no one has sorted my problem

[Guest]

For two months I have tried to get rid of an IE hijacker. It started with about blank, then martfinder etc etc. Sorry, but everyone answers with ..... cw shredder this and spybot that etc..repeat,repeat, repeat. None of them work, I am going around in circles. Can one person actually refrain from responding with an address for yet another adware/spyware site. I do not need addresses of free spyware downloads, we can all search those ourselves! Whoever can rid me of my problems will have their name in lights!!! I have actually asked if someone can recommend an adware removal pay site but what I get back is the usual 1/2 dozen spyware removal info (which does not work)the challenge is on... but please dont give me the usual web addwesses-keep it practical please.

 

[Jay]

For two months I have tried to get rid of an IE hijacker. It started with

about blank, then martfinder etc etc. Sorry, but everyone answers with
...... cw shredder this and spybot that etc..repeat,repeat, repeat. None of
them work, I am going around in circles. Can one person actually refrain
from responding with an address for yet another adware/spyware site. I do
not need addresses of free spyware downloads, we can all search those
ourselves! Whoever can rid me of my problems will have their name in
lights!!! I have actually asked if someone can recommend an adware removal
pay site but what I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please dont give me the
usual web addwesses-keep it practical please.


Do you have this file qjlbba.exe on your PC?
If so, boot to safe mode and delete it.
APPARENTLY!
Is something I read on a forum. So will accept no responsibility.

Jay

 

[jerry]

to keep them out better in internet explorer
,tools,options,advanced,uncheck both 'enable install on
demand'',apply ..also ''disable third party browser
extensions'',apply.
or try a better browser like mozilla.org 'firefox' ..no
hijacks and no active x .
and disable system restore as at times the hijacker will
hide in there and then start a new restore point after
being clean.
and ad-aware does have a pay version with extra bit's.

-----Original Message-----
For two months I have tried to get rid of an IE hijacker.

It started with about blank, then martfinder etc etc.
Sorry, but everyone answers with ..... cw shredder this
and spybot that etc..repeat,repeat, repeat. None of them
work, I am going around in circles. Can one person actually
refrain from responding with an address for yet another
adware/spyware site. I do not need addresses of free
spyware downloads, we can all search those ourselves!
Whoever can rid me of my problems will have their name in
lights!!! I have actually asked if someone can recommend an
adware removal pay site but what I get back is the usual
1/2 dozen spyware removal info (which does not work)the
challenge is on... but please dont give me the usual web
addwesses-keep it practical please.

 

[Crusty \(-: Old B@stard :-\)]

There comes a time, and only you know when that is, that it may be better to
start fresh by doing a format/install. If done properly you can prevent
yourself from becoming re-infected.

1. Get hold of Windows XP SP1, the XP security rollup, ZoneAlarm free
edition (unless you already have another firewall you use) and a good
antivirus program. Note: the built in firewall is insufficient! Save them to
a CD.
2. Physically disconnect the computer from the internet.
3. Perform a clean format/install.
4. Install your motherboard drivers
5. Install SP1 for Windows XP and the XP security rollup.
6. Install your antivirus.
7. Install your firewall program.
8. Shut down the computer. Physically plug in the internet connection.
9. Start Windows
10. Go to Windows update and get the remaining updates. You may have to do
this numerous times to get them all.
11. Update your antivirus. You may have to do this numerous times to get
them all. Do it at least once a week. Many, including myself, get updates
daily!
12. Download and update Ad-Aware 6.1. Run the program.
13. Download and update SpyBot Search & Destroy 1.3. Run the program.
14. Run Ad-Aware and SpyBot at least once a week. Check before running for
new updates. Many, including myself, do it daily!
15. Enjoy your computer!


