basiclife
asked on
Loads of spyware problems (and I've tried the obvious)
Hi everyone
Problems: When surfing, I get an ie window load (hidden until an ad is displayed). I'm damned if I can work out why. I've done EVERYTHING I can think of. I believe it modifys the code of the incoming page to load some JavaScript (I get javascript errors on almost EVERY page I go to and when there's an error, no popup)
OK, I've run:
msconfig and removed everything I don't want running
Adaware 6
SpyBot
HiJackThis
I have a program called alg.exe running as a local service but don't want to kill it as I suspect it may be for my Alcatel Speedtouch modem (anyone know?)
Below is a dump of all running processes:
Process PID CPU CPU Time Priority Description User Name Command Line
System Idle Process 0 54 15:31:11.238 0 NT AUTHORITY\SYSTEM
Interrupts 0 0:12:40.643 0 Hardware Interrupts
DPCs 0 5 0:38:31.894 0 Deferred Procedure Calls
System 4 2 0:16:03.685 8 NT AUTHORITY\SYSTEM
smss.exe 464 0:00:00.070 11 Windows NT Session Manager NT AUTHORITY\SYSTEM \SystemRoot\System32\smss. exe
csrss.exe 520 0:01:54.354 13 Client Server Runtime Process NT AUTHORITY\SYSTEM C:\WINDOWS\system32\csrss. exe ObjectDirectory=\Windows SharedSection=1024,3072,51 2 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServe rDllInitia lization,3 ServerDll=winsrv:ConServer DllInitial ization,2 ProfileControl=Off MaxReque{ÖwC:\Procexp.txt
winlogon.exe 544 0:00:02.824 13 Windows NT Logon Application NT AUTHORITY\SYSTEM winlogon.exe
services.exe 588 1 0:00:04.536 9 Services and Controller app NT AUTHORITY\SYSTEM C:\WINDOWS\system32\servic es.exe
svchost.exe 776 0:00:01.141 8 Generic Host Process for Win32 Services NT AUTHORITY\SYSTEM C:\WINDOWS\system32\svchos t -k rpcss
IEXPLORE.EXE 1444 0:03:40.457 8 Internet Explorer SOWARE\Administrator "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
svchost.exe 824 0:02:50.535 8 Generic Host Process for Win32 Services NT AUTHORITY\SYSTEM C:\WINDOWS\System32\svchos t.exe -k netsvcs
svchost.exe 980 0:00:01.792 8 Generic Host Process for Win32 Services NT AUTHORITY\NETWORK SERVICE C:\WINDOWS\System32\svchos t.exe -k NetworkService
svchost.exe 996 0:01:27.325 8 Generic Host Process for Win32 Services NT AUTHORITY\LOCAL SERVICE C:\WINDOWS\System32\svchos t.exe -k LocalService
spoolsv.exe 1104 0:00:00.120 8 Spooler SubSystem App NT AUTHORITY\SYSTEM C:\WINDOWS\system32\spools v.exe
alg.exe 1596 0:00:00.080 8 Application Layer Gateway Service NT AUTHORITY\LOCAL SERVICE C:\WINDOWS\System32\alg.ex e
gearsec.exe 1636 0:00:00.030 8 gearsec NT AUTHORITY\SYSTEM C:\WINDOWS\System32\gearse c.exe
mdm.exe 1676 0:00:04.256 8 Machine Debug Manager NT AUTHORITY\SYSTEM "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
nvsvc32.exe 1784 0:00:00.310 8 NT AUTHORITY\SYSTEM C:\WINDOWS\System32\nvsvc3 2.exe
lsass.exe 600 0:00:06.919 9 LSA Shell (Export Version) NT AUTHORITY\SYSTEM C:\WINDOWS\system32\lsass. exe
explorer.exe 1452 0:17:20.546 8 Windows Explorer SOWARE\Administrator C:\WINDOWS\Explorer.EXE
