# Multiple Problems, Maybe Related, Maybe Not



## gladio77 (Oct 5, 2005)

I have posted before about a number of problems on my computer. It was suggested I download and run Hijack This, so I did, ran a scan and saved it in Notepad form. When I looked at the details of some of the bugs I have, little explanations appeared. It's asked if I care to fix the files, but I don't know what to do if they aren't healable after "surgery." Can they be safely removed, and that sort of thing.

Anyway, I'm going to open the Scan Log, copy it, and try to paste it here. Perhaps someone can tell me how to safely proceed.

SteveLogfile of HijackThis v1.99.1
Scan saved at 11:23:44 PM, on 1/27/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\NOVELL\CLIENT32\NWPOPUP.EXE
C:\WINDOWS\SYSTEM\MPRMMON.EXE
C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\M2AUDMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MEDIAMONITOR.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\AMERICA ONLINE 4.0\AOLTRAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MMSYSTRAY.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/space.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/space.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
F1 - win.ini: run=hpfsched
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://home.netscape.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {7F6B5BC1-4E0B-11DA-94C3-0010E92C889B} - C:\WINDOWS\SYSTEM\IIIM.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [mmpti] c:\windows\SYSTEM\m1mmpti.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MediaMonitor] C:\PROGRA~1\SMARTD~1\MVP\MEDIAM~1.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [rmmon] c:\windows\SYSTEM\mprmmon.exe
O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Money\System\reminder.exe
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 4.0\aoltray.exe
O4 - Startup: MMSYSTRAY_NAME.lnk = C:\Program Files\SmartDisk\MVP\mmsystray.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {E6A86FF2-AE57-11D3-B1F5-0010833427C9} - http://hpprintit.com/hpipb/pbsetup.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe
O18 - Filter: text/html - {7F6B5BC0-4E0B-11DA-94C3-001086602D00} - C:\WINDOWS\SYSTEM\IIIM.DLL
O18 - Filter: text/plain - {7F6B5BC0-4E0B-11DA-94C3-001086602D00} - C:\WINDOWS\SYSTEM\IIIM.DLL

Thank you for your support Steve


----------



## ekim68 (Jul 8, 2003)

Okay, gladio77. This might help.
You might want to go to, 'start', 'settings', 'control panel', and then to the add/remove
programs. Then, remove any programs you don't use....Then, go here:
http://www.lavasoft.de/software/adaware/
And, download Adaware, the free one, update it, and run it. (On the early menu it will
give you an option of doing a full system scan, and click on that one.)
When it's done, have it fix everything. After that, go to start, run, and type in %temp%,
and, click OK. After it opens, then go up to the 'edit' on your top left menu and click on it.
Go down to 'select all' and click on it. Then, go to the 'file' in the upper left menu, and
click on delete..And, ok...Then, go back to start, settings, control panel, and internet
options, and open it. In the middle of the page there will be a
'delete files', and click on it. After that another box will open and click on the 'delete all
offline content', and then click ok. And, ok at the bottom. Go back to the desktop and
empty the recycle bin....Restart and post a new log, which by the way doesn't look too bad.


----------



## MFDnNC (Sep 7, 2004)

Download CW-Shredder at the link below:
http://www.intermute.com/spysubtract/cwshredder_download.html

Download http://www.derbilk.de/SpSeHjfix109.zip to the desktop and then
right click a blank part of desktop & select new folder, call it spfix 
unzip the file into that folder

Disconnect from the net and Close ALL OPEN PROGRAMS.
Run 'SpSeHjfix'. and click on "Start Disinfection".
When it's finished it will reboot your machine to finish the cleaning process.
The tool creates a log of the fix which will appear in the folder.

If it doesn't find any of the SE files or any hidden reinstallers it will say system clean and not go on to next stage

Now run the Shredder - Hit The FIX button!

Reboot and post a fresh HJT log and the log that was created by 'SpSeHjfix'.

Warning Note: On a few occasions it has been reported that after using the SPSEHjfix you cannot open Internet Explorer. To fix this, go into Control Panel >Internet Options >Programs & press reset web settings, then you can set your home page to what you want on the general tab.
=====================
Get all of these and/or verify you have the current versions

SpywareBlaster 3.5.1 http://majorgeeks.com/download2859.html
SpyBot V1.4 http://www.majorgeeks.com/download2471.html 
AdAware SE 1.06 http://www.majorgeeks.com/download506.html

DownLoad them (they are free), install them, *check each for their 
definition updates* and then run AdAware, and Spybot, fixing anything 
they say.

In SpywareBlaster - Always enable all protection after updates
In SpyBot - After an update run immunize


----------



## gladio77 (Oct 5, 2005)

Dear Forum:

I have now downloaded bothSpSeHijfix109 and CW-Shredder and run both. For some reason I wasn't able to get a log that I can find; maybe I put it somewhere accidently. I have a Desktop icon that asks me what I want to open the log with..what program I want to use. Anyway, if I recall, the results were that a dll file was fixed or repaired, along with the suggestion that I use a different web browser in the future. I use IE 5.5.

However, I did run Hijack This again and I'm posting the new log after running the two programs listed at the beginning of this message. By the way, I have NOT yet downloaded Spyware Blaster, AdAware, yet, although I do have a version of SpyBot that I regularly use and update.

Anyway, here is my latest HijackThis log I'm pasting in this post.

Logfile of HijackThis v1.99.1
Scan saved at 11:28:23 PM, on 1/29/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\NOVELL\CLIENT32\NWPOPUP.EXE
C:\WINDOWS\SYSTEM\MPRMMON.EXE
C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\M2AUDMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MEDIAMONITOR.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\AMERICA ONLINE 4.0\AOLTRAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MMSYSTRAY.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/space.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/space.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
F1 - win.ini: run=hpfsched
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://home.netscape.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [mmpti] c:\windows\SYSTEM\m1mmpti.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MediaMonitor] C:\PROGRA~1\SMARTD~1\MVP\MEDIAM~1.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [rmmon] c:\windows\SYSTEM\mprmmon.exe
O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Money\System\reminder.exe
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 4.0\aoltray.exe
O4 - Startup: MMSYSTRAY_NAME.lnk = C:\Program Files\SmartDisk\MVP\mmsystray.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {E6A86FF2-AE57-11D3-B1F5-0010833427C9} - http://hpprintit.com/hpipb/pbsetup.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe

Thanks for the help so far.

