# MSN hotmail



## Lynne Hamilton (Jun 1, 2001)

I have windows 98se. On my msn box when i click on get email, it won't open. When i receive an email and click on the pop up box it freezes up for one minute. Then it goes into my hotmail and freezes up for another minute. When i click on an email to open it freezes up for a minute again. When i click on another email to read it freezes up again for another minute. For each thing I do on my msn it freezes up. Is there anything I can do to keep it from doing that? Also i am getting illegal operations and the details are kernell 32.DLL.


----------



## ~Candy~ (Jan 27, 2001)

Hi Lynne, the exact error messages will be more helpful.

Also, have you updated your virus program and scanned for viruses this week?


----------



## Lynne Hamilton (Jun 1, 2001)

I never thought to write down the numbers beside kernell32.DLL. sorry. Yes i have nortons 2002 and i run a scan every week and get live updates for it too. I have also emailed MSN about it and what they suggested didn't help. If i use netscape to check my hotmail it works Okay. My outlook express takes about one minute to open too. I have cleaned cookies and deleted files too. I have scanned disk and defraged also.


----------



## Lynne Hamilton (Jun 1, 2001)

This program has performed an illegal operation and will be shut down. The details are:

EXPLORER caused an invalid page fault in
module KERNEL32.DLL at 017f:bff9db61.
Registers:
EAX=c00309c4 CS=017f EIP=bff9db61 EFLGS=00010216
EBX=0803ef0c SS=0187 ESP=07fffe0c EBP=080000a8
ECX=00000000 DS=0187 ESI=080001f8 FS=605f
EDX=bff76855 ES=0187 EDI=0803eef8 GS=0000
Bytes at CS:EIP:
53 8b 15 e4 9c fc bf 56 89 4d e4 57 89 4d dc 89 
Stack dump:


What does this mean? And is this what is causing all my trouble on msn hotmail?


----------



## ~Candy~ (Jan 27, 2001)

"M. Spyridakis" wrote in a group message:
I get the following message when I close "My Computer" after transferring files from floppy to HD.
"Explorer caused an invalid page fault in module KERNEL32.DLL at 017f:bff9db61." Any ideas
How the problem was solved?
It was the PDM.DLL file that was causing the problem. He changed it to PDM.OLD and the IPF disappeared.

Cut and paste from this site:

http://www.generation.net/~hleboeuf/errexplo.htm#ERRKERNEL32.DLL

not sure if it'll solve your problem......but worth the look and try.

Do you know how to rename a file? Do a search with windows explorer, search the c: drive, find that file, and rename the file.........


----------



## Lynne Hamilton (Jun 1, 2001)

It has this on the site you suggested.

Explorer caused an invalid page fault in module Kernel32.dll. 
Cause
This behavior can occur if you changed the size of the Windows swapfile. 
Resolution
To resolve this issue, use the default Windows swapfile settings. To do this, follow these steps: 
Click Start, point to Settings, and then click Control Panel. 
Double-click System. 
On the Performance tab, click Virtual Memory. 
Click "Let Windows manage my virtual memory settings (Recommended)," and then click OK. 
Click OK or Close. If you are prompted to restart Windows, click 

Should I try this or not? I don't want to try something to make it worse. LOL. I don't know how to rename a file or whatever it was that you said.


----------



## ~Candy~ (Jan 27, 2001)

I'm assuming you have a newer version of MSN than what was mentioned in that particular article......I run MSN as well, and I think I'm up to version 6........take a browse for that file and see what you come up with.

And there is nothing wrong with letting windows manage the virtual memory......more than likely, that's already checked.


Along the lines of finding the file........start button, find files/folders, then type in that file name.........once you find it, right click on it, then choose rename, and rename it accordingly.


----------



## Lynne Hamilton (Jun 1, 2001)

ARRRRGGGGG. LOL. Well as i was doing windows explorer I had another illegal operation. These details were different:

MSMSGS caused an invalid page fault in
module <unknown> at 0000:037d52c9.
Registers:
EAX=005a8088 CS=017f EIP=037d52c9 EFLGS=00010246
EBX=00000000 SS=0187 ESP=03a2ff6c EBP=03a2ff98
ECX=005a80f4 DS=0187 ESI=005a6fec FS=5177
EDX=81789590 ES=0187 EDI=80158100 GS=0000
Bytes at CS:EIP:

Stack dump:
81789588 00000008 8177dcc8 00000000 00000000 00000003 ffffffff 00000001 00000000 00000000 00583ee8 03a2ffcc bff88f20 00000000 81789588 00000008

I did what you said to find the file from the start button and it said "no files found" for PDM.DLL

I have version 4.6 MSN.


----------



## ~Candy~ (Jan 27, 2001)

Post your startups......

start button, run, the type msinfo32 and press ok.......then go to startups, edit, select all, edit, copy and come back and paste.


----------



## Lynne Hamilton (Jun 1, 2001)

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
GStartup	Startup Group	"C:\Program Files\Common Files\GMT\GMT.exe" /startup
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
LoadQM	Registry (Machine Run)	loadqm.exe
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run) Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
NAV Agent	Registry (Machine Run)	C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
babeie	Registry (Machine Run)	rundll32 "C:\Program Files\CommonName\Toolbar\CNBabe.dll",DllStartup
CMESys	Registry (Machine Run)	"C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
wcmdmgr	Registry (Machine Run)	C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
New.net Startup	Registry (Machine Run)	rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE


----------



## ~Candy~ (Jan 27, 2001)

Lynne, you've got some spyware running there.......

Let's do this first........go to the start button, settings, control panel, add/remove programs.........look for that NewDot program and remove it.........also, if you see anything related to GATOR, do the same thing.


----------



## Rollin' Rog (Dec 9, 2000)

Lynne, see my post here for installing and running Spybot.

You've got a bunch of nasties there from New.net, to Gator to Cnbabe

http://forums.techguy.org/showthread.php?postid=554979#post554979


----------



## Lynne Hamilton (Jun 1, 2001)

There is nothing in there that says Gator and the only thing i see close to what you said is New.net Domains 4.50, is this the one i should remove.


----------



## Rollin' Rog (Dec 9, 2000)

This is New.net:

New.net Startup Registry (Machine Run) rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup

Both of these are Gator loads:

GStartup Startup Group "C:\Program Files\Common Files\GMT\GMT.exe" /startup

CMESys Registry (Machine Run) "C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE

A difficult nastie to get rid of without Spybot:

babeie Registry (Machine Run) rundll32 "C:\Program Files\CommonName\Toolbar\CNBabe.dll",DllStartup

refs:
http://www.cexx.org/newnet.htm
http://www.cexx.org/gator.htm

Others here:
http://www.cexx.org/adware.htm

All will be removed by Spybot.


----------



## Lynne Hamilton (Jun 1, 2001)

I remember you Rollin, you helped me before. I went to the add remove to remove that New.net. Is there anything else i should do now? I am copying from the startup to see if it has changed, here it is.

