My HijackList Log

Question

This is the first time I heard of this program. My computer wants to connect to the net all the time. I have Windows 98, Zone Alarm IS, Ad-aware, Spybot, etc. I haven't been able to solve the problem. I'm hoping this log will find the reason. I use Propel Accelerator which conflicts with ZA for IMSecurity because both use LSP.

Logfile of HijackThis v1.98.2
Scan saved at 10:36:58 AM, on 12/25/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\IOMEGA\DRIVEICONS\IMGICON.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\ATIPTAXX.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\EN-US\MSNAPPAU.EXE
C:\PROGRAM FILES\PESTPATROL\PPCONTROL.EXE
C:\PROGRAM FILES\PESTPATROL\PPMEMCHECK.EXE
C:\PROGRAM FILES\PESTPATROL\COOKIEPATROL.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\MAILFRONTIER\MANTISPM.EXE
C:\PROGRAM FILES\PROPEL ACCELERATOR\PROPELAC.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\HPZSTATX.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enter.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.enter.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080
F1 - win.ini: run=hpfsched
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLL
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLL
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\PROGRAM FILES\PROPEL ACCELERATOR\PRPL_IEPOPUPBLOCKER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLL
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [VoyetraTray] C:\PROGRAM FILES\VOYETRA\AUDIOSTATION 32\VTRAY.EXE /s
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [HIDSERV] HIDSERV.EXE RUN
O4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exe
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [Propel Accelerator] "C:\Program Files\Propel Accelerator\trayctl.exe" /STARTUPLAUNCH
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE" /background
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE"
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Shortcut to CacheSentry.lnk = C:\Program Files\EnigmaticSoftware\CacheSentry\CacheSentry.exe
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\Propel Accelerator\pac-page.html
O8 - Extra context menu item: Allow pop-ups from this site - C:\Program Files\Propel Accelerator\pac-addwl.html
O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\Propel Accelerator\pac-image.html
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRAM FILES\LIFEFX\LIFEFXTB.DLL
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRAM FILES\LIFEFX\LIFEFXTB.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: Dell Home - {4D873EC0-FB79-11D3-9B62-20AB52C10000} - http://www.dellnet.com/ (file missing) (HKCU)
O15 - Trusted Zone: http://www.quixtar.com
O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - http://207.188.7.150/14a5be0b2c8e544f7621/netzip/RdxIE.cab
O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cab
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - https://support.dell.com/us/en/systemprofiler/SysProfLCD.CAB
O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab
O16 - DPF: {D68217F4-1DF9-45C1-BFA6-61DBD5464527} (Genealogy Browser) - http://66.119.139.74/cabs/zinst.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = enter.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = enter.net
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 63.65.0.2,63.65.0.3

zbestwun2001 · Answer

You definately have visitors. Hang tight untill Mike or someone else qualified is on. Merry Christmas SteveMessage Edited by zbestwun2001 on 12-25-2004 02:41 PM

Texruss · Answer

Fix check in HijackThis the adware ActiveX for Netster: O16 - DPF: {34805D32-AD89-469E-8503-A5666AEE4333} (RdxIE Class) - http://207.188.7.150/14a5be0b2c8e544f7621/netzip/RdxIE.cab I would also uninstall Facemail since even the creator Fxmail is no apparently longer supporting it (Even Kodak's website has shunned it with little comment after an aborted alliance:  http://www.kodak.com/US/en/consumer/lifefx/ Propel Accelerator is another program I would run screaming from (and you would if you value your privacy). Check out their privacy policy which lets them do just about anything they wish with your browsing habits to their current and future 'partners': http://www.propel.com/privacy.jsp Just my opinion however, YMMV. Download and install 1.99 HJT so we can get a better look at your connection problem and also provide more specific comments and details about your ISP service and what program is autoloading (IE?).http://www.richardthelionhearted.com/~merijn/   HJT 1.99 Cheers, Texruss

