Here are my results.

[originale]

Ok- I should have waited but went ahead and guessed what Microbell meant. Here are the files I entered: c:\program files\best pop up killer (just in case it was there)
c:\windows\syste
c:\documents and settings\nixon\application data\sskknwrd.dll

It didn't reboot and gave me this warning: Pending File Rename Operations Registry Data Has been removed by external process!

Did I screw up and have I affected my system

[originale]

I know you want people to wait 24 hrs,but I'm afraid to turn off my computer! I haven't heard back since I performed the last operation and i don't know if I messed things up. Anxious to hear from someone.

[Ried]

Hello originale,

You're ok--nothing is messed up. Let's just see where we're at here.

Using Windows Explorer, navigate to the following files and if you still see them there, delete them. (right click the file name and choose delete)

C:\WINDOWS\ syste
C:\Documents and Settings\nixon\Application Data\ Sskknwrd.dll

Please run another online scan at Panda and post the results here along with a new HijackThis log.

[originale]

Logfile of HijackThis v1.99.0
Scan saved at 2:03:08 PM, on 1/17/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\S3tray2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Connected\CBSysTray.exe
c:\Program Files\Connected\AgentSrv.EXE
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\MICROS~2\Office10\OUTLOOK.EXE
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Sympatico
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: Connected TaskBar Icon.LNK = C:\Program Files\Connected\CBSysTray.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Connected TaskBar Icon.LNK = C:\Program Files\Connected\CBSysTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: http://groups.msn.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1137276678265
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.9.27.1/ttinst.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} (Microsoft Search Settings Control) - http://lg.home.microsoft.com/search/...chsettings.cab
O23 - Service: Connected Agent Service - Connected Corporation - c:\Program Files\Connected\AgentSrv.EXE
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NICSer_WPC54 - Unknown - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
O23 - Service: Norton AntiVirus Client - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe

Incident Status Location

Spyware:spyware/altnet Not disinfected Windows Registry
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.realmedia.com/]
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.valueclick.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.atdmt.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.advertising.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.bravenet.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.zedo.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.statcounter.com/]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.2o7.net/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.overture.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.perf.overture.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.bfast.com/]
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.adviva.net/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.dist.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.belnk.com/]
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[counter.hitslink.com/]
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.tickle.com/]
Spyware:Cookie/go Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.go.com/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.maxserving.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.ath.belnk.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.web.tickle.com/]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.adopt.hbmediapro.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.adrevolver.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.apmebf.com/]
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.clickbank.net/]
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[.ct.360i.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[searchportal.information.com/]
Spyware:Cookie/web-stat Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[www.web-stat.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\nixon\Application Data\Mozilla\Firefox\Profiles\zn6po35x.Default User\cookies.txt[]
Potentially unwanted tool:Application/Processor Not disinfected C:\WINDOWS\system32\Process.exe

[Ried]

Using Windows Explorer, navigate to and delete the following file:

C:\WINDOWS\system32\ Process.exe

Clear your Mozilla FireFox cookies:

Open Mozilla>Tools>Options>Privacy
Click on Cookies
Click the Clear button.
Click OK

You should be all set now. Are you experiencing any problems? If not, please continue with the following instructions:

Reset hidden/system files and folders
Windows XP
===============
Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View tab.
* Deselect the Show hidden files and folders option.
* Select the Hide file extensions for known types option.
* Select the Hide protected operating system files option.
Click Yes to confirm.
Click OK.

Enable Windows Auto Update
*Go to Start>Run - type wuaucpl.cpl
*Tick on the checkbox - "Keep my computer up to date"
*Under Settings, choose "Automatically download the updates, and install them on the schedule that I specify".
Click on "OK".

Create a new System Restore point
Click Start >> Run - type SYSDM.CPL & press Enter
* Select the System Restore Tab
* Tick on the checkbox - "Turn off System Restore on all drives"
Click Apply
* Then untick the same checkbox & click OK
This will prevent any reinfection from previous restore points.

In light of your recent issue, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles:

HOW DID I GET INFECTED IN THE FIRST PLACE? by Tony Klein
THE ANTI-SPYWARE TUTORIAL
MAKING INTERNET EXPLORER SAFER

Be very wary with any security software that is advertised in popups or in other ways. They are not only usually of no use, but often have malware in them.

Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.
For a tutorial on Firewalls and a listing of some available ones see the link below:
Understanding and Using Firewalls

More information and free downloads are available at the following links:

Spyware Blaster to help prevent spyware from installing in the first place.
Spyware Guard to catch and block spyware before it can execute.
IESpy-Ad to block access to malicious websites so you cannot be redirected to them from an infected site or email.
MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer

Update all these programs regularly. Without regular updates you will not be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

[originale]

First thing: when I try to install spyware guard and click on it's icon, the computer opens to another program on my desktop and wants to install that instead. How could clicking on one open up an unrelated program?

I have a firewall and spyblaster, norton etc- so how did I get so infected?Read your post and I have these things? It's discouraging.

And you say, if I still have problems, you have a process I shd follow. How do I knkow I have problems. The browser is running so slowly-does that indicate an ongoing problem? Also, what if I run panda again and still see spyware. When I sent you the report, I noticed that all the spyware is still there- nothing ever went away. So, does that mean I'm still infected after all the steps I took?

thanks

[Ried]

What program is opening instead of SpywareGuard?

The files we had you delete are indeed gone. The 'infections' you see in the report are only cookies placed on your system when you visit webpages. Those will always accumulate, which is why it's a good idea to clear those periodically.

Are both Internet Explorer and Firefox slow to browse the internet? Did this happen recently, or has it been an ongoing problem?

[originale]

It's my son's game. In fact, when I turned on computer now, the first thing it did was go to windows installer to try to install that game. I went to add/remove and removed the game. The browser was not always slow- just recently which led me to suspect infection. It is timing out at this site, won't let me log in here- not sure what's up.

[Ried]

It's possible some installe files for your son's game were located in the Temp folder and when CleanUp was used earlier, it deleted it which may have caused the Windows Installer to pop up. After removing that game, are you able to install SpywareGuard?

You used the term browser is 'timing out'--that sounds like Firefox, correct? Is Internet Explorer also slow?

Let's take a deeper look:

Download WinPFInd http://www.bleepingcomputer.com/files/oldtimer/WinPFind.zip and extract it to your C:\ folder. This will create a folder called WinPFind in the C:\ folder. Do Not run it yet--it must be run in Safe Mode.

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Use the up arrow key to highlight Safe Mode and press Enter.

Inside C:\WinPFind is a file called WinPFind.exe. Double-click on this file to launch the program. Once it is launched, click on the Start Scan button and wait for it to finish. This program will scan large amounts of files on your computer for known patterns so please be patient while it works as it can take a while, upwards to 30 minutes or more.! Once the Scan is Complete it will make a txt file (log) of what was found. Save that log and post it here.

Restart one more time back into Normal Mode, run a scan with HijackThis and save the log to post here.

[originale]

I'm more messed up than I started. Couldn't run WinPFInd- it went for 3 hrs, then I realized it had gone to End Program. Can't run spyguard- did the same thing. Then when I boot up, computer tries to install another program. Now it's something else. I get this error msg: Component MSCOMCTL.OCY(I think it's Y maybe it's 4) or one of its dependencies is not correctly registered A file is missing.

Does EWIDO run on start up? It slows my system down horribly-start up takes forever. Do i need to have it always running?

Pages loading sooooo slowly- I just know something is wrong. Firefox is really bad, Explorer less so.

BTW- Panda only runs through Explorer. Took me a few tries to figure that out. You might want to mention that to people.

Thanks for the help so far. Hope you can solve this missing file thing.

[Ried]

Could that missing file have been MSCOMCTL.OCX? If so, click on this link and it will download and register that file for you.

Now try again to install SpywareGuard and run WinPFind. **Note: WinPFind must be run in Safe Mode. If you got it to run successfully, post the log here. (refer to instructions 2 posts up)

Sine only FireFox seems to be so slow, try to clear the cache:

Open Mozilla>Tools>Options>Privacy
Click on Cache
Click the Clear button.
Click OK

If there still isn't any improvement, uninstall through the Add/Remove panel, reboot, then reinstall Mozilla Firefox.

You can uninstall Ewido.

[originale]

Still can't run WinPFind. Have been running in safe mode but it jams right at the start and sounds like it's scanning but it's stuck in not responding mode. It begins to scan with file c:/hiberfil.sys and then won't even let me end program. I have to turn the computer off. Not sure what the issue is.

Thanks for the info re:mscomctl.osx. YOu were right-can't even read my own writing. Seems to have solved the problem of it always wanting to install something on start up.

re: spyguard. The icon is on my desktop but when I click nothing happens. I can do alive update but that's about it. When I try to install it, it says it's already open but not sure where.

re: ewido? Shall i uninstall thru add/remove? Is this something I won't need all the time. Can't seem to disable any other way.