dragdiag.exe 1536 0:01:00.587 8 SpeedTouch Statistics SOWARE\Administrator "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
msnmsgr.exe 1564 0:00:09.523 8 MSN Messenger SOWARE\Administrator "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
boinc_gui.exe 1668 0:00:02.173 8 boinc_gui SOWARE\Administrator "C:\Program Files\BOINC\boinc_gui.exe" -min
setiathome_3.08_windows_in telx86.exe 2020 0:00:31.405 4 SOWARE\Administrator projects\setiathome.berkel ey.edu\set iathome_3. 08_windows _intelx86. exe
getright.exe 1688 0:00:00.460 8 GetRight® www.getright.com SOWARE\Administrator "C:\Program Files\GetRight\getright.ex e"
getright.exe 1724 0:00:06.289 8 GetRight® www.getright.com SOWARE\Administrator "C:\Program Files\GetRight\getright.ex e"
btdownloadgui.exe 2396 3 0:12:19.202 8 SOWARE\Administrator "C:\Program Files\BitTorrent\btdownloa dgui.exe" --responsefile "C:\Downloads\Beautiful Agony[www.lokitorrent.com].torrent"
Client.exe 1704 5 0:25:51.130 8 SOWARE\Administrator "C:\Program Files\Samurize\Client.exe" i=Default
procexp.exe 2204 3 0:00:04.055 13 Sysinternals Process Explorer SOWARE\Administrator "D:\procexpnt\procexp.exe"
msimn.exe 2752 0:00:27.699 8 Outlook Express SOWARE\Administrator "C:\Program Files\Outlook Express\msimn.exe"
wmplayer.exe 3236 23 2:02:51.329 8 Windows Media Player SOWARE\Administrator "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:8 /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAA AAOABAAAAA AAAAAAAAAM AAAAAAAAAA AAGEAAAAAA AAFAAAAAAA JKDMFFPPFJ DLJDKKIMDO OHFBBDPDEM LGEAAOAAAA MKFAAENAIL ICJOIEMLEJ KJAEAAAAAA AA
notepad.exe 1432 2 0:00:00.270 8 Notepad SOWARE\Administrator C:\WINDOWS\system32\NOTEPA D.EXE c:\Procexp.txt
webshots.scr 1736 0:00:12.618 8 Webshots Photo Manager SOWARE\Administrator C:\WINDOWS\webshots.scr /t
btdownloadgui.exe 1816 0:16:49.481 8 SOWARE\Administrator "C:\Program Files\BitTorrent\btdownloa dgui.exe" --responsefile "C:\Documents and Settings\Administrator\Des ktop\Horny Bunnies_ [by]_ www.zaebok.net.torrent"
btdownloadgui.exe 1468 5 0:25:18.353 8 SOWARE\Administrator "C:\Program Files\BitTorrent\btdownloa dgui.exe" --responsefile "C:\Documents and Settings\Administrator\Des ktop\BASIC _INSTINCT_ SCN.torren t"
Process: Procexp Pid: -2
ProceXP is the program doing the dump, webshots is a desktoip manager (I like it, anyway), boinc is the latest seti@home thing, torrent/getright are there by choice.
Next, a dump from hijackthis:
Running processes:
C:\WINDOWS\System32\smss.e xe
C:\WINDOWS\system32\winlog on.exe
C:\WINDOWS\system32\servic es.exe
C:\WINDOWS\system32\lsass. exe
C:\WINDOWS\system32\svchos t.exe
C:\WINDOWS\System32\svchos t.exe
C:\WINDOWS\system32\spools v.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\gearse c.exe ???
C:\Program Files\BOINC\boinc_gui.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\GetRight\getright.ex e
C:\Program Files\Samurize\Client.exe
C:\Program Files\GetRight\getright.ex e
C:\WINDOWS\webshots.scr
C:\WINDOWS\System32\nvsvc3 2.exe ???