--
Regards:

Richard Urban

aka Crusty (-: Old B@stard

 

[Guest]

-----Original Message-----
For two months I have tried to get rid of an IE

hijacker. It started with about blank, then martfinder
etc etc. Sorry, but everyone answers with ..... cw
shredder this and spybot that etc..repeat,repeat, repeat.
None of them work, I am going around in circles. Can one
person actually refrain from responding with an address
for yet another adware/spyware site. I do not need
addresses of free spyware downloads, we can all search
those ourselves! Whoever can rid me of my problems will
have their name in lights!!! I have actually asked if
someone can recommend an adware removal pay site but what
I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please
dont give me the usual web addwesses-keep it practical
please.

.
i have seen this on alot of customers computers, and

have used a programme called spy hunter, if you go to my
web site you can use the link there to check it out
(www.lodgeteck.com)it will scan your computer and let you
know if it finds any spy ware or parasites it will give
you a brief discription on what each file can do or does
to you. to get rid of these little suckers unfortunately
you have to purchas the programme which will be around
$29.00 US. Its a great programme and worth a try. I feel
from what you have explained that this will more then
likely fix your problem..
Lodgeteck

 

[Kenny S]

I guess you have already used spybot and adaware.

Now there are 2 other programs you must use if you have not already:


run this

CWShredder: http://www.spywareinfo.com/~merijn/downloads.html

then run this, press scan

HiJackThis
http://www.spychecker.com/program/hijackthis.html

Some of these entries are your problem.

Press the SAVE LOG button, save the log on your hard disk and then open it

and copy all the text and paste it to a post- reply here so we can take a
look at what is actually happeing in your computer.

We will try to sort out the problem

you have to have in mind digging out spyware sometimes is not a very easy
task.....

--
Hope this Helps, let us know!
Kenny S
www.computerboom.net
Freeware and more!

----

For two months I have tried to get rid of an IE hijacker. It started with

about blank, then martfinder etc etc. Sorry, but everyone answers with
...... cw shredder this and spybot that etc..repeat,repeat, repeat. None of
them work, I am going around in circles. Can one person actually refrain
from responding with an address for yet another adware/spyware site. I do
not need addresses of free spyware downloads, we can all search those
ourselves! Whoever can rid me of my problems will have their name in
lights!!! I have actually asked if someone can recommend an adware removal
pay site but what I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please dont give me the
usual web addwesses-keep it practical please.

 

[Guest]

OK. Before you shoot me down in flames, hear me out.
All the spyware removal tools you listed aregood at doing their job. i.e removing spyware after it's installed on your computer. I've got them all and they work well.
If you haven't already tried these, give them a chance: WinPatrol from BillP Studios and SpywareBlaster from Javacool Software. In the case of SpywareBlaster, it silently stops,at present, 2972 items from being installed on your computer.
WinPatrol alerts you before anything unknown to you triws to install itself and gives you the option to allow or deny installation. In your case it's too late for that but I'd recommend you get them anyway.

So, Google for and install BHO Demon. This will list all the BHO's it finds on your computer and allows you to disable them (or allow them to continue). Having YOUR unwelcome BHO's disabled might give you some peace of mind until you find a way to completely get rid of them.
I would also be keeping an eye on websites frequently visited, one or more of them could be the cause of all your woes.

Good Luck
Colin.

 

[kurttrail]

For two months I have tried to get rid of an IE hijacker. It started
with about blank, then martfinder etc etc. Sorry, but everyone
answers with ..... cw shredder this and spybot that
etc..repeat,repeat, repeat. None of them work, I am going around in
circles. Can one person actually refrain from responding with an
address for yet another adware/spyware site. I do not need addresses
of free spyware downloads, we can all search those ourselves! Whoever
can rid me of my problems will have their name in lights!!! I have
actually asked if someone can recommend an adware removal pay site
but what I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please dont give me
the usual web addwesses-keep it practical please.

