Control) - http://activex.microsoft.com/controls/iptdweb/ikcntrls.cab


----------



## Rollin' Rog (Dec 9, 2000)

Here are the ones I would remove ('fix') with HijackThis:

O2 - BHO: Activater - {1E1B2879-88FF-11D2-8D96-D7ACAC95951F} - (no file)

O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} - http://www.wildtangent.com/install/...soft/wtinst.cab

O16 - DPF: {8869786C-8E72-45DC-911D-AB3416AC1DF1} (EAC_DownloadRec Class) - http://www6.buttonware.net/ canary_e...celerator_4.cab

O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/ msc.cab

These are at the very least, useless.


----------