C:\Program Files\BOINC\projects\setia thome.berk eley.edu\s etiathome_ 3.08_windo ws_intelx8 6.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\BitTorrent\btdownloa dgui.exe
C:\Program Files\BitTorrent\btdownloa dgui.exe
C:\Program Files\BitTorrent\btdownloa dgui.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\procexpnt\procexp.exe
C:\Downloads\HijackThis.ex e
F2 - REG:system.ini: UserInit=C:\Windows\System 32\wsaupda ter.exe,
O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-D D56626C6C4 2} - C:\WINDOWS\twaintec.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7 84B7D6BE0B 3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEH elper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C F10577473F 7} - c:\program files\google\googletoolbar 1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0 0A0C908246 7} - C:\WINDOWS\System32\msdxm. ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0 09027A5CD4 F} - c:\program files\google\googletoolbar 1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl. dll,NvStar tup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Samurize.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.ex e
O4 - Global Startup: BOINC.lnk = C:\Program Files\BOINC\boinc_gui.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.ex e
O6 - HKCU\Software\Policies\Mic rosoft\Int ernet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Mic rosoft\Int ernet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Mic rosoft\Int ernet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Mic rosoft\Int ernet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar 1.dll/cmse arch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar 1.dll/cmba cklinks.ht ml
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar 1.dll/cmca che.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload. htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3 \Office10\ EXCEL.EXE/ 3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.ht m
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar 1.dll/cmsi milar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar 1.dll/cmtr ans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0 0401C60850 1} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0 0C04F79568 3} - C:\Program Files\Messenger\MSMSGS.EXE
O17 - HKLM\System\CCS\Services\T cpip\..\{A 45D9D7A-19 70-49DC-A9 82-1433C66 019DA}: NameServer = <hidden by Basiclife>
O17 - HKLM\System\CCS\Services\T cpip\..\{D 6C5F498-6B 8E-4D4C-AB A6-16EC5C2 4AF95}: NameServer = <hidden by Basiclife>
Not usre about nwiz and what is nvsvc32? I'm guessing it's a 32-bit service of some kind... Also not sure about wsaupdater.
Google toolbar is there by choice, so is Samurise
Problems: When surfing, I get an ie window load (hidden until an ad is displayed). I'm damned if I can work out why. I've done EVERYTHING I can think of. I believe it modifys the code of the incoming page to load some JavaScript (I get javascript errors on almost EVERY page I go to and when there's an error, no popup)
OK, I've run:
msconfig and removed everything I don't want running
Adaware 6
SpyBot
HiJackThis
I have a program called alg.exe running as a local service but don't want to kill it as I suspect it may be for my Alcatel Speedtouch modem (anyone know?)
Below is a dump of all running processes:
Process PID CPU CPU Time Priority Description User Name Command Line
System Idle Process 0 54 15:31:11.238 0 NT AUTHORITY\SYSTEM
Interrupts 0 0:12:40.643 0 Hardware Interrupts
DPCs 0 5 0:38:31.894 0 Deferred Procedure Calls
System 4 2 0:16:03.685 8 NT AUTHORITY\SYSTEM
smss.exe 464 0:00:00.070 11 Windows NT Session Manager NT AUTHORITY\SYSTEM \SystemRoot\System32\smss.
csrss.exe 520 0:01:54.354 13 Client Server Runtime Process NT AUTHORITY\SYSTEM C:\WINDOWS\system32\csrss.
