mr>bloodhound114 i will be grateful if u fix the problem. Aribindi

0

You're running HJT! from a temporary RAR folder - this is not recommended, as the program needs to be in a permanent folder in order to make backups of any changes (just in case) Here's the automated analysis of your log (stored temporarily online) - couple of items appear 'nasty' We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0

A couple Major issues going on in that log. Give me some time to do a little research and I'll help you get rid of them. While you're waiting, move Hijack this to another folder named something like C:/HJT. You can create one by RIGHT-clicking on the start button and then left-clicking on "explorer", you can figure it out from there. Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

Please open Hijack this (make sure it is the only program running and that no other windows are open or the fix won't work) and "do a system scan only" and then place a check beside the following entries: O15 - Trusted Zone: *.p0rt2.com O16 - DPF: {64311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab O16 - DPF: {33331111-1111-1111-1111-611111193429} - http://www.www2.p0rt2.com/files/_ipsec_.cab O16 - DPF: {33331111-1111-1111-1111-611111193423} - http://www.www2.p0rt2.com/files/777.cab and then click "fix checked", if prompted to reboot, do so. Then do an online scan at Kapersky Webscanner and save a logfile. Please post the Kapersky logfile and a new Hijack this log in your next post. How is your computer running now? Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

Well, I'm glad the automated analysis was so helpful - "you'll" have this one finished in record time We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0

... good catch on that temporary folder thing too (would've hated to miss that) We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0

hi mr>bloodhound114, below th msg is a log file. by the way, i uninstalled Macfee antivirus for trail, it proved to be good,since there is up in the speed. i m grateful to ur timely response. please suggest free antivirus software to install in my computer and it shouldn't down the speed. Logfile of HijackThis v1.99.1 Scan saved at 6:14:01 AM, on 4/16/2006 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v5.50 (5.50.4134.0100) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.exe C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.exe C:\WINDOWS\SYSTEM\MSTASK.exe C:\WINDOWS\EXPLORER.exe C:\PROGRAM FILES\IVASION\WINPOET\WINPPPOVERETHERNET.exe C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.exe C:\WINDOWS\TASKMON.exe C:\WINDOWS\SYSTEM\SYSTRAY.exe C:\WINDOWS\SYSTEM\WMIEXE.exe C:\WINDOWS\SYSTEM\RESTORE\STMGR.exe C:\WINDOWS\SYSTEM\RNAAPP.exe C:\WINDOWS\SYSTEM\TAPISRV.exe C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.exe C:\WINDOWS\SYSTEM\STIMON.exe C:\WINDOWS\SYSTEM\PSTORES.exe C:\WINDOWS\SYSTEM\DDHELP.exe C:\PROGRAM FILES\HIJACK\HIJACKTHIS.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McUpdate.exe O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\McAgent.exe O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe" O4 - HKLM\..\Run: [WinPoET] C:\Program Files\iVasion\WinPoET\WinPPPoverEthernet.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s O4 - HKLM\..\Run: [SystemTray] SysTray.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.exe O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab?8b3c072c994504d04f65e8cecaf4e66b75445b33fc054a79eafc730c70e3b80322d509e746e96bc6754c2ac367d7b45c2c248db06b45110186fec0ade87a4b4e2b0cc8d9ce6d:3604fb5c3c600c5b8c6fcf10f63fa780 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_ansi.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 203.145.184.13,202.56.250.5 Aribindi

0

bloodhound411, could i have ur mail id? if u don't like to post it, send it to aribindimail@yahoo.com

0

bloodhound114 seems to have vanished for a bit. This sometimes happens because we all have other commitment and we only do this in our spare time. It is also possible that he forgot to mark this post and is therefore not aware that you are seeking further help. I'd make two points. First, never put your email in open text on a forum otherwise the spammers engines will find it and you'll get junk email forever. Your email address is encrypted in your details on this website (we click your name and no spammers engine does that). If you must put your email in open text you should disguise it somehow. One method I sometimes use is this: fred dot smith "at sign" server dot net The second point is to shout back if bloodhound114 doesn't come back for a while. I would hesitate to take on an HJT personally. Although I might well be able to help, I know someone who is far better qualified than I am (jabuck on the Security & Virus forum). Post back and if necessary I will ask jaback if he can spare the time to look at this post. Sorry if you feel you've been left out in the cold by the forum but I feel sure that we can help resolve this problem somehow. DerekW

0

At a quick glance this O16 entry containing the term 'zangocash' seems like an obvious 'baddy' Entries containing the term 'no file' can also be safely removed We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0

... in the meantime I had a quick look at your log with the auto analyzer, this one: GERMAN AUTO ANALYZER Although it mentioned a few unecessary items and moaned about your browser (IE55 is less secure than IE6) there didn't seem to be anything too worrying. It looks rather like the items removed at #11 did the trick. Is the machine any better now? DerekW