Back up everything you don't want to lose. Download all the critical
security updates that MS has released since your XP install CD has been
released.

http://www.microsoft.com/technet/security/CurrentDL.aspx

Then do a clean install of Windows XP.

http://www.michaelstevenstech.com/cleanxpinstall.html

And before connecting to the internet, install all the security upates, and
turn on the Windows firewall. Reinstall all your programs, and restore your
data.

Now where do I go to see my name in lights?

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[Kenny S]

you can also kill a fly with a nuclear weapon.

--
Hope this Helps, let us know!
Kenny S
www.computerboom.net
Freeware and more!

----

 

[Crusty \(-: Old B@stard :-\)]

Right below mine (-:

I said the same thing 15 minutes ago (-: (o:

Gotcha!

BTW: I like the Appalachian Trail shots that are on your web page!

--
Regards:

Richard Urban

aka Crusty (-: Old B@stard

 

[kurttrail]

you can also kill a fly with a nuclear weapon.

The OP insinuated she tried just about everything else but. And I was more
interested by having my name in lights than in trying to Kreskin up a easy
fix. ;-)

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[kurttrail]

Right below mine (-:

I said the same thing 15 minutes ago (-: (o:

Nature called in the middle of composing it. Your message was not yet
posted. But if she does it, you do deserve the credit and your crusty old
name up in lights, Richard. [You should know, I really had to struggle with
myself not to shorten your name] ;-)

Gotcha!

Yep!

BTW: I like the Appalachian Trail shots that are on your web page!

Thanks. <blushing>

--
Peace!
Kurt
Self-anointed Moderator
microscum.pubic.windowsexp.gonorrhea
http://microscum.com
"Trustworthy Computing" is only another example of an Oxymoron!
"Produkt-Aktivierung macht frei!"

 

[Steve Nielsen]

For two months I have tried to get rid of an IE hijacker. It started
with about blank, then martfinder etc etc. Sorry, but everyone
answers with ..... cw shredder this and spybot that
etc..repeat,repeat, repeat. None of them work, I am going around in
circles. Can one person actually refrain from responding with an
address for yet another adware/spyware site. I do not need addresses
of free spyware downloads, we can all search those ourselves! Whoever
can rid me of my problems will have their name in lights!!! I have
actually asked if someone can recommend an adware removal pay site
but what I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please dont give me
the usual web addwesses-keep it practical please.

Angela, without including all the details of your problem no one can
offer you any meaningful advice besides backup your data, nuke and re-build.

Steve

 

[Tumbleweed]

Use an alternative browser...there you go, please can I have my name in
lights now

(If you keep getting all these different hijacks one after the other you are
doing something seriously wrong so whatever fixes your problem with a
specific hijack, obviously its going to come back again anyway, so my
suggestion is obviously the only logical one for you

 

[Steve Nielsen]

Use an alternative browser...there you go, please can I have my name in
lights now

(If you keep getting all these different hijacks one after the other you are
doing something seriously wrong so whatever fixes your problem with a
specific hijack, obviously its going to come back again anyway, so my
suggestion is obviously the only logical one for you

Good point.

<*FLASHY*FLASHY*LIGHTS*> Tumbleweed <*FLASHY*FLASHY*LIGHTS*>

There. Are you happy now?

Steve

 

[Guest]

Angela,

I know exactly the problem that you are having and that is the reason why I'm using Mozilla to post this note.

I got infected with the same malware and after searching virtually all newsgroups accepted that nobody has ever been able to clean it on XP machines (apparently is possible on 98 computers).
I'm also tired of trying spyware software that do not remove the problem (find the consequences but do not cure the problem).

It appears to be caused by a dll that is not visible from windows and that uses random names.

I have my Win XP CD next to me and I'm ready to take the plunge.
Good luck and see you at the other side.

 

[Kelly]

What is the name of it Angela?

 

[Ross Durie]

There is no "automated" anti-spyware removal tool for this type infection.
There are 2 DLLs involved, the "BHO" DLL which you see in your log and the
main culprit which is totally hidden. Removing the "BHO" DLL has no effect
as it (main culprit) will simply generate a new BHO DLL.