winlogon.exe 544 0:00:02.824 13 Windows NT Logon Application NT AUTHORITY\SYSTEM winlogon.exe
services.exe 588 1 0:00:04.536 9 Services and Controller app NT AUTHORITY\SYSTEM C:\WINDOWS\system32\servic
svchost.exe 776 0:00:01.141 8 Generic Host Process for Win32 Services NT AUTHORITY\SYSTEM C:\WINDOWS\system32\svchos
IEXPLORE.EXE 1444 0:03:40.457 8 Internet Explorer SOWARE\Administrator "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
svchost.exe 824 0:02:50.535 8 Generic Host Process for Win32 Services NT AUTHORITY\SYSTEM C:\WINDOWS\System32\svchos
svchost.exe 980 0:00:01.792 8 Generic Host Process for Win32 Services NT AUTHORITY\NETWORK SERVICE C:\WINDOWS\System32\svchos
svchost.exe 996 0:01:27.325 8 Generic Host Process for Win32 Services NT AUTHORITY\LOCAL SERVICE C:\WINDOWS\System32\svchos
spoolsv.exe 1104 0:00:00.120 8 Spooler SubSystem App NT AUTHORITY\SYSTEM C:\WINDOWS\system32\spools
alg.exe 1596 0:00:00.080 8 Application Layer Gateway Service NT AUTHORITY\LOCAL SERVICE C:\WINDOWS\System32\alg.ex
gearsec.exe 1636 0:00:00.030 8 gearsec NT AUTHORITY\SYSTEM C:\WINDOWS\System32\gearse
mdm.exe 1676 0:00:04.256 8 Machine Debug Manager NT AUTHORITY\SYSTEM "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
nvsvc32.exe 1784 0:00:00.310 8 NT AUTHORITY\SYSTEM C:\WINDOWS\System32\nvsvc3
lsass.exe 600 0:00:06.919 9 LSA Shell (Export Version) NT AUTHORITY\SYSTEM C:\WINDOWS\system32\lsass.
explorer.exe 1452 0:17:20.546 8 Windows Explorer SOWARE\Administrator C:\WINDOWS\Explorer.EXE
dragdiag.exe 1536 0:01:00.587 8 SpeedTouch Statistics SOWARE\Administrator "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
msnmsgr.exe 1564 0:00:09.523 8 MSN Messenger SOWARE\Administrator "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
boinc_gui.exe 1668 0:00:02.173 8 boinc_gui SOWARE\Administrator "C:\Program Files\BOINC\boinc_gui.exe"
setiathome_3.08_windows_in
getright.exe 1688 0:00:00.460 8 GetRight® www.getright.com SOWARE\Administrator "C:\Program Files\GetRight\getright.ex
getright.exe 1724 0:00:06.289 8 GetRight® www.getright.com SOWARE\Administrator "C:\Program Files\GetRight\getright.ex
btdownloadgui.exe 2396 3 0:12:19.202 8 SOWARE\Administrator "C:\Program Files\BitTorrent\btdownloa
Client.exe 1704 5 0:25:51.130 8 SOWARE\Administrator "C:\Program Files\Samurize\Client.exe"
procexp.exe 2204 3 0:00:04.055 13 Sysinternals Process Explorer SOWARE\Administrator "D:\procexpnt\procexp.exe"
msimn.exe 2752 0:00:27.699 8 Outlook Express SOWARE\Administrator "C:\Program Files\Outlook Express\msimn.exe"
wmplayer.exe 3236 23 2:02:51.329 8 Windows Media Player SOWARE\Administrator "C:\Program Files\Windows Media Player\wmplayer.exe" /prefetch:8 /SHELLHLP_V9 Play /DataObject:NEFEPEHFBAAAAA
notepad.exe 1432 2 0:00:00.270 8 Notepad SOWARE\Administrator C:\WINDOWS\system32\NOTEPA
webshots.scr 1736 0:00:12.618 8 Webshots Photo Manager SOWARE\Administrator C:\WINDOWS\webshots.scr /t
btdownloadgui.exe 1816 0:16:49.481 8 SOWARE\Administrator "C:\Program Files\BitTorrent\btdownloa
btdownloadgui.exe 1468 5 0:25:18.353 8 SOWARE\Administrator "C:\Program Files\BitTorrent\btdownloa
Process: Procexp Pid: -2
ProceXP is the program doing the dump, webshots is a desktoip manager (I like it, anyway), boinc is the latest seti@home thing, torrent/getright are there by choice.