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
GStartup	Startup Group	"C:\Program Files\Common Files\GMT\GMT.exe" /startup
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
LoadQM	Registry (Machine Run)	loadqm.exe
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
NAV Agent	Registry (Machine Run)	C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
babeie	Registry (Machine Run)	rundll32 "C:\Program Files\CommonName\Toolbar\CNBabe.dll",DllStartup
CMESys	Registry (Machine Run)	"C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE"
wcmdmgr	Registry (Machine Run)	C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE


----------



## Rollin' Rog (Dec 9, 2000)

Yes, New.net is only part of the problem. Your illegal operation messages are most likely being caused by the other spyware.

You should follow instructions for running Spybot. Then post another list of your startups to confirm complete removal.

http://forums.techguy.org/showthread.php?s=&threadid=97657


----------



## Lynne Hamilton (Jun 1, 2001)

Ok now after three illegal operations i finally got to the spybot site. Well when i saved the download to desktop, it won't open so i deleted it and downloaded again but this time i just chose the open option instead of saved. It still won't open. So now i don't know what to do about spybot.


----------



## Rollin' Rog (Dec 9, 2000)

Although I don't think the location of where you are trying to run it from is the problem (the desktop), I specifically suggested not trying to "install" it from there as it will want to run from that location in the future.

Are you getting an error message of any kind when you try to open it? The initial download will be a compressed file and if it is a .zip, you will need a zip program to open it. There seem to be different variations coming from different sites.

Try creating an individual host folder for Spybot, not on the desktop, and download this link to it:

http://mickeytheman.digitalrice.com/files/spybotsd.zip

You should be able to open and extract the zipped files to the folder you download it to. Then run the spybotsd.exe appllication and follow my directions from there. You should update it by clicking the 'online' tab and check for updates. You won't need the "main" program or the PGP or language updates.


----------



## Lynne Hamilton (Jun 1, 2001)

ok now i made a new folder under C and it still does the same thing. It won't open it just keeps popping "what do you want to do","open", "save", "cancel". I choose save and it saved to drive C, then when i went to it, it just keeps asking to either open or save. When i click on open, the box just keeps popping back up asking what i want to do. And it looks like a white computer inside the folder.


----------



## Rollin' Rog (Dec 9, 2000)

This is a zipped file you are downloading. The download dialog will give you the option of saving it to a specfic directory. You should create a new folder for it and download it to that folder.

Once downloaded you should see spybotsd.zip there

Now do you have a zip file program such as Winzip? It sounds like you do not or you have lost your File Type association for zip files. Try selecting (highlighting) that file, then shift+right click on it. Select "open with" from the dialog and scroll to and select your zip program to open it. Put a check in "always use" and click OK. Extract the files within the zipped folder to the new "host" folder. Look for and run spybotsd.exe this will create the install. Then you should find it in your Start Menu or you can run it from desktop shortcuts if you let it create one.

If you can't get this to open, at least for the time being, go back to my original post and follow the instructions for installing and using Ad-aware. It is not a zipped program.


----------



## Lynne Hamilton (Jun 1, 2001)

I was not able to open it with winzip because it did not show up in that box. And as far as i know i have winzip because i have used it before quite awhile back but i was able to download the Ad-aware. This is what it showed after i ran the scan:

Scan initialized on 10/2/02 10:35:02 PM.
(AAW release 5.83, referencefile 029-15.06.2002)
=================================================

Started memory scan
====================
Running processes:

#:1 : C:\WINDOWS\SYSTEM\KERNEL32.DLL

#:2 : C:\WINDOWS\SYSTEM\MSGSRV32.EXE

#:3 : C:\WINDOWS\SYSTEM\MPREXE.EXE

#:4 : C:\WINDOWS\SYSTEM\mmtask.tsk

#:5 : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE

#:6 : C:\WINDOWS\SYSTEM\MSTASK.EXE

#:7 : C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE

#:8 : C:\WINDOWS\SYSTEM\SYSTRAY.EXE

#:9 : C:\WINDOWS\LOADQM.EXE

#:10 : C:\WINDOWS\TASKMON.EXE

#:11 : C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE

#:12 : C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
Warning! GATOR : cmesys.exe (cmesys.exe)

"cmesys.exe" unload successfull!

#:13 : C:\WINDOWS\WT\UPDATER\WCMDMGR.EXE

#:14 : C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
Warning! GATOR : gmt.exe (gmt.exe)

"gmt.exe" unload successfull!

#:15 : C:\WINDOWS\SYSTEM\WMIEXE.EXE

#:16 : C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE

#:17 : C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE

#:18 : C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE

#:19 : C:\WINDOWS\SYSTEM\DDHELP.EXE

#:20 : C:\WINDOWS\EXPLORER.EXE

#:21 : C:\PROGRAM FILES\LAVASOFT AD-AWARE\AD-AWARE.EXE

Memory scan result:
Total modules found:21
Suspicious modules found:2

Started registry scan
======================
Cydoor key:HKEY_USERS\.default\software\cydoor\
Cydoor key:HKEY_USERS\.default\software\cydoor services\
Other key:HKEY_CLASSES_ROOT\babeie.agentie\
Other key:HKEY_CLASSES_ROOT\babeie.agentie.1\
Other key:HKEY_CLASSES_ROOT\clsid\{139d88e5-c372-469d-b4c5-1fe00852ab9b}\
Gator key:HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}\
WurldMedia key:HKEY_CLASSES_ROOT\clsid\{d14641fa-445b-448e-9994-209f7af15641}\
Other key:HKEY_CLASSES_ROOT\favorite.favoriteman\
Other key:HKEY_CLASSES_ROOT\favorite.favoriteman.1\
WurldMedia key:HKEY_CLASSES_ROOT\interface\{3cb6def9-1db2-4b5d-9a70-9bf8345ed73c}\
Other key:HKEY_CLASSES_ROOT\interface\{99908473-1135-4009-be4f-32b921f86ed9}\
WurldMedia key:HKEY_CLASSES_ROOT\mbho.iehlprobj\
WurldMedia key:HKEY_CLASSES_ROOT\mbho.iehlprobj.1\
Other key:HKEY_CURRENT_USER\software\acceleration software international corporation\
Other key:HKEY_LOCAL_MACHINE\software\acceleration software international corporation\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\appid\ezulabootexe.exe\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulabootexe.installctrl\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulabootexe.installctrl.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}\
Other key:HKEY_CURRENT_USER\software\commonname\
Other key:HKEY_LOCAL_MACHINE\software\commonname\
Cydoor key:HKEY_CURRENT_USER\software\cydoor\
Cydoor key:HKEY_LOCAL_MACHINE\software\cydoor\
Cydoor key:HKEY_CURRENT_USER\software\cydoor services\
Other key:HKEY_CURRENT_USER\software\etraffic\
Gator key:HKEY_LOCAL_MACHINE\software\gator.com\
Other key:HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\advancedoptions\commonname\
Alexa key:HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\
Other key:HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\add a page note\
Other key:HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\bookmark this page\
Other key:HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\email this link\
Other key:HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\search using commonname\
Other key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{139d88e5-c372-469d-b4c5-1fe00852ab9b}\
WurldMedia key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d14641fa-445b-448e-9994-209f7af15641}\
Other key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\etraffic\
WurldMedia key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\your cash rewards\
WurldMedia key:HKEY_CLASSES_ROOT\typelib\{4769dd43-4045-405c-945f-752516445e89}\
Other key:HKEY_CLASSES_ROOT\typelib\{d879d743-e2cc-4161-8034-2234203681c9}\
Gator key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\cmesys
BonziBuddy key:Software\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\LimeWire\bonzi.url