0

... oops, overlapped. Looks like I missed something. DerekW

0

... yes indeed 016 zangocash. Unless you know what this is and feel certain it is safe then it would be best to get HJT to remove it. In any event most ActiveX components can be readily obtained again if removed. DerekW

0

... one realtively minor point. RealPlayer is renowned for running unecessary (and sometimes dubious) background tasks. Not a big issue but it would be well worth considering "Real Alternative" instead. This should run all RealPlayer files without these other activities. If you wish to go this way, get your "Real Altenative" download first then uninstall RealPlayer before installing the alternative. DerekW

0

Please open Hijack this and "do a system scan only" once again (making sure that no other windows are open). Place a check beside the following entries and click, "fix checked" afterward. O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab?8b3c072c994504d04f65e8ce caf4e66b75445b33fc054a79eafc730c70e3b80322d509e746e96bc6754c2ac367d7b45c2c248db0 6b45110186fec0ade87a4b4e2b0cc8d9ce6d:3604fb5c3c600c5b8c6fcf10f63fa780 O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 203.145.184.13,202.56.250.5 Derek was right, I have a full time job that involves heavy equipment and rocks. This is something I spend my time doing after work while I'm cooking/eating supper. Others will benefit from the thread posted on this forum. Therefore I won't send the instructions to your email address. You can also download an AVG firewall at this link free of charge. It's an excellent firewall if it's kept updated. Another good program that is highly advised is SpywareBlaster 3.5.1 . If you need instructions for either program, feel free to ask and I will gladly help. Please do another scan at Kapersky and save a logfile. In your next post, I would like to see a new Hijack logfile and the results from the Kapersky scan. Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

bloodhound114 Excuse me poking my nose in... I'm well aware of AVG Virus checker (use it myself) but have they really got a firewall too? I tried the link but it didn't work. I didn't query the mcafee entries because a firm of that name is well known for their Anti-Virus software. Have I fallen for some trick regarding this? DerekW

0

... oops, found AVG firewall in Google - seems I'm not keeping up to date. DerekW

0

http://free.grisoft.com/doc/1 The proper link for the firewall is above. Sorry about that cheerprince, my link didn't work. Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

bloodhound114 Link seems to be for AVG AV freebie (which is what I use). I only had a quick look around but got the impression that the firewall was only available as part of AVG Plus which is their "paid for" version (which is also available as a shareware trial). If so, this may or may not suit the poster. DerekW

0

The link is just fine and is free. Also check http://free.grisoft.com/freeweb.php/doc/2/ Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

cheerprince You said in your original post that McAfee is still present (presumably by that you mean installed). You should not therefore let HJT remove any entries for McAfee because this will result in a program that is still present but with missing registry entries. If you no longer require McAfee then you should use the proper uninstall procedure first. This will remove all files and registry entries, which is particularly important for programs of this type. If HJT then finds left over entries (which it shouldn't) then it is fine to let HJT remove them. bloohound114 I regard this as an important point in terms of mainting system integrity. I'm sure you will agree that we must avoid landing the poster in a worse postion then when he posted. DerekW

0

I have to believe this is the first forum our "Mr." bloodhound has blessed with his 'expertise' As the saying goes: "Don't quit your day job" We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0

thanks "bloodhound" and thanks to my new guide "derek" too, both enlightened me in various jobs. now my system is relieved as my macfee antivirus is deactivated. i found that it ate the speed. is the ant-virus u(bloodhound) specified an efficient cracker of virus? if u say "yes" i m here ready to download it. is "real alternative" a reliable and trust worthy?(derek) please post the site address of it? mr.bloodhound, i agree with u, this post should be helpful for other people who look-farword to up their computers running when it is in trouble. but im afraid i may miss ur suggestions in the future when some problem persist then. so please think again to my request.just give it without disclosing the acceptance in the post. "im just a student who seeks help from the experts". Aribindi

0

my thanks to "JBOY","JAM","LARRY" as all made the work succesful. i m sorry "jboy","JAM","LARRY" as i unspecified ur names in my preceding post. u all united and made it big. Mr.bloodhound what's the use of backup files in the hijack folder.should it be kept as it is? or can be deleted. Logfile of HijackThis v1.99.1 Scan saved at 12:28:10 PM, on 4/16/2006 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v5.50 (5.50.4134.0100) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.exe C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.exe C:\WINDOWS\SYSTEM\MSTASK.exe C:\WINDOWS\EXPLORER.exe C:\PROGRAM FILES\IVASION\WINPOET\WINPPPOVERETHERNET.exe C:\WINDOWS\SYSTEM\RESTORE\STMGR.exe C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.exe C:\WINDOWS\TASKMON.exe C:\WINDOWS\SYSTEM\SYSTRAY.exe C:\WINDOWS\SYSTEM\WMIEXE.exe C:\WINDOWS\SYSTEM\SPOOL32.exe C:\WINDOWS\SYSTEM\STIMON.exe C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.exe C:\WINDOWS\SYSTEM\DDHELP.exe C:\WINDOWS\SYSTEM\RNAAPP.exe C:\WINDOWS\SYSTEM\TAPISRV.exe C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.exe C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.exe C:\PROGRAM FILES\HIJACK\HIJACKTHIS.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN4\YCOMP5_5_7_0.DLL O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN4\YCOMP5_5_7_0.DLL O4 - HKLM\..\Run: [WinPoET] C:\Program Files\iVasion\WinPoET\WinPPPoverEthernet.exe O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunOnce: [WMC_RebootCheck] C:\WINDOWS\inf\unregmp2.exe /FixUps O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000 O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.exe O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 203.145.184.13,202.56.250.5 Aribindi

