Freeze Problem [HijackThis Log]

Freeze

Hi,
New hijackthis file:
Logfile of HijackThis v1.99.1
Scan saved at 7:27:27 PM, on 04/24/2005
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE
C:\WINDOWS\ptsnoop.exe
C:\PROGRAM FILES\KODAK\KODAK EASYSHARE SOFTWARE\BIN\EASYSHARE.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.excite.com/
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\WINDOWS\SYSTEM\BHOCITUS.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [KodakCCS] C:\WINDOWS\System32\Drivers\KodakCCS.exe
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PTSNOOP] ptsnoop.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - Startup: Kodak EasyShare software.lnk = C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe
O4 - Startup: KODAK Software Updater.lnk = C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe
O8 - Extra context menu item: Citibank Toolbar - about:<script>new ActiveXObject( "OBar.BarLauncher ").ShowBar(window.external.menuArguments, "{2db95750-6d83-11d4-bb5b-00e02956ca77} ")</script>
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F4E445520422} - C:\PROGRA~1\CITIVI~1\CitiVAN.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
O9 - Extra button: Citibank Toolbar - {2db95750-6d83-11d4-bb5b-00e02956ca77} - C:\PROGRA~1\OBONGO\IEBAR\1OBAR~1.DLL (file missing) (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O12 - Plugin for .bpt: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
O16 - DPF: {CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_04) -
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,30
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://photo.walmart.com/photo/upload/XUpload.ocx
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/oemji_opt_out/SSWebInstall.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {D44C75D8-C827-473E-8F68-A77E42500782} (Uploader Class) - http://www.walgreensphotocenter.com/upload/WebUploadClient.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab

 

Freeze

Hi Tony et al,
Did the fix from hijackthis and put the mouse thru it's paces. So far cannot generate a FREEZE. Sounds good, but will give it a day and then report back again.
To all of you that helped me with this problem a big thanks.
Thanks Again.
Larry Opheim

 

Hi Opheim1,
I told ya' I peek in on you and I see you've had some good luck. I'm glad , for now, your problems seem to have subsided and perhaps have been cured. I pretty well figured it was the adware/malware phone homers that were giving your computer fits. You have to be real careful when installing software these days. Keep up with lavasoft/spybot cleanups and make these a part of your regular comp maintenance routine. Your virus software won't protect you from these because, for the most part they aren't virus per say. They are baggage that comes bundled with other software and is usually only announced (for those applications that are kind enough to do so) through the ula agreement, your suppose to read prior to installing. There are ways to better secure yourself from these and can be found in the security forum stickies. You've only had a mild brush with some of the easier examples of these. There are some real "Hard Ball" baddies on the Net just waiting to nab ya'.

Glad things are looking up for you and, as TonyT asked, please do keep your post updated. Thanks for the current update. I'm going to add a "sum up" and link this to your win98 post so others can read about your current success.

 

Freeze Still There

Hi,
I had high expectations last night when I wrote my message, but all is not good today.
I had two freeze's this morning when I tried to open two programs on my desktop. Had to re-boot each time. It's when I click on a desktop icon that I get no response. When they do respond, the web site is very slow to open.
Wish that I had better news to pass along.
A couple of things that I did after the FIX are as follows: Had to re-download my Home Photo Deluxe 3.1 since it was knocked out by the fix, I think. Also had to check my Kodak Device Startup in order for Kodak to work and transfer from dock to computer.
Would like to try any further suggestions. Simpler the better as I'm 78 years old.
Thanks!
Larry Opheim

 

Freeze

Hi Again,
One more piece of information. I just had what I thought was a freeze when I clicked on a desktop icon, and after waiting about three minutes it finally opened up. In other words very slow to respond. The hour glass appears, but no action occures for what seems like a long time. That's why I always thought it was frozen, but may have been a delay instead of a freeze. At any rate it is still a problem I would like to correct.
Thanks!
Larry Opheim

 

Freeze (Delay)

Hi Again,
While searching some posts related to my problem, I ran accross some mention of using Windows Registry Repair. I downloaded it and ran it thru my registry. It turned up 1056 registry errors. It would only correct 15 of those for free. I don't know what the cost is for the complete correction of the 1056. Is this something that I should follow thru on?? Does anyone know the cost? Is there a similar program that doesn't charge?
A continuing thanks for all of the help.
Larry Opheim

 

RegSeeker

The way I have always used it is as follows. Run a clean registry scan, selecting all areas. Make sure the backup box in the lower left corner is checked when scan completes, click select all, then right click within the results and delete. Run another scan and do the same. Run a third and reboot, then run 1 more. Use the Histories button to clear typed URLs, cookies, old start menu items and stream MRUs.

