Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

win98se slow boot

Status
Not open for further replies.
cascades

cascades

MIS
Mar 31, 2000
32
US
I have a dell laptop with win98se.. A month ago it started to boot slower than normal and once booted, I couldn't move the cursor. No unusual processes or applications seemed to be running. I downloaded a package called Spyhunter, that seemed to cleaned alot of adware, spyware, etc and the syetem seemed to run alot better. I have run spyhunter numerous times since intalled, but now the system is running even slower than before. I cannot even get the cursor to move at all now... Any suggestions?? Is there some other spyware program that I should get to clean up my laptop?
thanks
 
Sort by date Sort by votes
Hello cascades,

A slow boot usually is associated with the difficult the system to find/load some troublesome drivers. Why it suddenly happens is to investigate. Virus? possible but not necessarily. To look into it is to have a bootlog analyzer. Download one ("bla") and start looking into the log.

regards - tsuji
 
Upvote 0 Downvote
A couple ideas:

1) Check this FAQ: faq615-3144

2) Update your antivirus scanner and run a full system scan.

3) Try ALL the suggestions at this site:
[tab]
[tab] Post back with your HiJack This! logfile

4) Look at the following forum: forum760 (Virus/Spyware)


~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
 
Upvote 0 Downvote
hello

I got java script errors when trying to access the FAQ and forum links, but here is the hijackthis log:

Logfile of HijackThis v1.97.7
Scan saved at 4:34:34 PM, on 7/14/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\EVNTSVC.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\AMERICA ONLINE 8.0\AOLTRAY.EXE
C:\PROGRAM FILES\WIRELESS\CLIENT MANAGER\CMAGS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVSYNMGR.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSSTAT.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\VSHWIN32.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\AVCONSOL.EXE
C:\PROGRAM FILES\NETWORK ASSOCIATES\VIRUSSCAN\WEBSCANX.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\UTILS\SPYWARE\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.EXE -off
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [MiniLog] C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -service
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] C:\Program Files\Network Associates\VirusScan\AVSYNMGR.EXE
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 8.0\aoltray.exe
O4 - Startup: Wireless Client Manager.lnk = C:\Program Files\Wireless\Client Manager\CMAGS.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Real.com (HKLM)
O16 - DPF: {70A89DB7-5EC2-4790-AC34-0018FC2E61CB} (oucv3 Class) - O16 - DPF: {99B42120-6EC7-11CF-A6C7-00AA00A47DD2} (Label Object) - O16 - DPF: {0C98419E-324F-11D3-9A23-00C04FF40D52} (McAfee Clinic AV Installer Control) - O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (IPIX ActiveX Control) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O16 - DPF: {DED22F57-FEE2-11D0-953B-00C04FD9152D} (CarPoint Auto-Pricer Control) - O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - O16 - DPF: {FE67C682-F5EA-11CF-9C2F-0000C0C83ADC} (Jamba Class Library) - O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} (loader Class) - O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aol.com
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 209.249.176.5,209.249.176.7
 
Upvote 0 Downvote
Here's what I found on pstores.exe:

Process File: pstores or pstores.exe
Process Name: Protected Storage Service
Description: Microsoft Protected Storage Server, in Win95/98/ME, or Protected Storage Service, in WinNT/2000/XP. Protected Storage, in the form of PSTORES, was introduced with Internet Explorer 4. It is invoked by Microsoft Internet programs, such as Outlook Express and Internet Explorer, to securely store a variety of secure and confidential data into the registry, such as Outlook Express passwords, SSL certificates, auto-complete fields, such as usernames and passwords to enter web sites, and so forth, and web forms data.
Company: Microsoft Corp.
System Process: Yes
Security Risk ( Virus/Trojan/Worm/Adware/Spyware ): No
Common Errors: N/A


What about the other one?
 
Upvote 0 Downvote
Either the site is down or my security settings (Hosts,Zones etc.) won't let me go there!

I'll Google....Hmmm...Hosting site, free ISP (0845 number - UK?) so it seems ok, if you have a connection to the ISP or a site hosted with them.

Andy.
 