Gladio77


----------



## MFDnNC (Sep 7, 2004)

Please go back and do the fix again, make sure you follow the instructions exactly including the reboot


----------



## gladio77 (Oct 5, 2005)

I have now run SpSeHiFix and CW Shredder again and neither found any problems this time around. The first time they found the TrojanHorse I mentioned in one of my 1st posts and destroyed it. But nothing this time.

However, I did download AdAware (not SpyBlaster yet). I was told in an earlier post reply to follow its directions. But it doesn't offer any directions. It just offers some choices I can click. One choice is quarantining certain files. My follow-up choice is to remove the files. I have run AdAware twice now, and each time it came up with different numbers of "critical" files. Here is a typical list of files that have been quarantined. Actually two lists.ArchiveData(quarn 1.bckp)
Referencefile : SE1R89 24.01.2006
======================================================

MRU LIST
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=MRU RegReference : .DEFAULT\software\microsoft\internet explorer download directory
obj[1]=MRU RegReference : .DEFAULT\software\microsoft\internet explorer\main save directory
obj[2]=MRU RegReference : .DEFAULT\software\microsoft\mediaplayer\player\settings saveasdir
obj[3]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\add custom dictionary\file name mru value
obj[4]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\create custom dictionary\file name mru value
obj[5]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\open\file name mru value
obj[6]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\save as\file name mru value
obj[7]=MRU RegReference : .DEFAULT\software\microsoft\outlook express\recent stationery list
obj[8]=MRU RegReference : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
obj[9]=MRU RegReference : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
obj[10]=MRU RegReference : software\musicmatch\musicmatch jukebox\4.0\fileconv

and,ArchiveData(quar1addon.bckp)
Referencefile : SE1R89 24.01.2006
======================================================

MRU LIST
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=MRU RegReference : .DEFAULT\software\microsoft\internet explorer download directory
obj[1]=MRU RegReference : .DEFAULT\software\microsoft\internet explorer\main save directory
obj[2]=MRU RegReference : .DEFAULT\software\microsoft\mediaplayer\player\settings saveasdir
obj[3]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\add custom dictionary\file name mru value
obj[4]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\create custom dictionary\file name mru value
obj[5]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\open\file name mru value
obj[6]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\save as\file name mru value
obj[7]=MRU RegReference : .DEFAULT\software\microsoft\outlook express\recent stationery list
obj[8]=MRU RegReference : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
obj[9]=MRU RegReference : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
obj[10]=MRU RegReference : software\musicmatch\musicmatch jukebox\4.0\fileconv

ArchiveData(quar1addon.bckp)
Referencefile : SE1R89 24.01.2006
======================================================

MRU LIST
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=MRU RegReference : .DEFAULT\software\microsoft\internet explorer download directory
obj[1]=MRU RegReference : .DEFAULT\software\microsoft\internet explorer\main save directory
obj[2]=MRU RegReference : .DEFAULT\software\microsoft\mediaplayer\player\settings saveasdir
obj[3]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\add custom dictionary\file name mru value
obj[4]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\create custom dictionary\file name mru value
obj[5]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\open\file name mru value
obj[6]=MRU RegReference : .DEFAULT\software\microsoft\office\8.0\common\open find\microsoft word\settings\save as\file name mru value
obj[7]=MRU RegReference : .DEFAULT\software\microsoft\outlook express\recent stationery list
obj[8]=MRU RegReference : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
obj[9]=MRU RegReference : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
obj[10]=MRU RegReference : software\musicmatch\musicmatch jukebox\4.0\fileconv

What do I do with these quarantined files? And others I get.

By the way, I can't access the Help button in Adaware, or even on Windows 98 even. It says I'm missing an hh file in Windows.

Again, I can't Defragment my C drive even in Safe Mode, because I get a message saying that Windows has errors on it that must be corrected, first. When it tells me to hit the Help button for more details, I can't access it.

Finally, once in a while, after I run SpyBot, I get this message; I not only download new definition rules, I also download the "language" option. Anyway, I get this message with the red X sign:

Error:

"Zugriffsverletzung bei Adresse 005E2D4E in Modul 'SPYBOTSD.EXE.' Lesen von Adresse 3244462D."

Not sure what language that is.

Steve


----------



## ekim68 (Jul 8, 2003)

Just leave the Adaware files quaranteed. Remember my #2 post and clean out all the
temp files. You have a lot of startups going and if you want more info on them:
http://www.spywareinfo.com/~merijn/htlogtutorial.html
This is a great resource.. Most of those are the 04's. 
Have you run a full system scan with your anti-virus after updating it today?


----------



## MFDnNC (Sep 7, 2004)

Post a new HiJack log


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do all you both say. Fortunately, I have a printer that has printed out the tutorial. But the Hijack log lists allow each log entry to be clicked and highlighted to reveal Hijack's interpretation of what they are and what they do and how necessary they are. But I will follow the tutorial. 

By the way, I have a basic form of AOL 4.0. I never upgraded after the horror stories I heard, although other AOL versions are still in My Documents or the main C file. Also, every time I go off line, I get a message that AOL is going to remove AOL picture files or internet files on its own. If I don't permit this to happen for any reason...say I impulsively rush to restore my internet connection, my AOL doesn't work properly. No site will download all the way, just 40% or 38% or something..it doesn't exactly freeze up, it just seems to slow down and sort of stop. I feel so guilty toward my pc when that happens. 

Other times I don't feel guilty at all. Those times, I recall a wall poster that has a duck wielding a large sledgehammer over its head, ready to pulverize a pc on the desk in front of the duck. He wears a calm, but determined look. The caption reads, "Hit any key." 

Ok for now. That is, my computer is safe for now.

Steve


----------



## gladio77 (Oct 5, 2005)

Dear Ekim, 

I went to the Start and Run and found about 35 or so "%temp%" files and then started to delete them to the Recycle Bin, when I got a message saying:


Confirm Folder Delete!

The folder "History...Cookies...(whatever)... is a system folder. If you delete it, Windows or another program may no longer work correctly. Are you sure you want to delete this folder and move all its contents to the Recycle Bin? 

Well, some of the folders did wind up in the Recycle Bin, but I have the option of Restoring them. 

Don't I need these System Folders, like History and Cookies? That way I can create links that will allow me to access them a little more easily if I try the next time I get online. After all, in the Internet Options, I can regularly delete my Temporary Internet Files and my History of Visited Places whenever I want to, which is usually at least once every couple of weeks. If I permanently remove these System Folders, where will the information that would normally go into them be housed? I'm worried that I may simply destroy my pc's abiltiy to even operate properly, altogether. 