Started extended registry scan
===============================
Possible Browser Hijack attempt data:Software\Microsoft\Internet Explorer\Main"Search Page" (Possible Browser Hijack attempt)
Possible Browser Hijack attempt data:Software\Microsoft\Internet Explorer\Main"Search Bar" (Possible Browser Hijack attempt)

Registry scan result:
Suspicious keys found : 45

Started folder scan
====================
Warning, no disk in drive (A)

BonziBuddy file:C:\WINDOWS\bbshortcut.ico
Gator file:C:\WINDOWS\GatorPdpSetup.log
Cydoor folder:C:\WINDOWS\SYSTEM\AdCache
Gator folder:C:\Program Files\Common Files\GMT
Gator folder:C:\Program Files\Common Files\CMEII
TopMoxie folder:C:\Program Files\topMoxie\com\ETraffic
TopMoxie folder:C:\Program Files\topMoxie
Other folder:C:\Program Files\CommonName
Folder scan result:
Folders processed:2012
Suspicious folders found:6

Started file scan
==================
WurldMedia file:C:\WINDOWS\SYSTEM\ad020326.de.xml
Cydoor file:C:\WINDOWS\SYSTEM\cd_clint.dll
Cydoor file:C:\WINDOWS\SYSTEM\cd_htm.dll
Other file:C:\WINDOWS\SYSTEM\favboot.dll
WurldMedia file:C:\WINDOWS\SYSTEM\mbho.dll
Gator file:C:\WINDOWS\Start Menu\Programs\StartUp\GStartup.lnk
Other file:C:\WINDOWS\Cookies\[email protected][1].txt
Other file:C:\WINDOWS\Cookies\[email protected][2].txt
Other file:C:\WINDOWS\Cookies\[email protected][1].txt
Other file:C:\WINDOWS\Cookies\[email protected][1].txt
BonziBuddy file:C:\WINDOWS\bbshortcut.ico
Gator file:C:\WINDOWS\GatorPdpSetup.log
Gator file:C:\Program Files\Common Files\GMT\egIEEngine.dll
Gator file:C:\Program Files\Common Files\GMT\EGIEProcess.dll
Gator file:C:\Program Files\Common Files\GMT\EGNSEngine.dll
Gator file:C:\Program Files\Common Files\GMT\Gator.log
Gator file:C:\Program Files\Common Files\GMT\Gator.log
Gator file:C:\Program Files\Common Files\GMT\GatorRes.dll
Gator file:C:\Program Files\Common Files\GMT\GatorStubSetup.exe
Gator file:C:\Program Files\Common Files\GMT\mepcme.dat
Gator file:C:\Program Files\Common Files\CMEII\CMEIIAPI.dll
Gator file:C:\Program Files\Common Files\CMEII\CMESys.exe
Gator file:C:\Program Files\Common Files\CMEII\CMEUpd.exe
Gator file:C:\Program Files\Common Files\CMEII\GAppMgr.dll
Gator file:C:\Program Files\Common Files\CMEII\GController.dll
Gator file:C:\Program Files\Common Files\CMEII\GDwldEng.dll
Gator file:C:\Program Files\Common Files\CMEII\GFormCTM.dll
Gator file:C:\Program Files\Common Files\CMEII\GMTProxy.dll
Gator file:C:\Program Files\Common Files\CMEII\GObjs.dll
Gator file:C:\Program Files\Common Files\CMEII\GStore.dll
Gator file:C:\Program Files\Common Files\CMEII\GStoreServer.dll
Gator file:C:\Program Files\Common Files\CMEII\GSvcMgr.dll
Gator file:C:\Program Files\Common Files\CMEII\GSvcSAP.dll
BonziBuddy file:C:\Program Files\LimeWire\bonzi.url
Cydoor file:C:\Program Files\LimeWire\cydoor.exe
Cydoor file:C:\Program Files\LimeWire\cydoor_uninstall.exe
TopMoxie file:C:\Program Files\topMoxie\JavaRun.exe
WurldMedia file:C:\Program Files\Morpheus\uninstall_wurld.ctoa

File scan result:
Suspicious files found:40

Scanning finished
==================
Suspicious modules found:2
Suspicious keys found : 45
Suspicious folders found:6
Suspicious files found:40
==========================
Components ignored:0
Total components found:93


----------



## Rollin' Rog (Dec 9, 2000)

Wow, what can I say, that's quite a load and much of it was not even showing in your startup list.

Be sure to select all the components Ad-aware finds, click the backup tab just for insurance and then complete the removal and reboot.

Let us know of any specific errors you get after doing so by clicking on the "details" tab and reporting the first two lines. I think however, you should see a much improved system.


----------



## Lynne Hamilton (Jun 1, 2001)

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
LoadQM	Registry (Machine Run)	loadqm.exe
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
NAV Agent	Registry (Machine Run)	C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
babeie	Registry (Machine Run)	rundll32 "C:\Program Files\CommonName\Toolbar\CNBabe.dll",DllStartup
wcmdmgr	Registry (Machine Run)	C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

Did it get all of the spyware off? My hotmail is still the same though. LOL.


----------



## Rollin' Rog (Dec 9, 2000)

No you still have both CommonName and Wild Tangent updater there. It is probably CommonName that is causing the problem.

Look in Add/Remove programs for both and see if you can remove them there. Here is some info on CommonName.

http://and.doxdesk.com/parasite/CommonName.html


----------



## Lynne Hamilton (Jun 1, 2001)

They were both in the Add/Remove so i removed them. Hotmail still freezing up for each thing i click on but i haven't had any illegal yet though.

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
LoadQM	Registry (Machine Run)	loadqm.exe
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
NAV Agent	Registry (Machine Run)	C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
babeie	Registry (Machine Run)	rundll32 "C:\Program Files\CommonName\Toolbar\CNBabe.dll",DllStartup
wcmdmgr	Registry (Machine Run)	C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE


----------



## Rollin' Rog (Dec 9, 2000)

Is this last post of startups after removing them? And did you reboot afterwards?

They are still showing. Try this, run *msconfig* and click on the startup tab. Remove the checks (if they are still there) for:

babeie Registry (Machine Run) rundll32 "C:\Program Files\CommonName\Toolbar\CNBabe.dll",DllStartup

wcmdmgr Registry (Machine Run) C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

... and reboot.

Back on the subject of Spybot. When you downloaded it to a "host" folder, is the file spybotsd.zip present there? What happens if you open your Winzip program through the Start Menu and browse to spybotsd.zip and open it?

I think the Hotmail issue may turn out to be something different, but I'm not sure what at the moment. You might try clearing your temporary internet cache if you haven't done so recently.