[Ried]

Hi,

It would be a good idea to keep Ewido to have as a second scanner to check your system with periodically. You do not want 2 Anti-Virus programs running at the same time as they will conflict with one another.

To disable Ewido’s Active Guard:

• Open ewido by double-clicking the yellow 'e' icon in the system tray.
• In the 'Your security status' section, toggle the Ewido Guard realtime protection 'off' by clicking 'active' which will then change the protection status to 'inactive'.
• When you reboot, Ewido will prompt you as to whether you would like to "Restart the guard?" Reply "No" and set it to ''inactive''.

If you like, you can uninstall it through the Add/Remove panel.

SpywareGuard will work silently in the background to catch and block spyware before it can execute. You should see a red SG in the bottom right of your task bar. Right click the icon and SpywareGuard will open up. Click on ‘Options’ and make sure all the boxes are under the General section are ‘checked’. Click 'Save Settings'

How is Firefox performing? Did clearing the cache help?

Try this tool instead of WinPFind:

Download StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'Unmark All'

Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread.

[originale]

First of all-thanks about Spyguard. Of course, you're right. It's running in the system tray.

There is no option called Cache to clear in Firefox.

Cannot run StartDreck-same thing happens. Program doesn't respond and I have to end it. Is there another option?

Thanks for the explanation regarding what I think are infections. Guess I'm so paranoid now about this after the precautions I had taken, but your explanation makes sense.

Really appreciate you staying with this Ried.

Deborah

[Ried]

We'll stick with you on this until it's resolved.

For Startdreck and WinPFind, let's do this:

Dowload and run this registry fix: VBAS file association fix

Now try to run either of those programs again.

Did you follow this path: Bring up your Firefox browser. Now, at the top, click on Tools. From that drop-down box, click on Options. Now, click on the Privacy icon on the left side of the panel. You should now see a list there on the right 'Cache' being the last one.

If you still don't see that, what version of Firefox do you have? (Click on Help in the browser and it will list the version for you.)

[originale]

Ran the file association and still couldn't run either program.

Thanks for the Firefox directions- silly really. The cookies was open and had covered up options- I rarely go to privacy. Dumb-I shd have thought of that.

Ried-thanks so much for your patience. Cd you explain what these two programs do-the ones that won't work? Why am I trying to run them.

And I"ve seen reference to killbox on other posts- I cdn't run that either. What does it do?

[Ried]

Please don't feel silly, with all you've been trying to do to resolve this, it's easy to get 'lost' in what you're doing and what you're looking at.

Those tools I'm trying to get working simply perform a deeper scan on your system. Killbox is sometimes used to delete files which are likely to replace themselves upon reboot, amongst other reasons...

I'd like you to try the following and see if it fixes the problem with running Startdreck, WinPFind and Killbox:

Search for autoexec.nt. It should be in the "c:\windows\repair" folder. Copy it to the " c:\windows\system32 " folder.

[originale]

Copied the file- I hope I did it right. Ran WinFP and it didn't work again. Didn't bother with the others because if one didn't work, the others didn't either. It takes so long- the computer jams and I have to turn it off and restart otherwise it's stuck forever. So... fed up with this thing! Going to bed- will check again tomorrow. Ughghgh!

Thanks Ried- you're great.

deborah

[Ried]

Quote:

Copied the file- I hope I did it right

To be certain, click on this link then double click on it to run it. If those programs still won't run, (I would suggest testing with Killbox instead of trying to run a tool that will hang your system) do the following:

Click Start>Run and type in sfc /scannow (there is a space between sfc and /) and let it scan for missing/corrupt files. You may need your Windows XP Install disc so have it handy.

How is Firefox after clearing the cache? Any improvement?

[originale]

Hi Ried: Here is what I did. Not sure if I did killbox correctly. I cdn't click unregister dll for windows/syste It was greyed out. I was able to click on that for the other. But since i didn't realize that unregister dll comes on AFTER you type the file path in, I went back to re-do syste only to find it remained greyed out. So, then I cdn't choose the option to say yes to reboot at the end of it all, so I just clicked exit. I don't know if that made killbox run or not.

Firefox is a bit better but ironically this site is the slowest. Takes forever to load each page.

So, is this it? Shd it be ok now?