Steve


----------



## ekim68 (Jul 8, 2003)

Those are actually in the temp folders and therefore, normally, don't affect the system files. 
So, it's okay. But, you're using aol 4.0? I find that intriguing...
I'm curious. I used to have aol 3.0 and it wasn't very intrusive. I heard it is nowadays.


----------



## gladio77 (Oct 5, 2005)

To Ekim and members in general:

I have now run all my various updated detection programs and not found any problems except one:

On the AVG anti-virus program I ran a full scan, and it says I have a virus or two that none of the others have found. Here it is:

In the results it says it is in the "C:\Windows\Application Data\Business
Logic\UWC\Backup" section and the summary lists that location as the 'Object.' It lists the 'Result' as: "Trojan Horse Generic, MSM" and the 'Status' as "Infected, Embedded Object." Another one is "Infected, Archive."

The message I get attached to the first one-not the second, even though the second HAS the word 'Archive,' is, "Selected object is embedded in the Archive and cannot be healed. "

Now what do I do about that? I decided to just pay a visit to the "C\Windows\App...." address and found a bunch of numbered files. Here is just one example: 338669.9090658565.WCU. When I checked the size of some of the files, I got sizes of 3 kilobytes, 1600 kilobytes and even 16, 875 KBs. Wow. What is this?

Anyway, I'm going to use the tutorial for Hijack This. But I still need advice on this latest post. And I'm having a devil of time accessing news sites, like MSNBC. And even though I have AOL 4.0, forget it. I can NEVER get their news site..my computer freezes up almost every time.

I also am having trouble using your various fonts and scripts at the top of the page. Every time I click on something above, I get this: C

Steve


----------



## gladio77 (Oct 5, 2005)

I get a bar followed by capital U , then close bar, and then another bar system with a slash between two other capital U s inside them.

Steve


----------



## ekim68 (Jul 8, 2003)

Have you tried running AVG in safe mode?
Probably won't hurt to try..


----------



## gladio77 (Oct 5, 2005)

I just ran an AVG anti-virus check in Safe Mode, but I didn't notice anything different. I still see what I just reported in my earlier post- that there are, or were, Trojan Horses present in the Business Logic Backup systems.

Also, I have not yet created a Rescue Disk within AVG. I am still skittish about removing applications that I may need to effectively run my computer. I may still do that, but is there a source online I can consult? How would I replace any corrupted applications with free ones? Would I just have to go to Microsoft or are there are other online service providers? I have the free version of AVG; the main site doesn't offer help with the free version. Perhaps there is another site for that. I'll access the alternate site if it's legal to do so, or I can just go on line and try to see if someone blogged or offered tips that I can find through Google or AOL Search.

By the way, does anyone have an opinion about the Backup applications I mentioned that may, or may not, still be infected by the Trojan Horse?
What do they do?

Also, I ran another check on my various protection systems I've downloaded over the past month and I am posting my latest log.

So I have all these unanswered questions. As I also said earlier, the Trojan seems to have disappeared from view after it was supposedly shredded, although AVG says it's still lurking around somewhere.

Finally, Ad Aware says I have several hundred "cookies" that they rate as "Low." What does that mean? Low threat and not worth removing since access to, and migration within, the sites they monitor for visitors could be hampered if I take them out? And I see the term "High," especially with what look like essential applications. Is Ad Aware rating the threat posed by a file, OR the importance of the file to run the computer adequately? Ad Aware gives brief descriptions for each one, but the decision to remove them rests with me. I see in some adfighting programs that the user is cautioned that removal of some cookies could interfere with maneuverability within sites. Is that true?

So if anyone can help me tackle these latest questions, I would appreciate it.

So I'm posting my latest log. This may be the last log I present here before utilizing the HijackThis tutorial to help me heal or remove files.

Before I take that fateful step, can you address any of these questions 
I am now posing or have presented, before.

Steve

Here is my latest log:

Logfile of HijackThis v1.99.1
Scan saved at 6:52:37 PM, on 2/7/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\NOVELL\CLIENT32\NWPOPUP.EXE
C:\WINDOWS\SYSTEM\MPRMMON.EXE
C:\WINDOWS\SYSTEM\M2AUDMON.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MEDIAMONITOR.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTSTRAY.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\AMERICA ONLINE 4.0\AOLTRAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MMSYSTRAY.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
F1 - win.ini: run=hpfsched
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://home.netscape.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [mmpti] c:\windows\SYSTEM\m1mmpti.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MediaMonitor] C:\PROGRA~1\SMARTD~1\MVP\MEDIAM~1.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [rmmon] c:\windows\SYSTEM\mprmmon.exe
O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Money\System\reminder.exe
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 4.0\aoltray.exe
O4 - Startup: MMSYSTRAY_NAME.lnk = C:\Program Files\SmartDisk\MVP\mmsystray.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {E6A86FF2-AE57-11D3-B1F5-0010833427C9} - http://hpprintit.com/hpipb/pbsetup.cab
O16 - DPF: {D22AC3EF-B7D8-11D5-A281-005056BF0101} (plug Class) - http://dist02.chargitdial.com/chargitplug.dll
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe

Bye


----------



## ekim68 (Jul 8, 2003)

Do you use the 'Business Logic' software?


----------



## gladio77 (Oct 5, 2005)

No, I don't believe I do. Not even sure what it does. Do you know? I hit Start and Find Folders and it's apparently a file folder. I looked at my Programs and other places in the C drive. It doesn't seem to show up anywhere except in the Application Data folder inside the Windows folder within C. Do you think I can just get rid of it? And can I now start my HijackThis cleaning?

Steve


----------



## MFDnNC (Sep 7, 2004)

Go to the link below and download the trial version of SpySweeper:

SpySweeper http://www.webroot.com/consumer/products/spysweeper/index.html?acode=af1&rc=4129&ac=tsg

* Click the Free Trial link under "SpySweeper" to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits

o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply.
Also post a new Hijack This log.


----------



## gladio77 (Oct 5, 2005)

I have tried once to post these two logs, which were quite extensive. For some reason, your website would not allow me to post. Maybe the logs were too long, I don't know. So I cleaned out my system again, and have obtained shorter logs. And it eliminated "WatchRight", a system monitor, altogether.
Ok, logs; I guess I will have to post them separately; too many characters I'm told, by your site.