----------



## Lynne Hamilton (Jun 1, 2001)

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
LoadQM	Registry (Machine Run)	loadqm.exe
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
NAV Agent	Registry (Machine Run)	C:\PROGRA~1\NORTON~1\NORTON~1\NAVAPW32.EXE
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE


Yes i did reboot after the Add/Remove. I also had another illegal operation about 5 minutes ago. I have deleted cookies and files, diskfraged, scanned disk also. I can't find winzip through start button, but i see it under windows explorer but it asks to open with instead of just opening. No i don't see spybotsd.zip


----------



## Rollin' Rog (Dec 9, 2000)

Well you can't open a program you can't see, that's for sure. But it sounds like Winzip is dysfunctional. You might try installing the latest "evaluation" version -- they don't expire.

http://www.winzip.com/ddchomea.htm

When you download spybotsd.zip, try right clicking on the link and selecting "save target as". That should definitely give you the option of specifying a download folder. Then you should be able to just open that folder and see it. As I said before, it's best to create a "new" folder for it, that way it's easy to see if it is there and you can extract the files directly to that folder with nothing else there.

http://mickeytheman.digitalrice.com/files/spybotsd.zip

Now when you do get an "illegal operation" message, always click on the "Details" tab and copy out the first two lines indicating the error modules and the address. That's what we need to see.

It's possible your problems might be caused by NAV and we might want to try disabling that through msconfig for test purposes at least.

You can also leave LoadQM Registry (Machine Run) loadqm.exe

permanently Unchecked.


----------



## Lynne Hamilton (Jun 1, 2001)

Well i now have winzip again and spybot is on my start menu also. I opened spybot but i don't know how to use it. LOL.


----------



## Lynne Hamilton (Jun 1, 2001)

ok now i got spybot figured out how to runscan. There were quite a few things there including wildtangent. Got rid of everything the scan brought up. I unchecked what you said also. 

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
WinZip Quick Pick	Startup Group	"C:\Program Files\WinZip\WZQKPICK.EXE"
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE


----------



## Rollin' Rog (Dec 9, 2000)

Good, that's some relief anyway! 

Were you able to update Spybot before running it? You don't need the "main" program or any of the PGP (Pretty Good Privacy) or language stuff, but all the rest should be downloaded.

Still looking for those "details" when you get them.

If still no luck, try doing a test "cleanboot" by using msconfig > startups to disable everything but ScanRegistry and SysTray for test purposes.

We may want to use an outside program to look further at startups if necessary. This would be the StartupList application from the site below.

http://www.lurkhere.com/~nicefiles/


----------



## Lynne Hamilton (Jun 1, 2001)

No i didn't update before scan so i did update now and ran another scan also. I used the link you put in for the startup list and downloaded it. I haven't had an illegal operation yet but this is what the last one said:

EXPLORER caused an invalid page fault in
module KERNEL32.DLL at 017f:bff7b9f5.
Registers:
EAX=110088a1 CS=017f EIP=bff7b9f5 EFLGS=00010202
EBX=0397ef0c SS=0187 ESP=03940000 EBP=03940024
ECX=7fc39e61 DS=0187 ESI=00000001 FS=6517
EDX=00000001 ES=0187 EDI=817a89d0 GS=0000
Bytes at CS:EIP:
56 57 89 65 e8 75 04 33 c0 eb 54 85 c0 74 4b c7 
Stack dump:
0397ef0c 110088a1 00000001 0397ef0c 7fc39e61 03941df8 bffc05b4 bff79250 ffffffff 03941e08 bff7ce23 110088a1 00000001 7fc33046 110088a1 03941e30

Also this is another one that i have gotten also :

MSMSGS caused an invalid page fault in
module <unknown> at 0000:037d52c9.
Registers:
EAX=005a8088 CS=017f EIP=037d52c9 EFLGS=00010246
EBX=00000000 SS=0187 ESP=03a2ff6c EBP=03a2ff98
ECX=005a80f4 DS=0187 ESI=005a6fec FS=5177
EDX=81789590 ES=0187 EDI=80158100 GS=0000
Bytes at CS:EIP:

Stack dump:
81789588 00000008 8177dcc8 00000000 00000000 00000003 ffffffff 00000001 00000000 00000000 00583ee8 03a2ffcc bff88f20 00000000 81789588 00000008


----------



## Lynne Hamilton (Jun 1, 2001)

This is what the startup list showed after i downloaded it:

StartupList report, 10/3/02, 1:00:23 PM
StartupList version: 1.33.0
Started from: C:\UNZIPPED\STARTUPLIST133\STARTUPLIST.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SYMPATICO\ACCESS MANAGER\APP\ENTERNET.EXE
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\UNZIPPED\STARTUPLIST133\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\WINDOWS\Start Menu\Programs\StartUp]
PowerReg SchedulerV2.exe
WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
SystemTray = SysTray.Exe
NPROTECT = C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
TaskMonitor = C:\WINDOWS\taskmon.exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

SymTray - Norton SystemWorks = C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
NPROTECT = C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %*

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components

[{89820200-ECBD-11cf-8B85-00AA005B4383}]
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {89820200-ECBD-11cf-8B85-00AA005B4383}

[>PerUser_MSN_Clean]
StubPath = C:\WINDOWS\msnmgsr1.exe

[PerUser_LinkBar_URLs]
StubPath = C:\WINDOWS\COMMAND\sulfnbk.exe /L

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C}

[{7790769C-0471-11d2-AF11-00C04FA35D02}]
StubPath = rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02}

[{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}]
StubPath = C:\WINDOWS\SYSTEM\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=
run=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=Explorer.exe
SCRNSAVE.EXE=

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 3/10/2002, 0:11:6)

[rename]
NUL=C:\WINDOWS\WT\WEBDRI~1\WILDTA~1.JAR
NUL=C:\WINDOWS\WT\WEBDRI~1\WTMULTI.JAR

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

SET Path=%Path%;"C:\ProgramFiles\ExecutiveSoftware\DiskeeperWorkstation\"

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Enumerating Browser Helper Objects:

NAV Helper - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}
(no name) - C:\PROGRAM FILES\ACCELERATION SOFTWARE\STOPSIGN\WEBCBROWSE.DLL - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6}
(no name) - C:\PROGRA~1\COMMON~1\MSIETS\MSIETS.DLL - {0A68C5A2-64AE-4415-88A2-6542304A4745}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Tune-up Application Start.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate.microsoft.com/R1080/V31Controls/x86/w98/en/actsetup.cab

[Java Plug-in 1.4.0_01]
InProcServer32 = C:\Program Files\Java\j2re1.4.0_01\bin\npjpi140_01.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab

[Java Plug-in 1.4.0]
InProcServer32 = C:\Program Files\Java\j2re1.4.0\bin\npjpi140.dll
CODEBASE = http://java.sun.com/products/plugin/1.4/jinstall-14-win.cab

[Java Plug-in 1.4.0_01]
InProcServer32 = C:\Program Files\Java\j2re1.4.0_01\bin\npjpi140_01.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab

[sys Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\PCPITSTOP.DLL
CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[{FA13A9FA-CA9B-11D2-9780-00104B242EA3}]
CODEBASE = http://www.wildtangent.com/install/wdriver/ddc/shockwave/wtinst.cab

[AcceptLang Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\SETACCEPTLANG.DLL
CODEBASE = http://runonce.msn.com/setacceptlang.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[&Search Toolbar]
InProcServer32 = C:\PROGRA~1\COMMON~1\MSIETS\MSIETS.DLL
CODEBASE = http://www.trafficsyndicate.com/TB/Cabs/T_64/toolbar_new.cab

--------------------------------------------------
End of report, 8,353 bytes
Report generated in 0.539 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only


----------



## Rollin' Rog (Dec 9, 2000)

Well you have a couple of suspicious Browser Helper Objects (BHO's persisting). It would be well to get rid of them or disable them one way or another.