basketrage · Answer

Thank you very much! Done:  Fix check in HijackThis the adware ActiveX for Netster: Done:  uninstall Facemail - Downloaded it in 2001 during friends visit.  Haven't used since. Propel:  Well, I'm not happy with them.  Can you recommend another company?  Verizon is very, very slow in updating our area.  So until lines change, modem 56k is best unless you have a suggestion, even cable is limited.  I must say I have gotten more help from them than from Zone Alarm! Enter.net is my provider.  I really like them.  They are out of Allentown, PA.  I've used them for many years. Downloaded HijackThis from Cnet,  thought would have the latest version.  So downloaded from your link.  Here are the results: Logfile of HijackThis v1.99.0Scan saved at 6:28:26 PM, on 12/25/04Platform: Windows 98 SE (Win9x 4.10.2222A)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes:C:\WINDOWS\SYSTEM\KERNEL32.DLLC:\WINDOWS\SYSTEM\MSGSRV32.EXEC:\WINDOWS\SYSTEM\MPREXE.EXEC:\WINDOWS\SYSTEM\MSTASK.EXEC:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXEC:\WINDOWS\SYSTEM\ATI2EVXX.EXEC:\WINDOWS\SYSTEM\mmtask.tskC:\WINDOWS\EXPLORER.EXEC:\WINDOWS\TASKMON.EXEC:\PROGRAM FILES\IOMEGA\DRIVEICONS\IMGICON.EXEC:\WINDOWS\LOADQM.EXEC:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXEC:\WINDOWS\SYSTEM\QTTASK.EXEC:\WINDOWS\SYSTEM\ATIPTAXX.EXEC:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\EN-US\MSNAPPAU.EXEC:\PROGRAM FILES\PESTPATROL\PPCONTROL.EXEC:\PROGRAM FILES\PESTPATROL\PPMEMCHECK.EXEC:\PROGRAM FILES\PESTPATROL\COOKIEPATROL.EXEC:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXEC:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXEC:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXEC:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXEC:\WINDOWS\SYSTEM\DDHELP.EXEC:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXEC:\WINDOWS\SYSTEM\RNAAPP.EXEC:\WINDOWS\SYSTEM\TAPISRV.EXEC:\PROGRAM FILES\ZONE LABS\ZONEALARM\MAILFRONTIER\MANTISPM.EXEC:\PROGRAM FILES\PROPEL ACCELERATOR\PROPELAC.EXEC:\WINDOWS\SYSTEM\SPOOL32.EXEC:\WINDOWS\SYSTEM\HPZSTATX.EXEC:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXEC:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXEC:\WINDOWS\SYSTEM\PSTORES.EXEC:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXEC:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.enter.net/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.enter.net/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by DellR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:8080F1 - win.ini: run=hpfschedO2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\SYSTEM\NZDD.DLLO2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLLO2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\PROGRAM FILES\MSN APPS\ST\01.02.3000.1002\EN-XU\STMAIN.DLLO2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\PROGRAM FILES\PROPEL ACCELERATOR\PRPL_IEPOPUPBLOCKER.DLLO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLLO3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCXO3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\EN-US\MSNTB.DLLO4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorunO4 - HKLM\..\Run: [TaskMonitor] c:\windows	askmon.exeO4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM\..\Run: [VoyetraTray] C:\PROGRAM FILES\VOYETRA\AUDIOSTATION 32\VTRAY.EXE /sO4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exeO4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exeO4 - HKLM\..\Run: [LoadQM] loadqm.exeO4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startupO4 - HKLM\..\Run: [POINTER] point32.exeO4 - HKLM\..\Run: [QuickTime Task] 'C:\WINDOWS\SYSTEM\QTTASK.EXE' -atboottimeO4 - HKLM\..\Run: [HIDSERV] HIDSERV.EXE RUNO4 - HKLM\..\Run: [AtiPTA] Atiptaxx.exeO4 - HKLM\..\Run: [msnappau] 'c:\program files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe'O4 - HKLM\..\Run: [Propel Accelerator] 'C:\Program Files\Propel Accelerator	rayctl.exe' /STARTUPLAUNCHO4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exeO4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exeO4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exeO4 - HKLM\..\Run: [Zone Labs Client] 'C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe'O4 - HKLM\..\Run: [TkBellExe] 'C:\Program Files\Common Files\Real\Update_OBealsched.exe'  -osbootO4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrSchemeO4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exeO4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -serviceO4 - HKLM\..\RunServices: [ATIPOLAB] ati2evxx.exeO4 - HKCU\..\Run: [msnmsgr] 'C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE' /backgroundO4 - HKCU\..\Run: [PopUpStopperFreeEdition] 'C:\PROGRAM FILES\PANICWARE\POP-UP STOPPER FREE EDITION\PSFREE.EXE'O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exeO4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Startup: Shortcut to CacheSentry.lnk = C:\Program Files\EnigmaticSoftware\CacheSentry\CacheSentry.exeO4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXEO8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\Propel Accelerator\pac-page.htmlO8 - Extra context menu item: Allow pop-ups from this site - C:\Program Files\Propel Accelerator\pac-addwl.htmlO8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\Propel Accelerator\pac-image.htmlO9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLLO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLLO9 - Extra button: Dell Home - {4D873EC0-FB79-11D3-9B62-20AB52C10000} - http://www.dellnet.com/ (file missing) (HKCU)O15 - Trusted Zone: http://www.quixtar.comO16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://images.myfamily.net/isfiles/downloads/MrSIDI.cabO16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - https://support.dell.com/us/en/systemprofiler/SysProfLCD.CABO16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?319O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cabO16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cabO16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://ppupdates.ca.com/downloads/scanner/axscanner.cabO16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cabO16 - DPF: {D68217F4-1DF9-45C1-BFA6-61DBD5464527} (Genealogy Browser) - http://66.119.139.74/cabs/zinst.cabO17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = enter.netO17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = enter.netO17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 63.65.0.2,63.65.0.3