Logfile of HijackThis v1.99.1
Scan saved at 2:31:33 PM, on 2/19/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\NOVELL\CLIENT32\NWPOPUP.EXE
C:\WINDOWS\SYSTEM\MPRMMON.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\WINDOWS\SYSTEM\M2AUDMON.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MEDIAMONITOR.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
C:\WINDOWS\RunDLL.exe
C:\MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTSTRAY.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\AMERICA ONLINE 4.0\AOLTRAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MMSYSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\WRSSSDK.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
F1 - win.ini: run=hpfsched
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://home.netscape.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [mmpti] c:\windows\SYSTEM\m1mmpti.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MediaMonitor] C:\PROGRA~1\SMARTD~1\MVP\MEDIAM~1.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [SpySweeper] "C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE" /startintray
O4 - HKLM\..\RunServices: [rmmon] c:\windows\SYSTEM\mprmmon.exe
O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Money\System\reminder.exe
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 4.0\aoltray.exe
O4 - Startup: MMSYSTRAY_NAME.lnk = C:\Program Files\SmartDisk\MVP\mmsystray.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {E6A86FF2-AE57-11D3-B1F5-0010833427C9} - http://hpprintit.com/hpipb/pbsetup.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe

Ok, that's it for now. I hope this posts. Gladio77


----------



## gladio77 (Oct 5, 2005)

Ok, here is Spysweeper;

That was Hijack This; Now, Spysweeper; This latest:

********
12:20 PM: | Start of Session, Sunday, February 19, 2006 |
12:20 PM: Spy Sweeper started
12:20 PM: Sweep initiated using definitions version 617
12:20 PM: Starting Memory Sweep
12:49 PM: Memory Sweep Complete, Elapsed Time: 00:28:12
12:49 PM: Starting Registry Sweep
12:53 PM: Registry Sweep Complete, Elapsed Time:00:04:10
12:53 PM: Starting Cookie Sweep
12:53 PM: Found Spy Cookie: atwola cookie
12:53 PM: [email protected][1].txt (ID = 2255)
12:53 PM: Found Spy Cookie: 2o7.net cookie
12:53 PM: [email protected][1].txt (ID = 1958)
12:53 PM: Found Spy Cookie: tacoda cookie
12:53 PM: [email protected][1].txt (ID = 6444)
12:53 PM: Found Spy Cookie: about cookie
12:53 PM: [email protected][1].txt (ID = 2037)
12:53 PM: [email protected][1].txt (ID = 2038)
12:53 PM: Found Spy Cookie: kinghost cookie
12:53 PM: [email protected][1].txt (ID = 2903)
12:53 PM: Found Spy Cookie: did-it cookie
12:53 PM: [email protected][1].txt (ID = 2523)
12:53 PM: Cookie Sweep Complete, Elapsed Time: 00:00:18
12:53 PM: Starting File Sweep
12:55 PM: Warning: Failed to open file "c:\windows\win386.swp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e082-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e083-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e084-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e085-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e086-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e087-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e088-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e089-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e08a-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e08b-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e08c-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e08d-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e08e-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e08f-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e090-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e091-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e092-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e093-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e094-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e095-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e096-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e097-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e098-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e099-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e09a-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e09b-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e09c-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e09d-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e09e-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e09f-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a0-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a1-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a2-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a3-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a4-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a5-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a6-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a7-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a8-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0a9-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0aa-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ab-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ac-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ad-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ae-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0af-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b0-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b1-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b2-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b3-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b4-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b5-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b6-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b7-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b8-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0b9-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ba-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0bb-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0bc-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0bd-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0be-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0bf-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c0-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c1-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c2-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c3-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c4-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c5-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c6-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c7-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c8-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0c9-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ca-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0cb-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0cc-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0cd-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0ce-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0cf-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d0-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d1-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d2-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d3-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d4-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d5-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d6-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d7-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d8-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0d9-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0da-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0db-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0dc-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0dd-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0de-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0df-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e0-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e1-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e2-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e3-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e4-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e5-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e6-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e7-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e8-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:26 PM: Warning: Failed to open file "c:\windows\application data\webroot\spy sweeper\temp\sscs31f9e0e9-a0e7-11da-94c3-00105a09771a.tmp". The process cannot access the file because
it is being used by another process
1:49 PM: Warning: Failed to open file "c:\program files\aim95\aim.rdb". The process cannot access the file because
it is being used by another process
2:10 PM: File Sweep Complete, Elapsed Time: 01:17:05
2:10 PM: Full Sweep has completed. Elapsed time 01:49:59
2:10 PM: Traces Found: 7
2:11 PM: Removal process initiated
2:11 PM: Quarantining All Traces: 2o7.net cookie
2:11 PM: Quarantining All Traces: about cookie
2:11 PM: Quarantining All Traces: atwola cookie
2:11 PM: Quarantining All Traces: did-it cookie
2:11 PM: Quarantining All Traces: kinghost cookie
2:11 PM: Quarantining All Traces: tacoda cookie
2:11 PM: Removal process completed. Elapsed time 00:00:14
********
There was alot of other stuff that Spysweeper eliminated first time around. Ahem...I guess you reap what you sew. I meant me, of course.

I still get offers for Macromedia Flash Player 8 followed by one or two script error boxes, which I have to say no to, before AOL 4.0 will allow me to enter a site, often just the news, or AOL Search Results, just stuff like that. And Grisoft/AVG is still reporting a Trojan Horse embedded in the Archive, which it says cannot be "healed." Actually there are two, although they don't seem to be giving me trouble lately because I used the Shredder. They are in Business Logic UWC Backup.

Ok that's it for now.


----------



## gladio77 (Oct 5, 2005)

Where did my February 9th post, and the posts after that disappear to? I can't find anything after the 7th.

gladio77


----------



## MFDnNC (Sep 7, 2004)

Log looks fine

DownLoad EasyCleaner http://www.majorgeeks.com/download414.html

Use the clear files and Unnecessary files buttons  *I do not recommend 
using the Duplicates files button* as many dupes are there on purpose.

Not all files will delete  that is normal.

In the unnecessary button I check the top 4 entries

Empty the trash and then run a defrag


----------



## gladio77 (Oct 5, 2005)

Before I get to Easy Cleaner, I get a box asking me if I want to download some sort of upgrade in, or alteration to, IE 5.5. 

1.) Is that part of the downloading process that must be downloaded, first?

2.) Spy Sweeper keeps telling me that the free version is only operational for a few more days, and do I want to buy it, altogether?What do you think? Is it a worthwhile investment?