Here is info on one:

=========
www.huntbar.com - A browser toolbar and hijacker. Believed to be a drive-by download. Reportedly, even redirects "My Computer" and "Control Panel" to their site. Close IE, use Find to search for "MSIETS.DLL", and write down the path to it. It is normally "C:\Program Files\Common Files\MSIETS". Deregister it by typing the following command into Windows' Run box: "regsvr32.exe /u C:\Program Files\Common Files\MSIETS", replacing C:\Program... with the path you noted earlier.
=========

I would recommend installing BHO Cop and disabling both the "Webcbrowse "object and the other as well if it is still there.
====
(no name) - C:\PROGRAM FILES\ACCELERATION SOFTWARE\STOPSIGN\WEBCBROWSE.DLL - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6}

(no name) - C:\PROGRA~1\COMMON~1\MSIETS\MSIETS.DLL - {0A68C5A2-64AE-4415-88A2-6542304A4745} 
========

http://www.pcmag.com/article2/0,4149,2023,00.asp


----------



## Lynne Hamilton (Jun 1, 2001)

I just had two illegal operations this is the first one:

This program has performed an illegal operation and will shut down. If the problem persists, contact the program vendor. Details:EXPLORER caused an invalid page fault in
module KERNEL32.DLL at 017f:bff7b9f5.
Registers:
EAX=110088a1 CS=017f EIP=bff7b9f5 EFLGS=00010202
EBX=0397ef0c SS=0187 ESP=03940000 EBP=03940024
ECX=7fc39e61 DS=0187 ESI=00000001 FS=6517
EDX=00000001 ES=0187 EDI=817a89d0 GS=0000
Bytes at CS:EIP:
56 57 89 65 e8 75 04 33 c0 eb 54 85 c0 74 4b c7 
Stack dump:
0397ef0c 110088a1 00000001 0397ef0c 7fc39e61 03941df8 bffc05b4 bff79250 ffffffff 03941e08 bff7ce23 110088a1 00000001 7fc33046 110088a1 03941e30

When i clicked on the close option of that box another popup box appeared and this is what it said:

This program has performed an illegal operation and will shut down. If the problem persists, contact the program vendor. Details are EXPLORER caused an invalid page fault in module EXPLORER.EXE at 017f:00401f31


----------



## Rollin' Rog (Dec 9, 2000)

That last error usually means a mis-matched set of IE/Explorer shell files. (EXPLORER caused an invalid page fault in module EXPLORER.EXE at 017f:00401f31)

Do you have the IE Repair Tool available in Add/Remove programs?

http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q194177&


----------



## Lynne Hamilton (Jun 1, 2001)

Yes i have IE repair and it doesn't work because i have tried it several times trying to fix these problems and it doesn't fix it. I just had another illegal operation when i tried to open an email on msn here are the details:

EXPLORER caused an exception eedfadeH in module MSIETS.DLL at 017f:019bb6be.
Registers:
EAX=019f90c4 CS=017f EIP=019bb6be EFLGS=00000206
EBX=01a05c34 SS=0187 ESP=0198e96c EBP=00002d96
ECX=0198e984 DS=0187 ESI=00000000 FS=7147
EDX=019bb6be ES=0187 EDI=00002d86 GS=0000
Bytes at CS:EIP:
8b 04 24 e8 42 9e ff ff 89 04 24 8b 04 24 50 56 
Stack dump:
019bb6be 019f90c4 01a05c34 00000000 00002d86 00002d96 0198e988 0000ff00 0000072a 00000000 00000000 0198e9bc 0000077e 0000ff00 01a05bc0 019bad8a


----------



## Rollin' Rog (Dec 9, 2000)

Ok, that's part of the BHO's we want to get rid of:

EXPLORER caused an exception eedfadeH in module MSIETS.DLL at 017f:019bb6be

See my previous post and try the regsvr32.exe command under the Huntbar reference. You will have to locate the dll first and substitute the correct path if it is different.

Then do get BHO COP and see what it finds. Disable all but the NAV related BHO


----------



## Lynne Hamilton (Jun 1, 2001)

i am stuck as to what i am supposed to put in for the redirect. When i put in the "Find" this is what it came up with:


MSIETS.DLL C:\Program Files\... 257KB Application Extension


I did download HBCop and ran it and it took out stuff also.


----------



## Rollin' Rog (Dec 9, 2000)

Disabling the BHO's with BHO Cop may be all that is necessary. But for good measure, go to start>run and enter:

*regsvr32.exe /u C:\Program Files\MSIETS*

....this assumes that that is the correct path where you found it, and not c:\Program Files\Common Files\

You may need to add .dll to msiets, but for some reason the instructions given don't include it.


----------



## Lynne Hamilton (Jun 1, 2001)

I did it without the .dll and with the .dll and this is what it said for both times:

Load Library ("C:\Program")failed. Get Last Error returns 0X00000485.

I am not sure i know how to disable it with BHOCop but i can check it out now though.


----------



## Rollin' Rog (Dec 9, 2000)

I believe you should be able to just remove the checks for them, if present. I have it on my Win98 system, but don't have any BHO's detected.

The error message would suggest the dll is not installed on the system. But obviously you have it. Perhaps you did not get the path correct.


----------



## Lynne Hamilton (Jun 1, 2001)

Yes it was checked on the HBOcop so i unchecked it.


----------



## Rollin' Rog (Dec 9, 2000)

Well, we'll knock on wood then and see what happens. For good measure, if you can't get the regsvr32 command to work (check the path part of the command), try renaming the dll: msiets.bak


----------



## Lynne Hamilton (Jun 1, 2001)

I tried using the same link and also renaming as you said and the same error came up.


----------



## Rollin' Rog (Dec 9, 2000)

You are still getting the error in msiets.dll?

You may have to reboot for this to take effect.

Was HotBar in Add/Remove Programs?

see:

http://and.doxdesk.com/parasite/HotBar.html


----------



## Lynne Hamilton (Jun 1, 2001)

When i clicked on reboot i got this illegal operation:

MSMSGS caused an invalid page fault in
module <unknown> at 0000:038052c9.
Registers:
EAX=005a352c CS=017f EIP=038052c9 EFLGS=00010246
EBX=00000000 SS=0187 ESP=0392ff6c EBP=0392ff98
ECX=005a3598 DS=0187 ESI=005a34c4 FS=3fa7
EDX=81752e74 ES=0187 EDI=80158100 GS=0000
Bytes at CS:EIP:

After i finally got to reboot I made sure the box was still unchecked and went back to the run again and tried it with and with .dll and bak, I still get the error message.

No I do not see Hotbar in Add/Remove


----------



## Rollin' Rog (Dec 9, 2000)

Well, I don't know if that's related. We'll have to see if it persists. 

I would try running Spybot again and then post another copy of StartupList


----------



## Lynne Hamilton (Jun 1, 2001)

Spybot fixed 18 problems.

