I'm having major issues with my PC. I can't seem to get into My Computer, My Docs or any folder for that matter.

When I do I get the error message below. I've tried restarting several times and I've run an anti-virus scan but neither seem to have worked.

If anyone has ANY suggestions as to how I could fix this problem I'll be extremely grateful.

Hi Gmanuk, I work with computers most days so I'll lend you some advice. Its not top rate but I ought to be able to deal with the basic problems, if as I think it is, linked to spyware.

OK first off do this following.

Download the latest version of Hijack This install and run a scan, your get the result put into a notepad file at the end of the scan, post the results in the thread.

Rightio. I'm sure I've already got HijackThis somewhere on the PC but I downloaded it again and here's the log thing:

Logfile of HijackThis v1.99.1
Scan saved at 21:24:28, on 08/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\PSIMSVC.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\PASSRV.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\FIREWALL\PAVFIRES.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\PROGRAM FILES\VOYAGER100TEST\FTS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\APVXDWIN.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLDIAL.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\WEBPROXY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE
C:\PROGRAM FILES\AOL 9.0\WAOL.EXE
C:\PROGRAM FILES\AOL 9.0\SHELLMON.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\AOLTPSPD.EXE
C:\WINDOWS\PROFILES\GARETH\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=93256
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://4-counter.com/?a=2&b=bon
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: (no name) - {B93B7D36-C2D9-651D-5150-B89505E56FCA} - (no file)
O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - (no file)
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\PROGRAM FILES\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Voyager100Test\fts.exe"
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [PSIMSVC] C:\Program Files\Panda Software\Panda Platinum Internet Security\psimsvc.exe
O4 - HKLM\..\RunServices: [Panda Antispam Server Service] C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\PASSRV.EXE
O4 - HKLM\..\RunServices: [PavProc] "C:\Program Files\Common Files\Panda Software\PavShld\PavPrS9x.exe"
O4 - HKLM\..\RunServices: [PANDASCHEDULER] "C:\Program Files\Panda Software\Panda Platinum Internet Security\Pavsched.exe"
O4 - HKLM\..\RunServices: [PAVFIRES] C:\Program Files\Panda Software\Panda Platinum Internet Security\Firewall\PavFires.exe
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"
O4 - HKCU\..\Run: [System Update] C:\WINDOWS\System\webcheck.exe
O4 - HKCU\..\RunServices: [System Update] C:\WINDOWS\System\webcheck.exe
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - User Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - User Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra button: Voiceglo directory - {C9B8ABB6-1CC3-4957-9CA3-053036B2EE3A} - C:\WINDOWS\All Users\Desktop\Glophone.lnk (file missing)
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\PROGRAM FILES\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\PROGRAM FILES\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O12 - Plugin for .dp2: C:\PROGRA~1\INTERN~1\PLUGINS\NPDeskPlayerPlugin.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/region/reg_.../ActiveData.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.dll
O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! GoStop - http://download.games.yahoo.com/games/clients/y/gst1_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: ConferenceRoom Java Client - http://backpack.webmaster.com/backpack/cr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab27571.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab27571.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab27758.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab27591.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {01234567-1234-1234-1234-012345678921} - http://register.voiceglo.com/blue.cab
O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Common Files\svchost.exe
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {11111111-1111-1111-1111-111111111123} - its:mhtml:file://C:.mht!http://69.50.191.52/668/b.chm::/b.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game14.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
O18 - Filter: text/html - {2DCBCA43-39EE-4AAE-87F4-761E9D1CCB3A} - (no file)
O18 - Filter: text/plain - {2DCBCA43-39EE-4AAE-87F4-761E9D1CCB3A} - (no file)

Thanks for your help. :thank1:

Ok this is VERY strange but it seems to be working ok now. I've not actually DONE anything though, except doing that HijackThis log doodah.

So I'm not sure if it'll be ok for good or if it's just temporary. :unsure:

There is no point being slack you ought to shift the crap while you can. (Rolly)



Move to the next step anyway.


Download Ad Aware (BTW any one reading can install this programe it will scan your computer for any spyware and files which have been placed without your say so, its like running a virus scan)
Save aawsepersonal.exe into its own directory, NOT in a TEMPorary folder or on the Desktop.

Make sure to direct the program to install in the c:/program files/adaware/ directory, NOT the default directory.