Texruss · Answer

Your log looks fine. One optional resource hog I normally suggest people remove when I'm not in a rush to fix far worse things:

O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
Comments: optional fix check...resource hog.

I don't care for any accelerator products. IMHO, you just can't fool dial-up by sending requests that go back and forth to proxy servers acting as an "accelerator."

DirectPC or wireless will be probably your only hope for the nearterm. Both are fairly expensive.

How is your autostart connection problem?

Texruss

basketrage · Answer

It still wants to connect. It took awhile. One of the techs at Enter.net said it could be Propel. They have a few 98 users that have a problem. He is going to give me another version. But I will think about what you said. Maybe I'll disable Propel and see how long the downloads take.

What is: O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 63.65.0.2,63.65.0.3

and O4 - HKLM\..\Run: [LoadQM] loadqm.exe

How do you feel about CacheSentry?

Thanks so much for your help!

Texruss · Answer

The 017 is fine....Sam Spade returns this for your ISP's DNS:

OrgName:    UUNET Technologies, Inc.
OrgID:      UU
Address:    22001 Loudoun County Parkway
City:       Ashburn
StateProv: VA
PostalCode: 20147
Country:    US

NetRange:   63.64.0.0 - 63.127.255.255
CIDR:       63.64.0.0/10
NetName:    UUNET63
NetHandle: NET-63-64-0-0-1
Parent:     NET-63-0-0-0-0
NetType:    Direct Allocation
NameServer: AUTH03.NS.UU.NET
NameServer: AUTH00.NS.UU.NET
Comment:    ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate:    1999-01-22
Updated:    2003-01-23

TechHandle: OA12-ARIN
TechName: UUnet Technologies, Inc., Technologies
TechPhone: +1-800-900-0241
TechEmail: help4u@mci.com

OrgAbuseHandle: ABUSE3-ARIN
OrgAbuseName: abuse
OrgAbusePhone: +1-800-900-0241
OrgAbuseEmail: abuse-mail@mci.com

OrgNOCHandle: OA12-ARIN
OrgNOCName: UUnet Technologies, Inc., Technologies
OrgNOCPhone: +1-800-900-0241
OrgNOCEmail: help4u@mci.com

OrgTechHandle: SWIPP-ARIN
OrgTechName: swipper
OrgTechPhone: +1-800-900-0241
OrgTechEmail: swipper@mci.com

# ARIN WHOIS database, last updated 2004-12-24 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

As for loadqm.exe...it's valid. Pacman has this to say:

Installed with MSN Explorer and loads the MSN Queue Manager. Required to enable the WU AutoUpdate feature. Note that disabling this can sometimes prevent internet sharing working on Win2K Pro SP2. Reports also suggest that removing it will re-enable internet access - hence the "users choice" recommendation. If you have problems leave it, otherwise I recommend you disable it

As for CacheSentry...it used to be decent before IE 6, but now IE6 handles cache fine and CS is unneeded in my opinion. YMMV.

Texruss

Texruss · Answer

Bad definition update...I've seen it about three times in the past few months. Chalk it up to a free program and disregard. The next update definitions should repair it. Texruss

basketrage · Answer

One more question I forgot to ask. When I run Spybot, I get a message Error During Check! - Z-Demon (Ungültiger Datentyp für")

Then I get another message: Congratulations! No immediate threat found.

What do I do?

basketrage · Answer

This has been very interesting to me.  Thanks again.  Guess what!  I uninstalled CacheSentry and my connection box has not tried to connect.  Maybe I found my problem.  But it's nice to know everything else is fine, for now!:smileywink:

Virus & Spyware

My HijackList Log

Was this post helpful?