PowerReg SchedulerV2	Startup Group	C:\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
WinZip Quick Pick	Startup Group	"C:\Program Files\WinZip\WZQKPICK.EXE"
BHO Cop	Startup Group	"C:\Program Files\BHOCop\BHOCop.exe" /q
ScanRegistry	Registry (Machine Run)	C:\WINDOWS\scanregw.exe /autorun
SystemTray	Registry (Machine Run)	SysTray.Exe
NPROTECT	Registry (Machine Run)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
TaskMonitor	Registry (Machine Run)	C:\WINDOWS\taskmon.exe
LoadPowerProfile	Registry (Machine Run)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SymTray - Norton SystemWorks	Registry (Machine Service)	C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks"
LoadPowerProfile	Registry (Machine Service)	Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent	Registry (Machine Service)	mstask.exe
NPROTECT	Registry (Machine Service)	C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE


----------



## Lynne Hamilton (Jun 1, 2001)

This happened to me too today after i rebooted the computer. The whole screen was black with a blue box with these words:

Attention Out the range H:101.6KHz V:161.9Hz

This has happened twice before also. It happened one time before when i first turned on computer about one month ago. I have to click on reset to get rid of it and for computer to turn on.


----------



## Rollin' Rog (Dec 9, 2000)

Ok, that's a monitor or video card setting problem. Not likely associated with the previous, but video card instabilities could be a factor in some illegal operations and freezes.

This can be a little tricky to sort out, does Windows recognize your monitor model?

Right click on the desktop and select Properties > Settings.

What does it say for Monitor and Video adapter?

Click on Advanced > Monitor. What does it say for "Refresh Rate"?


By the way, go back into msconfig > Startups and reenable NAV. It doesn't appear related to your problems and we don't want you going around unprotected. There is some nasty new stuff making the rounds (bugbear) and you should update it if it hasn't been in the last week.


----------



## Lynne Hamilton (Jun 1, 2001)

Monitor Max. Supported Resolution 1280x1024 (60 Hz)
Max. Supported Refresh Rate 120 Hz (640x480)
Display: Plug and Play Monitor on XPERT 98 AGP 2X
check mark beside Automatically detect Plug and Play monitors
check mark beside Reset display on suspend/resume

Adapter: XPERT 98 AGP 2X
Manufacturer: ATI Tech.-Enhanced
Chip type: Mach64: XL/XC
DAC type: Internal
Memory: 8 MB
Features: Direct Draw 1.00
Software version: 4.00
Current files: ati2drae.drv,*vdd,*vflatd,ati2vxae.vxd,atid32a


----------



## Rollin' Rog (Dec 9, 2000)

Ok, what I'm seeing there is the maximum supported values, which is very useful to know. But what I'm not seeing is the actual settings.

What is your current resolution (screen area)? And what is the current "refresh rate"? You may have to select the "Adapter" tab to see that.

It would be best to select a refresh rate of either "optimal" or 60hz. If you are running at higher than 1024X768 resolution, you may want to bring it down to that, although you should be able to support the higher at a 60hz refresh rate.


----------



## Lynne Hamilton (Jun 1, 2001)

The screen area is almost in the middle: Screen area
Less -----------More
800 by 600 pixels

It was on adapter default so i switched it to optimal. But i don't like optimal because i have black all the way around the screen but i left it there for now. I had a hard time reading your thread because the webpage keeps scrolling all by itself. So i rebooted and as i am writing this email it keeps scrolling all by itself also. Si i think my computer is possessed. LOL.


----------



## Rollin' Rog (Dec 9, 2000)

In the settings page where you made the switch from adapter default to optimal, on that drop down menu, what manual selection options for refresh rate are there? At the resolution you are at you should be able to try different settings between 60 and 75hz and see if you can eliminate the border. A setting of 75 should be within tolerance.

But I'm not really sure your monitor drivers are installed as normally the model number of the monitor would be shown. Do you know the Brand name and screen size?

For the scrolling issue, hmmm. Does it happen when releasing the scroll button? What type of mouse are you using? You may need to update or reinstall the drivers. There is an MS article for the issue involving Logitech mice with an em-exec utility running -- but you don't have that in your startups.

We may want to try reducing your Video Hardware acceleration a notch also, to see how that affects things. This can be done by right-clicking on the Desktop and selecting Properties > Performance > Graphics, and sliding the acclerator one position to the left. A reboot is necessary afterwards.


----------



## Lynne Hamilton (Jun 1, 2001)

The monitor is 17" TTX plug & play DDC1/2B
Power Management EPA, VESA DPMS
Power Consumption 120 Watts Max
Preset display area 300mm x 230 mm

The scrolling issue, no i didn't even have a chance to move the scroll button, it just started scrolling on its own. Everything with a scroll button on it would be moving up and down all on its own. Including my contact list people in my msn box, that was moving up and down also. When i tried to change the hardware exceleration a notch , that started scrolling on its own also. When i open up wordpad, that did the same thing also. All last night it would scroll so i rebooted but it didn't help. I turned it off and then on a minute later with the same results so i just shut it off for the night. It seems to be okay today though.


----------



## Rollin' Rog (Dec 9, 2000)

Well the homesite for TTX is here.
http://www.ttx.ca/Notebook/ttx_products.html

Apparently they are only offering Notebook monitor drivers though. (This isn't the actual model number: DDC1/2B )

http://www.ttx.ca/Notebook/ttx_products.html

Are you using an external monitor on a notebook?

If you only get that boot up error very infrequently, I suppose you can just live with it. Is there any pattern to it, such as after playing a video game?

The random nature of your error messages and the fact that you current problem did not repeat when you booted up this morning is pointing more and more to a heat related issue. I know it's labor intensive, but you might want to, shutdown, remove the case, check the fan and with a can of compressed air, blow out all the accumulated dust.

If it's a notebook, I can give you a link to a "software cooler" which may be of some help. It also works on desktops.


----------



## Lynne Hamilton (Jun 1, 2001)

17" SVGA colour monitor on a swivel base is all I know about it, as for notebook i don't know.

Its happened when first turning on the computer or sometimes rebooting it. That bootup error doesn't happen alot so i can live with it.

Here's a new illegal operation I got today:

NETSCAPE caused an invalid page fault in
module RPCRT4.DLL at 017f:7fb9181c.
Registers:
EAX=00000000 CS=017f EIP=7fb9181c EFLGS=00010246
EBX=81761ea4 SS=0187 ESP=0169fd8c EBP=0169fdc0
ECX=c16350b0 DS=0187 ESI=7fb90000 FS=5667
EDX=c00309cc ES=0187 EDI=00000000 GS=0000
Bytes at CS:EIP:
ff 70 28 ff 15 78 d0 bd 7f c7 05 bc c0 bd 7f 01 
Stack dump:
00000000 00000000 7fb90000 81761ea4 00000001 00000001 bff741f7 0169fd90 0169fbbc 0169ff78 7fb953e8 7fbd4a70 ffffffff 0169ff88 bff7ddd6 7fb90000


----------



## Rollin' Rog (Dec 9, 2000)

Well you certainly are getting an odd variety of errors and I'm not sure what the common denominator is, if any. Rpcrt4.dll is a remote procedure call, possibly it is being called by MS Messenger when you have that running. I see it in your running procesesses, but no actual startup entry for it. Are you launching it manually?

On the heat issue, what type of processor do you have, and what is it's speed? AMDs are particularly vulnerable to heat issues.