Unsure as to what all you've done so far, but suggest you empty all temp folders; show hidden files and folders, then clear the contents of C:\Windows\Applog; delete temporary internet files; run disk cleanup and finally defragment.

I also see an entry for SpySpotter in your log. It's on the list of rogue antispyware apps, so if you have it installed, I recommend you uninstall it and delete all associated files/folders.

Fix this entry.
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spyspotter.com/oemj...SWebInstall.cab

 

Delay; Stall

Wish that I could say that the Delay in opening files was cured, but unfortunately, the problem persists. I have tried every suggestion given in the above threads and more. The cleaning process is about as complete as is possible. I almost think that it is a mechanical thing like my cable modem or the mouse. The annoying aspect is the inconsistency of the problem. Everything works great for a time and then bingo a stall or delay of minutes occurs.
If you have any further suggestions, I would be happy to hear from you.
Thanks!
Larry Opheim

 

Forgive me for not looking back and/or reviewing the original thread to see if this was done, but have you opened the case and cleaned? Check that fans are running properly, etc. You mention running fine for a time before the slowdown/freeze-up begins....heat build-up?

 

Delay problem

Yes, I cleaned the files, registry etc with about three different cleaning tools, as recommended by goddez, sparrow, Billybob, and Tony. I also checked the fan, and used air pressure to remove any dust. Will check the fan again.
It seems to stall or delay opening a program or file right after I've X'ed out a page on the internet and then immediately try to open something else. The delay could be a minute or more.
Checked the fan and it is working fine.
Thanks for everyone's help.
Larry Opheim

 

opheim1

It may now be adviseable to do a clean installation of windows. If you go this route, formatting your disk is not adaquate to clean it - format doesn't clean the system areas. There are three ways to clean the whole drive: 1. low level format - now-a-days just useing a program to write 0's to the entire drive, 2. installation of a foreign OS such as linux (my preference), or 3. DOS fdisk, deleting and recreating partitions possibly several times. But wait 'til more folks agree that this is the way to go, and meanwhile, back up all data that you will need in the future.

 

Stall Problem

Could it be an Internet Explorer problem? With all that I've tried to correct the problem over the last two weeks, I think that I've even tried to repair the IE. I have never uninstalled IE, or know exactly the procedure to uninstall and then re-install.
The delay occurs after leaving an internet page by cancelling it out.
Thanks for keeping trying to help me.
Larry Opheim

 

Certainly worth a try to fix IE. Shut down all other programs, copy the following command then paste it in the Start>run dialog box, close all open windows, then hit enter.

Code:

rundll32 setupwbv.dll,IE6Maintenance  "C:\Program Files\Internet Explorer\Setup\SETUP.EXE" /g  "C:\WINDOWS\IE Uninstall Log.Txt "

Reboot. Locate IE6setup.exe on your computer and double click to re-install, or visit Windows Update and re-download/re-install/update. Altenatively, if needed, you can get IE6 here, then visit Windows Update to make sure all updates are installed.

 

Stall Problem

Thanks Dave, but I had a problem right off the bat. The copy and Paste of the long command did not work, so I put it in the RUN by hand. I got the following message back. "Cannot find the file rund32 or one of it's components. Make sure the path and filename are correct and that all required libraries are available.
I copy and paste a lot, so wonder why this didn't work.
Any suggestions?
Thanks again.
Larry

 

rund32 ???

 

Hi Dave.: I tried to copy and paste the command, but no luck. It copied alright, but there would be no paste when I went to insert it in RUN. Tried typing the command, but got the following message back: Cannot find the file rund 1132 or one of it's components. Make sure that the path and filename are correct and that all required libraries are available.
Will try your other suggestions.
larry
Sorry, I said this before, but with the change in pages, I couldn't find the first one so did it again.

 

Well, here's the MS link.

How to Uninstall Internet Explorer 6

There are a couple of other ways also.

 

Still there

I did the IE uninstall and re-install, but that wasn't the problem.
Sometimes it will work good and then revert to the stall-hold- delay problem.
I can't nail it down as to the pattern or sequence needed to activate the problem. It's a mystery. I click the icon and the pointer and /or the hour figure sits there for a minute or more.
With all of your help, I've tried a lot of tools to clean out ads, viruses, broken files and whatall.
Sparrow mentioned doing a Clean Installation of Windows procedure, but so far nobody has seconded that suggestion, and I would need directions to try that.I could limp along with things the way they are, but it is frustrating. Can one tell if they have a damaged hard drive?
Thanks for trying to help me on this problem.
Larry