Next, a dump from hijackthis:
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\spools
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\gearse
C:\Program Files\BOINC\boinc_gui.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\GetRight\getright.ex
C:\Program Files\Samurize\Client.exe
C:\Program Files\GetRight\getright.ex
C:\WINDOWS\webshots.scr
C:\WINDOWS\System32\nvsvc3
C:\Program Files\BOINC\projects\setia
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\BitTorrent\btdownloa
C:\Program Files\BitTorrent\btdownloa
C:\Program Files\BitTorrent\btdownloa
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\procexpnt\procexp.exe
C:\Downloads\HijackThis.ex
F2 - REG:system.ini: UserInit=C:\Windows\System
O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-D
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-0
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Samurize.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.ex
O4 - Global Startup: BOINC.lnk = C:\Program Files\BOINC\boinc_gui.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.ex
O6 - HKCU\Software\Policies\Mic
O6 - HKCU\Software\Policies\Mic
O6 - HKLM\Software\Policies\Mic
O6 - HKLM\Software\Policies\Mic
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.ht
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O17 - HKLM\System\CCS\Services\T
O17 - HKLM\System\CCS\Services\T
Not usre about nwiz and what is nvsvc32? I'm guessing it's a 32-bit service of some kind... Also not sure about wsaupdater.
Google toolbar is there by choice, so is Samurise
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
variant of BlazeFind adaware,,,, u need to edit the registry entry before removing it via spyware removal tools, otherwise u will be unable to login to windows !!!!!
ASKER
Congratulatios:- You just gave me a heart attack :D
I did nuke the offending link (rather than repair) and then my computer died due to a power cut. Fortunately, there's a reg entry of OldUserinit which has the correct setting. I'm guessing windows defaulted to this *phew* Either way, the iefix took worked fine except that after DLing the new version of IE it gave me an error similar to the "untested driver" except that it was "untested / unsigned software" and wouldn't let me re-install ie. I undid the registry nuking of my current version and played on a bit. Seems to all be working now, except that MSN is now unable o interact with outlook express (oh, no!) but tbh that's an improvement as well so no complaints.
I'll browse the web for an hour or so and see if I get any more popups. If not, the points are yours :-D
I did nuke the offending link (rather than repair) and then my computer died due to a power cut. Fortunately, there's a reg entry of OldUserinit which has the correct setting. I'm guessing windows defaulted to this *phew* Either way, the iefix took worked fine except that after DLing the new version of IE it gave me an error similar to the "untested driver" except that it was "untested / unsigned software" and wouldn't let me re-install ie. I undid the registry nuking of my current version and played on a bit. Seems to all be working now, except that MSN is now unable o interact with outlook express (oh, no!) but tbh that's an improvement as well so no complaints.
I'll browse the web for an hour or so and see if I get any more popups. If not, the points are yours :-D
>> except that MSN is now unable o interact with outlook express (oh, no!)
u mean windows messenger ??
if yes then u must have disabled messenger service like this >> http://www.itc.virginia.edu/desktop/docs/messagepopup/
u mean windows messenger ??
if yes then u must have disabled messenger service like this >> http://www.itc.virginia.edu/desktop/docs/messagepopup/
ASKER
No I mean MSN messenger (Chat program) I use trillian anyway but have never gotten around to disabling MSN at startup. If you use outlook express, it tries to import the MSN contacts as email contacts. This is INCREDIBLY irritating, as it means MSN won't close unless outlook is closed and MSN launches with outlook. I don't use MSN but I do (for my sins) use outlook. Normally, the only way to kill MSN without outlook is to kill the process. Now, it doesn't seem to object which is nice. I'll eventually get round to disabling MSN altogether but since I only reboot my machine about once a fortnight (or more) it's not a major nag.
On a different note, browsing seems to be going fine so
*drum roll*
THE POINTS!
On a different note, browsing seems to be going fine so
*drum roll*
THE POINTS!
ASKER
On a different note, I think my computer is getting sluggish form all the s**t I install and then remove so I think a reinstall is about due. The problem is finding somewhere to store the approx. 200GB of useful data I have. Looks like time to buy another few HDDs and a use my RAID array ot the full potential
yeah u can think,,,, when a person rolls a bag on ground from a place to another, and then the other person comes and rolls it back to the original place,,,, how sluggish will it be ;-)
same applies to computers i think,,,, i dont take them as machines most of the times,,,,, i have spent that much time with them, that i have started to think abt their "Sufferings" :D
same applies to computers i think,,,, i dont take them as machines most of the times,,,,, i have spent that much time with them, that i have started to think abt their "Sufferings" :D
ASKER