remove items from msconfig

Its been awhile since ive had any version of real player.

what noahdfear is saying is the startup entry is not nessesary
it can be fixed and you then just start the player manualy. or when you click a media link it will still run.
there is probaly an Option within realplayer to not have it start with windows to.

Im not sure what to think of that

 

OK, I let HJT fix those last two items, but, I still get that crappy little Real One split window at the bottom of my IE windows. However, now, if I click on it's "X ", and make it go away, I can still surf with IE, so I guess that's OK.

Here's the most recent HJT log:

Logfile of HijackThis v1.97.7
Scan saved at 10:04:54 AM, on 4/20/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\NISUM.EXE
C:\PROGRAM FILES\NORTON INTERNET SECURITY\CCPXYSVC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\RFA\RFAGENT.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE
C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\__SHARED\HIJACK_THIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.truthout.org/
N2 - Netscape 6: # Mozilla User Preferences
// This is a generated file!

user_pref( "browser.cache.directory ", "C:\\WINDOWS\\Application Data\\Mozilla\\Profiles\\default\\xvr8qeo9.slt\\Cache ");
user_pref( "browser.history.last_page_visited ", "http://truthout.org/docs_03/050603C.shtml ");
user_pref( "browser.search.defaultengine ", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%206%5Csearchplugins%5CSBWeb_01.src ");
user_pref( "browser.startup.homepage_override.1 ", false);
user_pref( "intl.charsetmenu.browser.cache ", "windows-1252, us-ascii ");
user_pref( "prefs.converted-to-utf8 ", true);
user_pref( "signon.SignonFileName ", "97900217.s ");
user_pref( "startup.homepage_override_url ", "http://home.netscape.com/bookmark/6_1/startuppage.html ");
user_pref( "timebomb.first_launch_time ", "997823721500000 ");
user_pref( "wallet.SchemaValueFileName ", "52964405.w ");
user_pref( "browser.helperApps.neverAsk.openFile ", "application%2Fx-java-jnlp-file ");
(C:\WINDOWS\Application Data\Mozilla\Profiles\default\xvr8qeo9.slt\prefs.js)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe "
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [rfagent] C:\PROGRAM FILES\RFA\rfagent.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE
O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks "
O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe "
O4 - HKLM\..\RunServices: [Nisum] C:\Program Files\Norton Internet Security\NISUM.EXE
O4 - HKLM\..\RunServices: [ccPxySvc] C:\Program Files\Norton Internet Security\ccPxySvc.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [nisserv] C:\Program Files\Norton Internet Security\NISSERV.EXE
O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINSM32.EXE
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/Z4/heartbeat.cab
O16 - DPF: ChatSpace Java Client 2.1.0.89 - http://soapcity.chatspace.com/Java/cs4ms089.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37995.8654976852
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = G_AND_R
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1

 

Looks clean but this process C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE shows something is still starting real player. Might want to look into it's settings for somewhere to disable it from autostarting. Take a look in msconfig for anything not needed and disable.......taskmon...scheduling agent........power profile. You can use HJT to generate a startup list and post it if you like. Click config button then misc. tools.
I can't quite picture the split window you're referring to. Can you post a screenshot somewhere? Or mail me one? Have you run Reg. First Aid since fixing things?

 

I realize this thread is over two years old, but I got here searching for an answer. On a Windows 98 machine that I just got done cleaning up for a customer there were 128 randomly generated filenames in MSConfig. A bunch of them were in the run sections of the registry, but when I cleaned the whole registry of the instances, I still had them in MSConfig. And here are the two places I found them all.
\Windows\All Users\Start Menu\Programs\Disabled Startup Items
\Windows\Start Menu\Programs\Disabled Startup Items
I used "find text in" in find files and folders to find them.
I deleted them and they went away from the startup menu.
Maybe this'll help someone, albeit a couple years late!

 

This is not the thread I meant to reply to! How it got here I don't know. The thread was about getting rid of unchecked items in msconfig startup. Someone feel free to delete this from here please!

 

I give up... :-(

 

LOL

Thats ok mewnlite But please start a new topic, you can then include a url to the thread thats similur. that is if your still having problems,

 

I ran HJT -the log file ended with 017.-No user pref as in rlambert7's.
Should they be there? Also 017>Should it be Fixed?
Joe R
I have a running process >bwgo00006764.exe< located in a Temp file
with 10 others each with a different last 4 digits. Any idea what it is??

 

His didn't end that way. The no user pref entries were related to Netscape/Mozilla.
His 017 entries;
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = G_AND_R
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1

That really depends on the entries. Why not post a log so it can be checked. A new thread is recommended though.

 

Thanks for the reply. Will send log in a new thread.
Joe R