And have you run a full, updated antivirus scan recently?


----------



## Lynne Hamilton (Jun 1, 2001)

As i was trying to find out what kind of processor i have for ya, i stumbled upon this on my system information:


PCI Communication Device
Unknown
This Device Has a Problem: Code=28 (0x1C)
The drivers for this device are not installed correctly. To install the driver
for this device, click the Driver tab, and then click Update Driver.
Registry Key: HKEY_LOCAL_MACHINE\enum\PCI\VEN_1106&DEV_3068&SUBSYS_4C221543&REV_20\BUS_00&DEV_07&FUNC_06
Alloc resources: Logical Configuration 0
IO Range: Base=xE800 End=xE8FF Min=x0000 Max=xFFFF Alias=xFF, Decode=x00
Forced resources: None
Boot resources: Logical Configuration 0
IO Range: Base=xE800 End=xE8FF Min=x0000 Max=xFFFF Alias=xFF, Decode=x00
Filtered resources: None
Basic resources: Logical Configuration 0
IRQ: 0 Mask: xFFFF
IO Range: Base=xE800 End=xE8FF Min=x0000 Max=xFFFF Alias=xFF, Decode=x00
HW Revision: 032
Driver: Driver Not Installed

Yes i start msn manually because i thought if i took it out of startups, that my hotmail would work better but it doesn't. I think all of this does have something to do with msn because thats where i have the most trouble with. It freezes up constantly and takes me forever to check email, it evens freezes up when i click on delete email and the next button too.

128 megs and 30 GIG hard drive.

I do a virus scan once a week and a live update also.


----------



## Rollin' Rog (Dec 9, 2000)

Well, I'm not exactly sure what that is, but I suspect it's a driver for some modem function you are not using. I just used this page to hunt it down and it doesn't really enlighten me any more than you:

http://www.yourvote.com/pci/pcinewdev.asp?venid=0x1106&devid=0x3068

Still don't know your processor info. One useful program which will identify that as well as other features is the Belarc Advisor.

http://www.belarc.com/free_download.html

You might want to consider removing and reinstalling Messenger since it seems to be gumming up the works when it runs.


----------



## Lynne Hamilton (Jun 1, 2001)

Yes i did remove and reinstall msn twice and it still does the same thing but my outlook express sure opens real quick without msn on here. I could try it a third time though. I kept msn off of here for two days with no problems on computer and as soon as I put it back on trouble starts again.

Computer Profile Summary 
Computer Name: M0m4f9 (in WORKGROUP) 
Profile Date: Saturday, October 05, 2002 23:25:15 
Advisor Version: 5.1g 
Windows Logon: lynne

Click here for Belarc's PC Management products, for large and small companies.

Operating System System Model 
Windows 98 SE (build 4.10.2222) VIA Technologies, Inc. VT82C694X 
Processor a Main Circuit Board 
800 megahertz Intel Pentium III
32 kilobyte primary memory cache
256 kilobyte secondary memory cache Board: Legend QDI Advance-10E V1.XX
Bus Clock: 133 megahertz
BIOS: Award Software International, Inc. 6.00 PG 08/16/2000 
Drives Memory Modules 
30.72 Gigabytes Usable Hard Drive Capacity
25.82 Gigabytes Hard Drive Free Space

E-IDE CD-ROM 52X/AKH
Generic floppy disk drive (3.5")

Maxtor 33073H3 (30.74 GB) [Hard drive] -- drive 0 128 Megabytes Installed Memory

Slot 'BANK_0' has 128 MB
Slot 'BANK_1' is Empty
Slot 'BANK_2' is Empty 
Local Drive Volumes

c: (on drive 0) 30.72 GB 25.82 GB free

Logins Network Drives 
No details available

Installed Microsoft Hotfixes Printers 
DataAccess 
Q318203 (details...) on 05/29/02 
Win98.SE 
UPD238453 (details...) Reinstall! 
UPD242975 (details...) Reinstall! 
UPD256015 (details...) Reinstall! 
UPD259728 (details...) Reinstall! 
UPD267304 (details...) 
UPD273468 (details...) 
UPD273991 (details...) Reinstall! 
Win98 
UPD245729 (details...) Reinstall! 
UPD314147 (details...) Reinstall! 
UPD323172 (details...) 
UPD323255 (details...) 
Windows Media Player 
wm308567 (details...) 
wm320920.1 (details...)

Click here to see all available security Hotfixes.

Marks a HotFix that verifies correctly 
Marks a HotFix that fails verification 
(Failing hotfixes need to be reinstalled) 
An unmarked HotFix lacks the data to allow verification EPSON Stylus COLOR 580 on EPUSB1:

Controllers Display 
Standard Floppy Disk Controller
Primary IDE controller (dual fifo)
Secondary IDE controller (dual fifo)
VIA Bus Master PCI IDE Controller XPERT 98 AGP 2X [Display adapter]
Plug and Play Monitor 
Bus Adapters Multimedia 
VIA Tech 3038 PCI to USB Universal Host Controller
VIA Tech 3038 PCI to USB Universal Host Controller Gameport Joystick (no joystick connected)
SoundMAX Integrated Digital Audio
Wave Device for Voice Modem 
Communications Other Devices 
14.4 Data-Fax Modem Voice
D-Link DFE-530TX PCI Fast Ethernet Adapter (Rev A)
Network TeleSystems P.P.P.o.E. Adapter (NTSP3)
Network Card MAC Address: 00:50:BA:70:25F
Network IP Address: 169.254.217.152 EPSON USB Printer (EPUSB1
Mustek 1200 UB PLUS
Standard 101/102-Key or Microsoft Natural Keyboard
USB Root Hub
USB Root Hub 
Software Licenses

Microsoft - Internet Explorer 55736-363-4517074-04893 
Microsoft - MediaPlayer 53199-257-7037443-04577 
Microsoft - Windows 98 SE 14602-OEM-0082371-71307 (Key: QTTF4-734QB-2MR3C-9K42X-YBBWJ) 
Symantec Corporation - Norton SystemWorks 2002 NSW2002.05