3.)SpySweeper also gives me a message saying that, after all the removal has taken place, and my pc is still slow, then I should click Shields, click the IE tab, and then click Reset IE Page Setting to Default. Since my pc is still somewhat slow, should I do that? Would that restore all the spy stuff I just took off, or are they referring to the Default settings from an earlier time? I have seen an option like that in the Add/Remove Programs, where I'm offered a couple of choices...one, that restoration option, and another to Repair Internet Explorer (which I have already used many times to little effect).

gladio77


----------



## ekim68 (Jul 8, 2003)

Hey gladio77, here's a link to help you upgrade to IE 6.0 and probably help with a lot of
things..
http://www.microsoft.com/windows/ie/downloads/critical/ie6sp1/default.mspx

It's better than IE 5.5.


----------



## MFDnNC (Sep 7, 2004)

1) not sure try what the other poster said for IE 6

2) not needed 

3)Should be taken care of by 1)


----------



## gladio77 (Oct 5, 2005)

First,

1.) Ekim is suggesting I go up a notch to IE 6.0 from 5.5. Should I risk it? ie, will my computer make the change-over without complicating computer operations? I'm willing to give it a try.

2.) My Spysweeper Trial Version has run out. Do I still need it or some other kind to keep watch over my computer, if not, why not? I have SpyBot which is regularly upgraded, but it didn't detect nearly anywhere near as much as Spysweeper did.

3.) I have now downloaded and run Easy Cleaner as recommended. I concentrated on the Unnecessary Files (only checking the top 4 options as recommended) , because I thought they would be the safest to remove. I figured the Adware removal and my own links button removal in Internet Options could safely rid me of cookies. But should I run that, as well? In fact, should I run most of the stuff? For example, Easy Cleaner recommends against me removing registries unless I know what I'm doing. How much can I safely remove at this point, is what I need to know.

I used Ultra WinCleaner quite a bit before my 1st log in the Tech Forum, and removed some registries. I lost my Help in Windows 98 and 
my ability to run Defragmentation, even in Safe Mode. I still don't have that necessary option. My computer STILL is telling me that I have errors on my C drive which must be corrected first, but it won't tell me what they are, even when I hit Help (remember, my Help is gone-I think). 

4.) Do you think I should now RESTORE all the registries and/or files that I can retrieve from the UltraWinCleaner program, and allow the OTHER protective programs to make the decision about whether they are harmful or not? But that probably would also mean purchasing SpySweeper. 

gladio77


----------



## ekim68 (Jul 8, 2003)

Do you have the disk to reinstall Win98? 
And, by the way, did you do the update I showed you? Don't do any of the other stuff
until you update IE...As long as you have sufficient resources, such as memory and 
cpu speed, as such, then, upgrade...It offers much more.


----------



## gladio77 (Oct 5, 2005)

Ok Ekim,

I will upgrade to IE 6.0 from 5.5. But I went to the Microsoft site which you gave me, and it says that after upgrading, I might want to download additional stuff to keep up-to-date, and that it would do a free pc scan to see what my computer might need. 

I did that for the heck of it a few months ago, and got a ton of downloads their site was suggesting. I mention this only because I tried to do that this time around. That is, before I upgrade to 6.0 I just wanted to see what updates MS was recommending to supplement my newly installed 6.0. This time, however, I got an error message which I traced to source which says my " Certificate Path VeriSign Time Stamping CA has expired is not yet valid." 

This computer once belonged to my daughter. My concern is that if I download 6.0, will updates be withheld from me as the current user?

My second question is, what will my new 6.0 do to my old 5.5. Do I need to disable it, remove it, does 6.0 do that for me, will they both try to run at the same time, will my pc develop a split personality? 

Once I get these answers from you, I will take the plunge. I have about 1.55 gigabytes free out of 4.5 gigabytes. 

I have a Windows 98 Startup disk I believe, but not a new 98 disk program. And I'm not sure just how to use the Startup disk. I find its instructions confusing. Maybe there is a web site....

Over ... Steve


----------



## ekim68 (Jul 8, 2003)

Only update IE 6.0 and leave the other things behind for now...Install it, and check it, at 
least for ease of use, and then later consider the other add-ons. Your system might struggle
with them.


----------



## gladio77 (Oct 5, 2005)

Dear Ekim (mike?),

I have now downloaded and installed IE 6.0 along with a small add on that Microsoft said was needed to correct a additional security add on of its own to the Service Pack 1, which it said might complicate fulling connecting to internet sites. My pc operates a little better and faster than it did with just IE 5.5.

Now what needs to be done? 

Steve


----------



## ekim68 (Jul 8, 2003)

Since it didn't do a defrag earlier, then you might want to try it again. 
Before you do, hit ctrl, alt, del and end the task of everything except 'explorer' and
'systray'. Then see if defrag will work. And, if it doesn't work, maybe we could do it in dos.

Restart your computer and while it's starting tap the F8 key a number of times. It should
bring you to a dos prompt menu. Select 'command prompt'. Type cd\ and then enter.
You should have just a c:> prompt. If you do then type defrag and enter. (Sometimes,
if defrag stops, it will prompt you to run scandisk first and then defrag.) If that's the case
then type 'scandisk' at the c:> prompt.

This helps things run quicker on your hard drive, but there are still other issues that
MFDnSC is helping you with.
Did you ever uninstall that Business Logic software?


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Thank you. I will do as you suggest.

Just to let you know, with IE6.0 everything seems to work quicker, even the error messages I receive. In other words, I am able to access the internet more quickly, but I also get those maddening ads for FlashPlayer 8 more, and script error messages more. I have to keep getting rid of those pop ups before I can access a site, especially whenever I get to an AOL Search index page. And my pc usually freezes and I have to get off line and then actually restart my computer. So I get kicked off line more frequently and faster, also. 
It's almost like a trade-off. I'll bet I restart my computer at least once, and sometimes two or three times during a session, often at, or near, the beginning of the session.

I still need to know if I should just buy SpySweeper and also use the HijackThis tutorial to take care of things. 

Steve


----------



## gladio77 (Oct 5, 2005)

Dear Ekim and Everyone Else:

I apologize for the multiple identical replies. I hit the Reply button after I wrote my message, and after a long time I got a message saying that aol couldn't connect with the site, because it was too busy. So I waited and ran the reply to Ekim again, and got the same error message. I did this a few times, and to my surprise it was connected afterall. I also hit the short reply button. Anyway, regrets. 

Anyway, Ekim, this is mainly for you.

1.) I hit the Cntrl/Alt/Del button and ended the tasks of everything except Explorer and Systrays and tried to Defrag. But the Close Box froze, and both my mouse cursors wouldnt work. I have a second mouse hooked up, because one of them is inoperable during Safe Mode. I have to use my newest LogTech one, instead of the one that came with the Gateway 2000 mouse I have. Remember, I have the original Windows 98, however. So I 
had no choice but to restart my computer and try to run Defrag. But presumably my programs started "Tasking" again, right? Oh, well.