0

Everyone has differing opinions about virus checkers but AVG is seen as a good program by many/most people on this forum. I am using it and have no hassle with it. I see no harm keeping the backup files for HJT for a few weeks because they are very small and in the most unlikely event that you want to put any of them back they are available. In the long term they can go. I would make one suggestion though. When you are certain that your machine is OK (and it certainly seems that way) run HJT, tick all items and get it to "Add checked to Ignore list". DO NOT GET HJT TO FIX THEM. Sorry, that must be obvious but I don't want you to accidentally wreck your system. If you do this, next time you run HJT it will say "no suspicious items". If anything new comes along then you won't have to wade through all the known good entries so it will be far easier to determine what they are about. DerekW

0

Are you familiar with this company at all? OrgName: Asia Pacific Network Information Centre OrgID: APNIC Address: PO Box 2131 City: Milton StateProv: QLD PostalCode: 4064 Country: AU ReferralServer: whois://whois.apnic.net NetRange: 202.0.0.0 - 203.255.255.255 CIDR: 202.0.0.0/7 NetName: APNIC-CIDR-BLK NetHandle: NET-202-0-0-0-1 Parent: NetType: Allocated to APNIC NameServer: NS1.APNIC.NET NameServer: NS3.APNIC.NET NameServer: NS4.APNIC.NET NameServer: TINNIE.ARIN.NET NameServer: NS-SEC.RIPE.NET NameServer: DNS1.TELSTRA.NET Comment: This IP address range is not registered in the ARIN database. Comment: For details, refer to the APNIC Whois Database via Comment: WHOIS.APNIC.NET or http://www.apnic.net/apnic-bin/whois2.pl Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry Comment: for the Asia Pacific region. APNIC does not operate networks Comment: using this IP address range and is not able to investigate Comment: spam or abuse reports relating to these addresses. For more Comment: help, refer to http://www.apnic.net/info/faq/abuse Comment: RegDate: 1994-04-05 Updated: 2005-05-20 OrgTechHandle: AWC12-ARIN OrgTechName: APNIC Whois Contact OrgTechPhone: +61 7 3858 3100 OrgTechEmail: search-apnic-not-arin@apnic.net Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

If you are not familiar with that company then we have one more thing to fix before we enter into prevention methods and updates for your computer. Proud member of Alliance of Security Analysis Professionals since 2005. ASAP

0

Re #29. Yes, Real Alternative is reliable and trustworthy. REAL ALTERNATIVE WEBSITE DerekW

0

mr.Bloodhound, i m not unaware of that. what's that mean all about? how is it helpful? Aribindi

0

whenever there is a need to clean install WindowsME ,is there any other way to uninstall it to install again without formatting? because i have loads of data installed in that sometimes. when i have gone through startup disk help file, i found a way to uninstall it throuh series of steps.is that a way to uninstall it? can it uninstall completely without any traces remaining> if there is other way. should i uninstall some programs(like anti-virus etc) before going to that task? Aribindi

0

sorry to my mistype in the previous post. i m not aware of that company. Aribindi

0

Has there been any improvement with your system since those suspicious items were removed? Did you look at the links jboy gave in #3? The only clean install to my knowledge is reformat although I am more familiar with W98SE than WinME. System restore can be useful but in your case this might bring back the items HJT removed. As an aside, I can confirm that what I said in #25 was correct (the firewall is not included in the free version of AVG). DerekW

0

As per my #3 - you cannot 'uninstall' an Operating System unless there is something to go back to. Normally a "clean install" implies formatting (erasing) the drive - in any case, data is always at risk until it is backed up on separate media (at least once). That, imo, would be your best bet - backup needed items onto CD etc, format and install 'fresh', then apply the various tweaks to ensure a cleaner, leaner system We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0

i have gone through the jboy's posted urls which knowledged me "how to enrich the performance of the system" THANKS JBOY. Mr.dereck, my system is responding well,improved it's speed. Hope Mr.bloodhound reading this msg. u people please pay the same interest at my new post "Missing export kernel32.dll" Aribindi

0

Thanks for popping back. I'm sure everyone who took part in this post will be pleased for you. DerekW

0

I'm glad they helped - credit goes to those authors, that information allowed me to get my WinME system tuned up in no time We've heard that a million monkeys at a million keyboards could produce the complete works of Shakespeare; now, thanks to the Internet, we know that is not true

0