Software Versions 
Access Manager *
Adobe Acrobat Version 4.05*
America Online, Inc. - AOL Instant Messenger (TM) Version 1.0.295*
ATI Multimedia Player Version 3.11*
ATI Multimedia Player Version 5.35*
Belarc Advisor and BelLive - Belarc's Content Personalization with Privacy Version 5.1g*
Borland International - Database Engine 4.0 *
CNET, Inc. - CatchUp Version 1.31*
Common Group - Watch Dog Version 2, 3, 2, 7*
Corel Corporation Limited - Desktop Application Director 8 Version 8.0.0.390*
Corel Corporation Limited - PerfectFit 32-Bit Version 8.0.0.390*
Corel Corporation Limited - PerfectFit Installation System Version 8.0.0.395*
Corel Corporation Limited - Presentations for Windows Version 8.0.0.390*
Corel Corporation Limited - Quattro Pro for Windows Version 8.0.0.393*
Corel Corporation Limited - WordPerfect for Windows Version 8.0.0.248*
Corel Corporation Limited - WordPerfect for Windows Version 8.0.0.393*
CorelCENTRAL for Windows Version 8.0.0.390*
Data Modeling Desktop *
DBConvert Application Version 1, 0, 0, 1*
Dominik Schindler - DirectX Buster Version 2.1*
Electronic Arts (Canada), Inc. - 3DSetup Application Version 1.25*
Electronic Arts, Inc. - Need For Speed III Version 3, 0*
Enternet Connection Sympatico *
Fishbone Designs - NAB Conduit Install Application Version 1, 0, 0, 1*
FREE Fonts! *
Full Circle Talkback Version 2.2*
GameHouse Super Collapse! Version 2, 6, 1, 0*
ICQ ICQRun Version 1, 0, 0, 1*
ICQ Version 2002a Beta*
ICQUninstall Application Version 1, 0, 0, 1*
iMesh Client Version 2.20*
Java Web Start *
javaw.exe*
LavaSoft - Ad-aware, multi spyware removal utility Version 5.8*
LimeWire *
Macromedia Director Version 7.0.2*
Microsoft Corporation - DirectShow Version 6.4.07.1121* Microsoft Corporation - Internet Explorer Version 6.00.2800.1106*
Microsoft Corporation - Messenger Version 4.6*
Microsoft Corporation - Windows® NetMeeting® Version 3.0*
Microsoft Windows Scripting Host Version 5.0.531.7*
Microsoft(R) Windows Media Player Version 7.10.00.3068*
Microsoft® Plus! for Windows® 95 Version 4.40.500*
Mindscape, Inc. a subsidiary of The Learning Company, Inc. - Compton's Home Library Engine for Windows 95/98 Version 7.0.0*
Netscape Communications nsnotify Version 4.5*
NETSCAPE Version 4.04*
NETSCAPE Version 4.73*
Novell, Inc. - PerfectFit 32-Bit Version 8.0.0.390*
Panel Version 5, 1, 1, 1*
PepiMK Software - SpyBot-S&D public release*
PFREG.EXE*
PhotoPrinter 2000 *
Pokémon Play It! *
RealNetworks RealOne Arcade Version 1.2.0.144*
RealNetworks, Inc. - RealOne Player (32-bit) Version 6.0.10.505*
RealNetworks, Inc. - RealOne Player (32-bit) Version 7.0.0.559*
RealNetworks, Inc. - Shell executable of Setup program (32-bit) Service Build (1.2.0.144) Version 1.2.0.144*
RollerCoaster Tycoon *
Seagate Software, Inc. - Backup *
Symantec Corporation - LiveUpdate Version 1.80.19.0*
Symantec Corporation - Norton AntiVirus Version 8.07.17*
Symantec Corporation - Norton CleanSweep Fast & Safe Cleanup Version 6.01*
Symantec Corporation - Norton CleanSweep Version 6.01*
Symantec Corporation - Norton Core Technology Version 15.1.0.24*
Symantec Corporation - Norton Integrator Version 5.01.05*
Symantec Corporation - Norton SystemWorks Version 2002.05.53*
Symantec Corporation - Norton Utilities for Windows Version 15.03.0.36*
Symantec Corporation - Norton Utilities Version 15.03.0.36*
t1 Application Version 1, 0, 0, 1*
Ulead Photo Express SE Version 3.0*
WinZip Version 8.1 (4319)*
WinZip Version 8.1 (4331)*
Yahoo! Messenger Version 5, 0, 0, 1066*
Ziff-Davis Media, Inc. - BHO Cop Application Version 1, 0, 0, 0*

--------------------------------------------------------------------------------

* Click to see where software is installed.
a. Megahertz measurement may be inaccurate if other programs were busy during last analysis. 
Copyright 2000-1, Belarc, Inc. All rights reserved. 
Legal notice. U.S. Patent 5665951 and Patents pending.

--------------------------------------------------------------------------------


----------



## Rollin' Rog (Dec 9, 2000)

Well the processor you have, a Pentium 800mhz, isn't particularly known for overheating.

One thing we can see from that list is that you have 7 damaged or improperly installed MS updates. I can't tell from here very easily what they are, but you can if you click on the "details" links with that Belarc page open. Might be a good idea to go to the MS update page and reinstall them. It's possible one or more is affecting MSN.


----------



## Lynne Hamilton (Jun 1, 2001)

DataAccess 
Q318203 (details...) on 05/29/02 
Win98.SE 
UPD238453 (details...) 
UPD242975 (details...) 
UPD256015 (details...) 
UPD259728 (details...) 
UPD267304 (details...) 
UPD273468 (details...) 
UPD273991 (details...) Reinstall! 
Win98 
UPD245729 (details...) 
UPD314147 (details...) 
UPD323172 (details...) 
UPD323255 (details...) 
Windows Media Player 
wm308567 (details...) 
wm320920.1 (details...) 

Well i was able to fix them all except one. There wasn't a quickfix link for this one UPD273991.


----------



## Rollin' Rog (Dec 9, 2000)

From what I can see here it doesn't look like it is worth troubling about.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q273991

Is Messenger any better behaved after the update reinstalls?


----------



## Lynne Hamilton (Jun 1, 2001)

I took out msn messenger but i will go now and download it again and see what happens with it. I will be right back with the info on it.


----------



## Lynne Hamilton (Jun 1, 2001)

Well i downloaded msn messenger again but it won't sign me in now. It says unable to sign in because of a possible service problem or a possible internet connection problem. I have been trying to sign in since your last email to me and it still won't sign me in.


----------



## Lynne Hamilton (Jun 1, 2001)

MSN finally opened up and it still works like crap. I haven't had any illegals as of yet though, not since the last one i told you about.


----------



## Rollin' Rog (Dec 9, 2000)

Well it's nice to get some good news with the bad. Personally I haven't used any of the messaging services, but I'm wondering if Yahoo's might serve you better if you need one? Do all parties have to be with the same program?


----------



## Lynne Hamilton (Jun 1, 2001)

Yes i also have yahoo messenger but most of the people i chat with are only on msn messenger. I only have three people on my yahoo contact list but i have about twenty on msn and i haven't been able to chat with them because that doesn't seem to be working either lately. LOL. I still haven't had any illegals yet. My outlook express opens slowly with msn back on.


----------



## Rollin' Rog (Dec 9, 2000)

This site has a lot of help for Outlook Express issues. I'd suggest starting with a look at the link covering

Q251787 - Delayed Response When Editing Internet Explorer Forms and Outlook Express May Take a Long Time to Start

... there may be a connection to Messenger's use there with respect to the Forms and password cacheing.

http://www.tomsterdam.com/insideOE/problems/performance.htm#slowforms

Other issues with slow Outlook performance can involve the imagehlp.dll and/or the pstores files or registry keys.


----------



## us3rnam31 (May 15, 2003)

kernel operations require a clean install. Despite what fixes you find, and regardless if they work or not. The outlook problem is caused by a corrupt protective storage configuration. This can be resolved by either manually ripping out protective storage, or manually uninstalling and reinstalling Outlook. After you complete the fix located on Microsoft's web site about 3 times over, you will eventually end up having the problem again..and again..and again..until you realize Outlook sucks, and you use something that works.



Windows (win'doze) n. A 32 bit patch for a 16 bit interface to an 8 bit operating system designed for a 4 bit chip from a 2 bit company that can't stand 1 bit of competition...


----------