2.) I followed your advice. Before I did, however, I decided to run Scandisk first, as an experiment, before using the DOS command prompt. It wouldn't work very well for either the Thorough or Regular Scan, and then stopped. Instead, I got a message that said, 

" Scan Disk mut now restart because another program (or Windows, itself) wrote to your disk. Any errors that were previously reported, but not corrected, may be reported, again."



2.) So I went to the Command Prompt in DOS and tried to run Defrag after the C prompt I got, and I got a message instead, after the prompt that said, "This program requires Microsoft Windows." So that was a bust. But I didn't get any message telling me to run ScanDisk first.

3.) Nevertheless, I decided, what the heck, and typed scandisk after the C prompt, and it actually ran! I did a full system scan; there were about 44 million bits of info that it said were taking up space. I saved them to a folder in the Root Directory, and I had the pc fix the C drive. At least it said it was fixed. 

4.) I tried to run the Defrag again, both using regular operation and using the Command Prompt, but, in Regular mode, I got nowhere, and in the Command Prompt I received the same cautionary message saying I needed Windows to make things happen. The only thing I haven't tried yet again, is the Safe Mode, which used to work some time ago, before I kept utilizing UltraWindows and got infected with the Trojan Horse.

5.) But what concerns me is that the Close Program Box froze after I Ended the Tasks of everything but Explorer and systrays(there were a few of those, by the way).

6.) Finally, No I haven't deleted the Business Logic application yet, because I never got an answer from the Tech Guy site as to what it is or does. It's like in C\Application Data\Update\Uwc|Business Logic. 

I tried to find more on the net about that application, but I couldn't find anything. So please advise me at this point. The IE replacement pack is certainly more colorful than the one it replaced. 

Steve


----------



## gladio77 (Oct 5, 2005)

By the way Ekim,

I was just looking at various settings, like in the Security of the new, as well as the old Explorer(when I was using it not so long ago), and for example, there is an Option checked that says something like, "Do not run ScanDisk after a hard shutdown." I'm just wondering now, if my settings, whatever they are, are contributing to my problems.

Steve


----------



## ekim68 (Jul 8, 2003)

Were you able to run defrag all the way, in any environment, windows or dos.,?
And, how old is your hard drive? This might be a hardware issue...
Things only last so long..


----------



## gladio77 (Oct 5, 2005)

Unfortunately, Ekim, I was not able to run the Defrag for even 5% of its path. But I've decided to delete this Business Logic thing, and check out the Hijack This tutorial and see what's what. The hard drive is probably about 8 years old. I'm not about to replace it. What I'll simply do is buy a whole new system after Vista is out and available, and its kinks have been worked out. I just need to get by in the meantime. You know, 6 months..maybe a year or so.

Unless you tell me otherwise, I am going to 

-Buy the newest version of SpySweeper, although CA looks promising

-Delete Business Logic

-Hijack This tutorial suggestions that are safe

-Keep using the other applications Tech Guy suggested I download

-Perhaps download a stand-alone Defrag Program that might be available through the Net (Is there one available out there, Ekim?)

-Make a contribution to Tech Guy for all the help I've gotten so far

-And keep in touch with you to let you know what is happening, next

Steve


----------



## ekim68 (Jul 8, 2003)

I would not buy the SpySweeper thing.. A lot of security that you read, here, earlier will be 
helpful...
And, though SpySweeper may have been helpful, it, IMO, is not worth buying...

http://www.majorgeeks.com/Diskeeper_Lite_d1207.html

This may help in defrag...

The thing is, to get your hard drive more efficient, and then the software problems.


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

I have downloaded the defrag disklite appllication. I won't purchase SpySweeper. I'll let you know what happens after I clean up my pc a little. I also finally deleted the Business Logic Application that contains the Trojan Horses. When I decided to restart my computer, I got a worried message saying that something "bad(I'm serious, that's the word used)" happened to my Grisoft AVG Free Version that discovered the Trojans. Then I restarted my computer manually, and it seems to be working. Do you think the pc was reacting in some way to the fact that I deleted the application from my Recycle Bin, instead of, from the application, itself? That the information was just "yanked" from the lists generated by my many scans?

Anyway, I will keep you informed. Steve


----------



## ekim68 (Jul 8, 2003)

Hey gladio77. Go back to post #22 and make sure you do what he says. That will help
with all the unwanted temp files...


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

-I successfully loaded Diskeeper Lite and also successfully completed a complete defragmentation. It took quite a long time, because I haven't been able to perform one for months. I must THANK YOU for all the help you have provided for me. AND, a contribution IS coming.

-Windows 98 started working well enough to try to defragment on its own. I guess my daughter had scheduled it to periodically. But it failed, however; nevertheless, for the very first time, I received some sort of reason...my computer reported that I don't have enough free space to conduct a defragmentation. Interesting. I have about 1.60 gigs left out of nearly 5.00 altogether. Why isn't that enough space to do it? 

-I am always updating SpyBot with the latest definitions. The last two times I have run the program, I'm congratulated for not having any spyware that needs to be removed. I don't get it...I've always had to wrestle with that problem. I ran Hijack This again, and my log looks pretty clean. Nevertheless, being the suspicious type, I'm wondering if the program has been compromised somehow to give me a clean bill of health every time I run a scan, or if the troublemakers have simply given up. What do you think?

-Ok, now what? Sorry I took so long to reply.

Steve


----------



## ekim68 (Jul 8, 2003)

Looks like you're doing good...

Be sure to remove any programs you don't use. That will help..

I may have asked this before, but, how much ram do you have?


----------



## gladio77 (Oct 5, 2005)

Ok Ekim, Here you go.

I have included a bunch of information, actually.

I have a Gateway with Windows 98, purchased in 4/98. It has Genuine Intel..Pentium (r) II Processor.....Intel MMX (TM) Technology....64.0 MB RAM.....

Here is some additional information I got from my System:

PERFORMANCE STATUS: Memory-64.0 MB of RAM...System Resources-58% free...File System-32 Bit...Virtual Memory-32 Bit....Disk Compression: Not installed.....PC Cards (PCMCIA): No PC Card Sockets are installed...Your system is configured for optimal performance
Hard disk: Settings: Desktop computer....Read ahead optimization: Full....Graphics: Hardware Acceleration-Full....All accelerator functions-Use that setting if your computer has no problems (recommended)....Windows also manages my virtual memory settings-recommended...