Open AdAware from Start | Programs | Lavasoft | AdAware.
Select <Check for updates now> (VERY IMPORTANT), <Proceed>

After installation, run the program and click the start button.
Then click the next button.
This lets ad-aware scan your computer.
After ad-aware is done running, hit the next button.
Then right click the area with the listed spy ware objects.
Choose the "Select all objects" option.
At this point all the boxes next to the items should be checked.
Then hit the next button.
It will ask if you want to delete the selected objects. Hit the Okay button. (Its OK it will only be spyware nothing important, if by a random chance it does do something you dont like the files are deleted but also saved so you can restore them back if you have to, #haha#)
Now most of the spyware should have been deleted from your hard drive.

Thanks. I've already got Ad-Aware - I did a scan with it earlier today and it got rid of a lot of the crap. But surprisingly seemed to leave the one thing I was having the problem with. Well <touch wood> it's ok now. Thanks for all your help though.

(--)

OK, but you should really run the Hijack this again and get rid of all the files I list here:

There is a load of porn stuff in that, it might be best to keep an eye on who is using your computer, espically as you have a few hidden dial up program's, would not like to be you when the phone bill arrives :hee: (Unless you know about it already)


During reboot, tap the F8 key. Select Safe Mode and then run "Hijack This" These files will appear somewhere and you tick the box and get rid of them. Make sure you only tick the ones I list.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=93256
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=93256
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,SearchURL = http://4-counter.com/?a=2&b=bon
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {5321E378-FFAD-4999-8C62-03CA8155F0B3} - (no file)
O2 - BHO: (no name) - {B93B7D36-C2D9-651D-5150-B89505E56FCA} - (no file)
O2 - BHO: (no name) - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - (no file)
O2 - BHO: ShprRprts - {2A8A997F-BB9F-48F6-AA2B-2762D50F9289} - C:\PROGRAM FILES\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O4 - HKCU\..\Run: [System Update] C:\WINDOWS\System\webcheck.exe
O4 - HKCU\..\RunServices: [System Update] C:\WINDOWS\System\webcheck.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\PROGRAM FILES\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\PROGRAM FILES\SHOPPERREPORTS\BIN\1.0.5.0\SHPRRPRT.DLL (file missing)
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O16 - DPF: {10000000-1000-0000-1000-000000000000} - file://C:\Program Files\Common Files\svchost.exe
O16 - DPF: {11111111-1111-1111-1111-111111111123} - its:mhtml:file://C:.mht!http://69.50.191.52/668/b.chm::/b.exe
O18 - Filter: text/html - {2DCBCA43-39EE-4AAE-87F4-761E9D1CCB3A} - (no file)
O18 - Filter: text/plain - {2DCBCA43-39EE-4AAE-87F4-761E9D1CCB3A} - (no file)




Also PLEASE PLEASE at least get the Microsoft Internet Service Pack, if not SP2 get ONE!!!! (bEg)

http://www.microsoft.com/windows/ie/downlo...p1/default.mspx

:blah: At work we are always running scans like that too, and we get loads of porn things, but its a bit strange to be fair, I think its out boss having a good time in that dark office with the lights turned down :devil2: because why else would you be looking at porn sites when your working, you'd want to be alone right, or am I missing something? :blah:

Thanks Fawkes I'll give that a shot. Though I'm quite surprised about those supposed dialer things as my anti-virus software is meant to block dialers and spyware.

I might have a tweak with that later and do another scan - only thing is they can take well over an hour. :craze1:

Rightio I've more or less done what you've suggested. I wasn't able to start up in safe mode but I manage to find a lot of the things you suggested to delete. Here's the updated log:

Logfile of HijackThis v1.97.7
Scan saved at 22:54:28, on 20/05/2005
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\EPSON\EBAPI\SAGENT2.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\PSIMSVC.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\PASSRV.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\FIREWALL\PAVFIRES.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\DSLAGENT.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\WINDOWS\SYSTEM\USBMONIT.EXE
C:\WINDOWS\SYSTEM\GSICON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\VOYAGER100TEST\FTS.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLDIAL.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\APVXDWIN.EXE
C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\WEBPROXY.EXE
C:\WINDOWS\SYSTEM\LOADWC.EXE
C:\PROGRAM FILES\AOL 9.0\WAOL.EXE
C:\PROGRAM FILES\AOL 9.0\SHELLMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\PROGRAM FILES\COMMON FILES\AOL\AOLTPSPD.EXE
C:\WINDOWS\PROFILES\GARETH\MY DOCUMENTS\FIXING STUFF\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\SYSTEM\USBMonit.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\Voyager100Test\fts.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Platinum Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Platinum Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [SAgent2ExePath] C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [PSIMSVC] C:\Program Files\Panda Software\Panda Platinum Internet Security\psimsvc.exe
O4 - HKLM\..\RunServices: [Panda Antispam Server Service] C:\PROGRAM FILES\PANDA SOFTWARE\PANDA PLATINUM INTERNET SECURITY\PASSRV.EXE
O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"
O4 - HKLM\..\RunServices: [PavProc] "C:\Program Files\Common Files\Panda Software\PavShld\PavPrS9x.exe"
O4 - HKLM\..\RunServices: [PANDASCHEDULER] "C:\Program Files\Panda Software\Panda Platinum Internet Security\Pavsched.exe"
O4 - HKLM\..\RunServices: [PAVFIRES] C:\Program Files\Panda Software\Panda Platinum Internet Security\Firewall\PavFires.exe
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - User Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - User Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Voiceglo directory (HKLM)
O10 - Unknown file in Winsock LSP: c:\program files\panda software\panda platinum internet security\pavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\panda software\panda platinum internet security\pavlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\panda software\panda platinum internet security\pavlsp.dll
O12 - Plugin for .dp2: C:\PROGRA~1\INTERN~1\PLUGINS\NPDeskPlayerPlugin.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) - http://player.vivo.com/ie/vvweb.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/region/reg_.../ActiveData.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.dll
O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs10_x.cab
O16 - DPF: Yahoo! GoStop - http://download.games.yahoo.com/games/clients/y/gst1_x.cab
O16 - DPF: Yahoo! Klondike Solitaire - http://yog55.games.scd.yahoo.com/yog/y/ks12_x.cab
O16 - DPF: Yahoo! Go Fish - http://download.games.yahoo.com/games/clients/y/zt3_x.cab
O16 - DPF: ConferenceRoom Java Client - http://backpack.webmaster.com/backpack/cr.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab27571.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab27571.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab27758.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab27591.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {01234567-1234-1234-1234-012345678921} - http://register.voiceglo.com/blue.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/computercheckup/qdiagcc.cab
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls.../20/SassCln.CAB
O16 - DPF: {11111111-1111-1111-1111-111111111123} - its:mhtml:file://C:.mht!http://69.50.191.52/668/b.chm::/b.exe
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by102fd.bay102.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game14.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/cha...v45/yacscom.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/cha...t/c381/chat.cab
O16 - DPF: {BB95299D-B65B-47E0-8DDB-697A66298C3A} (UniVoiceX Control) - http://www.webcamnow.com/voice/voice.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net

Sorry I took so long to get back to you Gmanuk, had a busy weekend. I think that looks Ok now...is your pc working normally?

I've have a more detailed look when I get into work on Monday, need to sleep now <>Z

It's kinda ok. My ISP software is being a little uncooperative - not connecting until after a few tries and me having to unplug the modem and plug it back in. Other than that nothing really major, or nothing I've noticed.

:thank1: once again for helping (--)

TOTALLY new different problem this time around: Does anyone know how to remove software that refuses to uninstall if you go via the Control Panel and Add/Remove Programs as I'm trying to uninstall/reinstall my anti-virus software and it's refusing to cooperate!

I've already tried starting the setup program and it doesn't have an uninstall option on it. I'm not sure I want to just delete the folder with the software in just in case I can't reinstall and I'm left with no anti-virus protection. So if anyone has any suggestions at all I'd be very grateful! :thank1:

Can't say anything about the anti-virus thing, as I'm unprotected myself and thus haven't got any experience with that kind of software. :NO:

About your modem-problems: my parents had the same thing when they got their first ADSL-modem. It turned out that the modem was just not really up for the job of delivering great amounts of data, and so it would turn itself off. Result: no internet, and to get it back working it had to be unplugged and replugged and I also prayed and begged to the gods above for the modem to work when restarting it.
The telephonecompany (ADSL is broadband-internet through phonelines) realised there mistake in modemchoice and offered a new one, and since then my parents haven't had any problems with the modem refusing to work.

So it could be that the modem and the sort of internet and in combination with your computer is experiencing some errors, which can be dealt with by your internetprovider and a good modem.

But I'm no internet-expert. Hell, I even worked myself into blood, sweat and tears when my dad asked me to take care of the ADSL-internetconnection.

Thanks for the suggestion. The modem thing is an intermittent problem really sometimes the internet's fine then it suddenly closes and you have to go through the hassle of messing around with the connections.

Touch wood it's been alright for a week or so and apparently the connection's going to be upgraded or configured or something along those lines at some point soon. Maybe then the problem will disappear.