Upvote 0 Downvote
cascades,

Using HiJack This!, simply check the entries you want to get rid of. Then use the "fix" option. Verify that each entry you "fixed" no longer exists in the registry (or if it's a file, make sure it's removed from the hard drive). Then just reboot and run a scan again.

I would select these entries:

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (IPIX ActiveX Control) - O16 - DPF: {DED22F57-FEE2-11D0-953B-00C04FD9152D} (CarPoint Auto-Pricer Control) - O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - O16 - DPF: {FE67C682-F5EA-11CF-9C2F-0000C0C83ADC} (Jamba Class Library) - O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} (loader Class) - O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -

~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
 
Upvote 0 Downvote
For the FAQ that you couldn't access, just click the FAQs tab at the top of this page. Scroll down to Resource Issues and click "Basics - How to clean up Win95/98".

Zonealarm might be getting in the way of those links above.


~cdogg
[tab]"All paid jobs absorb and degrade the mind";
[tab][tab]- Aristotle
[tab][navy]For general rules and guidelines to get better answers, click here:[/navy] faq219-2884
 
Upvote 0 Downvote
Laptop??

First of all (as outlined in the FAQ cdogg posted)
go Control Panel >> Internet Options >> General Tab
Press Delete >> Temporary Internet Files
(don't tick the box "Delete all offline content" that pops up - those are your [016 - DPF] ActivreX Controls listed in HijackThis - some good, some bad - I don't like Any ), --> confirm? OK
Press Settings >> Adjust the size of Internet cache to 10MB..click OK and then
Select >> the "Every Time I Start Internet Explorer" radio button..OK
Press --> Clear >> History , confirm? OK

More overall info w /cookies and Internet Options

in Internet Options go to "Advanced" Tab..scroll down and Tick "Empty Temporary Internet Files when Browser is closed" (or similar)

A basic reading to understanding spyware/trojans/malware/worms

Ok;
You don't need any of these below to run the machine well, and they're system resource hogs......also possible more than one is trying to auto-update

O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 8.0\aoltray.exe

On a Wireless Network?
If not....get rid of this, and uninstall the Adapter in Control Panel >> Network
O4 - Startup: Wireless Client Manager.lnk = C:\Program Files\Wireless\Client Manager\CMAGS.EXE

Don't like anything in this folder - \WEB - (below).....these are html Scripts and usually are related to Active Desktop functionality which I would Disable all together.

O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm

Check your My Computer -->>Scheduled Tasks folder for Tasks that are trying to run.
Also
Go into McAfee Options and ZoneAlarms Options and see if they are trying to Auto-Update and turn off that function.

If all else fails ....and cdogg's suggestions don't fix it consider doing this below, just make sure you DO HAVE the drivers to Reinstall.

boot into safe mode and uninstall the drivers below and then reboot and re-install the drivers.
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

How much RAM do you have???
Get more

TT4U

Notification:
These are just my thoughts....and should be carefully measured against other opinions.
Backup All Important Data/Docs
 
Upvote 0 Downvote
couple more quick things;
If not using wireless
Fix these
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aol.com
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 209.249.176.5,209.249.176.7

also set the Internet Options > History to 5-7 days - or less - something more manageable.

also go to
C:\WINDOWS\Recent and
C:\WINDOWS\Temp and empty the contents of each folder

Run your Spyware Remover once again


TT4U

Notification:
These are just my thoughts....and should be carefully measured against other opinions.
Backup All Important Data/Docs
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Flinx
  • Locked
  • Question
continuing issues with Windows 10 slow transfer to NAS
Replies
6
Views
330
pmonett
pmonett
Flinx
  • Locked
  • Question
very slow transfers from windows 10 to NAS
Replies
9
Views
236
Flinx
Flinx
Rosciano
  • Locked
  • Question
Blue screen during the boot.
Replies
1
Views
83
gbaughma
gbaughma
Randy_F
  • Locked
  • Question
Windows 10 Will only boot with a USB drive inserted??? 2
Replies
4
Views
194
Ferdinand Schultz
Ferdinand Schultz
Keyboy
  • Locked
  • Question
Boot software
Replies
3
Views
117
Keyboy
Keyboy

Part and Inventory Search

Sponsor

Back
Top