I ran Easy Cleaner again and it color codes the various registries. The yellow ones it says are either bad or too complex to analyze. There were a couple of them that were yellow. See if you can make any sense out of them. "C\Program Files\AIM 95\aim exe.cnetwait.oclfreal\Program\Backweb-8876480.exe/ and some other things like RunDLL.deskcp16.dll, and Load Power Profile Rundll32.exepowerprof.dll. Heck, I don't know whether that is good or bad. I'm also told that some Registry keys are empty, and others contain "invalid values." Others are "default." So what do I do with those registries?

Also, I ran the AVG to look for any more trojan horses or viruses. As you recall, I deleted the application Business Logic from my system. That was the one that had the Trojan horse. So, no trojan horses. But I did get an indication in my AVG log that something was different. I got a message that said "C\Windows\hosts" was different... specifically, it said that "Result-change" and "Status-changed." Good or bad?

Finally, I have run Hijack This again, and here is my newest posted log for you:

Logfile of HijackThis v1.99.1
Scan saved at 11:24:14 PM, on 3/22/06
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\NOVELL\CLIENT32\NWPOPUP.EXE
C:\WINDOWS\SYSTEM\MPRMMON.EXE
C:\WINDOWS\SYSTEM\WINMODEM.101\wmexe.exe
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\M2AUDMON.EXE
C:\PROGRAM FILES\EXECUTIVE SOFTWARE\DISKEEPERLITE\DKSERVICE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\GWHOTKEY.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\PRINTRAY.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MEDIAMONITOR.EXE
C:\PROGRAM FILES\LOGITECH\ITOUCH\ITOUCH.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\MONEY\SYSTEM\REMINDER.EXE
C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
C:\PROGRAM FILES\AIM95\AIM.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\WEBSHOTS\WEBSHOTSTRAY.EXE
C:\PROGRAM FILES\NETZIP DOWNLOAD DEMON\NETZIP DOWNLOAD DEMON.EXE
C:\AMERICA ONLINE 4.0\AOLTRAY.EXE
C:\PROGRAM FILES\SMARTDISK\MVP\MMSYSTRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\MY DOCUMENTS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.netscape.com/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
F1 - win.ini: run=hpfsched
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://home.netscape.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [mmpti] c:\windows\SYSTEM\m1mmpti.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Multi-function Keyboard] GWHotKey.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MediaMonitor] C:\PROGRA~1\SMARTD~1\MVP\MEDIAM~1.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [rmmon] c:\windows\SYSTEM\mprmmon.exe
O4 - HKLM\..\RunServices: [winmodem] WINMODEM.101\wmexe.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Money\System\reminder.exe
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 4.0\aoltray.exe
O4 - Startup: MMSYSTRAY_NAME.lnk = C:\Program Files\SmartDisk\MVP\mmsystray.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O12 - Plugin for .swf: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\NPSWF32.dll
O16 - DPF: {E6A86FF2-AE57-11D3-B1F5-0010833427C9} - http://hpprintit.com/hpipb/pbsetup.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe

And in addition, because you asked for my RAMs, I have two things I might want the computer store to do..one was to install the CDRom burner, and the other, if you think I need it, is: what, increase my hard drive? You tell me.

You have probably heard the news that MS is delaying Vista, because of security problems. No surprise there. Of course one wonders what kind of security they are talking about...ordinary security issues or 9-11 security type issues. Anyway, it means I'm keeping Old Lulubelle about a year longer. So, if I need more RAM..anyway, please talk to me about these issues.

I sent my check out. Have a good one.

Steve


----------



## ekim68 (Jul 8, 2003)

Hey gladio77, a couple of things: or, maybe, more..
Do you use AIM? The version you have has been broken. That is, when you're using it
online, it can be hacked into and leave some nasty stuff on your computer. (If you don't
use it, you should uninstall it)..
And, it looks like your system is pretty old, so if you want to get a CDRom burner, (they're
not that expensive these days) you can always take it with you for your next computer.
IMO, you don't really need anymore ram. It's probably pretty pricey these days because it's older. Your "system resources" is at 58%, that's not good. It's mostly due to the
O4 startups in your hijackthis log. I'll take a look and get back.


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

I hadn't heard from you recently about your looking at my Hijack log. You mentioned the 04s in my Startup and that I only have 58% free. 

Now I have to share something else with you. I spent most of Saturday being kicked off-line because whenever I logged on, I kept getting the "illegal" message, and that my system is being shut down. That's never happened to me before with such frequency. I must have gotten the message that my computer has done something illegal at least 25 times. I even restarted my computer about 15 times.

Sometimes over the last month or so, after I get off AOL, I receive a message that AOL is being updated and a horizontal bar appears with the blue gradually filling up to 100%. That happens each time I get offline. If I try to reconnect before the process finishes, I can't get onto any web site. But that is a different issue than the one that I mention in my second paragraph.

Getting the illegal message is getting me spooked. I ran AVG and there is no virus. Usually it's the KERNAL32.DLL or IMFGIF in AOL that tells me my computer has been bad. I've run Spybot, Disklite, CW Shredder, and ScanDisk, nothing helped, and I thought I'd have to go to the library to send this message to you. I got rid of my Temp Files and History of Visited Sites. I think this is the longest that I've managed to stay on today. I only usually get the "illegal" message if I keep hopping repeatedly from a web site's main page to one of the sub-pages and back again. But this time, I just GOT IT, over and over, again. I'm almost convinced my internet days are over. How can keep from getting kicked off?

I used Easy Cleaner to get rid of some cookies-just some- but I'm wondering if I got rid of any cookies I need to stay on line for more than a few seconds. I'm starting to get scared. I may still have to go to the library to talk to you, again. By the way, I got rid of AIM, the files connected to it, and the registries that relate to AIM 95, or just AIM.

I think someone used this pc recently, to connect to their work, or rather their network at work. I also kept getting a message on my Desktop that I could only work off-line or something like that, unless I was willing to reconnect to the web. That's when I deleted the history of visited sites and temp files.

Anyway, please reply and wish me luck. Steve


----------



## gladio77 (Oct 5, 2005)

Dear Ekim,

Well, it's Sunday around here, and the immediate crisis seems to have passed, at least for now. I'm not getting an illegal message every time I sign on to AOL 4.0. But who knows, it could happen again. I can understand getting kicked off, when I keep bouncing around sites, although I'm not even sure that is supposed to happen. But what I can't understand why occasionally my pc goes through fits where it tells me all the time that AOL is doing something illegal. I have a Windows 98 manual that says that when an illegal message appears, it only means that my pc doesn't want to "play" anymore, and that I should simply restart my machine. First of all, I'm not sure that's any kind of answer to the question of why it does it, and secondy, that doesn't always work, like in my particular case, yesterday. I am grimly determined to hold on to the bitter, bitter end, assuming Vista EVER comes out. However, if I have to wait a year or more, that's too much time to wait for a new machine. 

Do you think Gates will simply drop Vista altogether, or does Microsoft have too much invested in it to back out of it, now?

Steve


----------



## ekim68 (Jul 8, 2003)

Hi gladio, I'm going to reply more in the next post. I've gotten away from this and I want
to read all of it..


----------



## ekim68 (Jul 8, 2003)

Okay. Gladio, your system is old and has had its day. But, you can still hang on for a while.
First off, don't worry about Vista. Even when it comes out, it will be a while before it's
really reliable, such as with most new products..
I wouldn't worry about upgrading your hard drive, you're probably good with the one you
have. If I'm seeming abrasive, then it's because your equipment is almost 8 years old and
things are quite different now. Now, about those 04 startups.
BTW, I'm still amazed that you're getting online with AOL 4.0, and I'm glad. 
So, run hijackthis again and remove these, which I don't think you need, but, if you think
so, let me know...
O4 - HKLM\..\Run: [mmpti] c:\windows\SYSTEM\m1mmpti.exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
O4 - HKLM\..\Run: [BillMinder] C:\QUICKENW\BILLMIND.EXE
O4 - HKLM\..\Run: [LexStart] Lexstart.exe
O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [MediaMonitor] C:\PROGRA~1\SMARTD~1\MVP\MEDIAM~1.EXE
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\RunServices: [rmmon] c:\windows\SYSTEM\mprmmon.exe
O4 - HKLM\..\RunServices: [DkService] C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Reminder] C:\Money\System\reminder.exe
O4 - HKCU\..\Run: [RealJukeboxSystray] C:\PROGRAM FILES\REAL\REALJUKEBOX\TSYSTRAY.EXE
O4 - HKCU\..\Run: [AIM] C:\PROGRAM FILES\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Startup: Download Demon.lnk = C:\Program Files\Netzip Download Demon\NETZIP DOWNLOAD DEMON.EXE
O4 - Startup: America Online Tray Icon.lnk = C:\America Online 4.0\aoltray.exe
O4 - Startup: MMSYSTRAY_NAME.lnk = C:\Program Files\SmartDisk\MVP\mmsystray.exe
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Then, restart and see what the percentage is....


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

Sorry for the delay in responding to your latest suggestions. I have been out of state for about a week. As for your suggestions, in some of the Hijack This log, things like Logitech and Diskeeper are mentioned. Logitech refers to my new mouse that I got when my old Gateway started malfunctioning. And of course, Diskeeper Lite is the defrag program I have. The computer also uses Webshots when it's not in use. Nice pictures, too. Will getting rid of the things you suggest affect pc operations or desktop appearance?

Steve


----------



## ekim68 (Jul 8, 2003)

gladio77, the Logitech and Diskeeper will work for you anyway without being in the
startups. You say the 'computer also uses Webshots when it's not in use.'
What do you mean by that? And, once again the program will work without being
in the startups. When you limit the number of startups, you limit the number of things
trying to be active all the time, and it's particularly important for older systems. They
tend to "scoop" your ram...


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

Okeedokee. Will do the things you suggest. Will continue to keep you "posted."

Steve


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

I hope that all is well with you and yours. 

Here is the latest, and not so greatest.

1.) I am glad to report that after I deleted those unnecessary start up things you told me to from Hijack This, my pc has been somewhat faster and less prone to delays and crashes. But they still occur, nevertheless.

2.) I have 64 RAMs now. I think you wanted to know what I had after I deleted the above.

3.) I finally took my tower in to have the CD-R burner installed. I figured I had done about as much as could be done on this machine to make it more efficient. I had actually purchased the burner in December, but as you can see from the posting, I needed a few months to maximize whatever potential this pc could offer. I think my original posting about the burner was in October of '05, I think.

Well, guess what? They couldn't get it to work with my Windows 98 on this ancient Gateway. They even increased my RAM to see if it would work with more RAM, and it wouldn't. How about them apples? 

4.) I believe you have really helped me improve the efficiency of this machine almost as much as it can be. Naturally, I'm disappointed. I had hoped to avoid purchasing another pc for a year, until Vista came out AND its bugs were worked out. But, now that's not going to happen.

5.) So.....I'm going to buy something, and probably within the next few months. I've decided that I'm not going to scrimp, either. I'm going for something with at least 1 gig, even if I have to add memory right at the outset. And now that I will be forced to get XP, I want a system that is easily upgradable to Vista, but only when Microsoft finally purges or exorcises Vista's lingering demons. And I'm willing to pay very big bucks for something that will last and not become obsolete in 5+ years. I have gone on line to like PC World or other sites that rate various systems-both desktops and laptops. I'm going for a desktop. But, do YOU or Tech Guy have any good web sites in mind that I could access, whose rating system you respect? Are you allowed to use the Tech Guy site to make recommendations, or will somebody sue you? 

6.) In the meantime I'm willing to consider any other recommendations you have for me to continue improving the operation of my current machine, at least until I get a new one. And after I get a new one, I'll probably stick with Tech Guy anyway, simply because it IS a new machine. 

7.) I'm probably going to go with some high-speed connection system with my new machine. I currently am using a second telephone line. But there is a catch: I have alot of Favorite Places on my AOL 4.0. I don't want to spend the time writing down all of their web addresses. What method, or methods, can I use to record their addresses so that they can be transferred back to my new computer? And, when I do use a high-speed system, IT PROBABLY WON'T BE AOL AT ALL. Will that complicate my attempts to save the addresses of my Fav Places? 

8.) Finally, what high-speed system do you recommend? AOL has, or used to have, some goovy little areas appealing to different interests, thatyou could visit, if you felt like it. What other systems have that, or is there a special site I could log onto that could provide them? 


Well, that's all for now, Ekim. Take Care. Steve


----------



## ekim68 (Jul 8, 2003)

Good grief Steve, 
You've done a lot...Well done...
I'll read this and get back..


----------



## gladio77 (Oct 5, 2005)

Dear Ekim:

Have you had a chance to consider any of the issues I last raised in late April in my most recent post?
Steve


----------



## ekim68 (Jul 8, 2003)

Yes, I have read it. Can I send you a pm? I have a few ideas, but, we should really mark
this thread solved. If it is...


----------