Ok, here goes ... this is my "How To:" (Hint: print out the below)

[Tools and files needed]

Download: "RepairAppInit.reg" (XP\2K only!)
http://www.mvps.org/winhelp2002/RepairAppInit.reg
Do not do anything with this file yet, it will be needed later.

Download: CWShredder
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Unzip, but do not run it yet, it will be needed later.

Download: Ad-Aware
http://www.lavasoft.de/software/adaware/
Install, but do not run it yet, it will be needed later.

Download: Find-All.zip
http://www10.brinkster.com/expl0iter/freeatlast/pvtool.htm
Unzip, but do not run it yet, it will be needed later.

Download: WINFILE.zip
http://www10.brinkster.com/expl0iter/freeatlast/WINFILE.zip
Unzip, but do not run it yet, it will be needed later.

Download: Registrar Lite [freeware]
http://www.resplendence.com/download
Install, but do not run it yet, it will be needed later.

[Step1]

Double-click the included "Find-All.bat" file from Find-All.zip.
Generates: "output.txt"
Note: if infected you will see:

Locked file(s) found...
C:\WINDOWS\System32\<filename> +++ File read error
Where "<filename>" is the hidden invisable installer.
Note: "+++ File read error" is not an error, this just identifies the
culprit.

[Step2]

Run "Registrar Lite" and navigate to:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
Double click on "AppInit_DLLs" entry (right pane)
The size will likely be something other than "1" (if infected)
IMPORTANT: Make a note of the filename and location (folder)

[Step3]

Rename the highlighted "Windows" key (left pane)
To rename: Right-click and select: Rename
(type) NoWindows


Double-click "AppInit_DLLs" again (right pane)
Clear (delete) the "Value" containing the .dll and click Ok.


IMPORTANT: Rename the "NoWindows" key (left pane)
To rename: Right-click and select: Rename
(type) "Windows" (no quotes) and close RegLite.

[Step 4]

Using Windows Explorer go to your root drive: (typically) "C:\"
Click File (up top) select: New > Folder
(type) "Junk" (no quotes)

Open Winfile

Navigate to System32 folder.
Click File (up top) select: Move

Copy and paste this into the 'From' box: C:\WINDOWS\System32\<filename>.dll
Copy and paste this into the 'To' box: C:\Junk\<filename>.dll

Note: where "<filename>" = culprit dll from "output.txt"

Click OK. Close Winfile
Open Windows Explorer and check in C:\Junk for the "<filename>.dll" file.

At this point see if you can rename the "<filename>.dll"
Do this several time, changing the name and extension each time.
Then see if you can "Move" to "A:\" (floppy)

[Step 5]

Locate: "RepairAppInit.reg" right-click and select: Merge
Ok the prompt

[Step 6]

Open Regedit (Start | Run (type) "regedit" (no quotes)
Use the Search function for the <filename>.dll
Click: Edit (up top) select: Find
(type) <filename>.dll, click: Find Next

Note: where "<filename>" = culprit dll from "output.txt"

Remove all instances found.Press "F3" to continue searching
until you see the "Completed" message.

Next repeat the above steps, subsitute the "secondary dll"
From: "text/html" as seen in the "output.txt"


[Step 7]

Run CWShredder and reboot.

[Step 8]
Run Ad-Aware

Reconfigure Ad-Aware for Full Scan:
Please update the reference file following the instructions here:
http://www.lavahelp.com/howto/updref/index.html

Launch the program, and click on the Gear at the top of the start screen.

Click the "Scanning" button.
Under Drives & Folders, select "Scan within Archives".
Click "Click here to select Drives + folders" and select your installed hard
drives.

Under Memory & Registry, select all options.
Click the "Advanced" button.
Under "Log-file detail", select all options.
Click the "Tweaks" button.

Under "Scanning Engine", select the following:
"Include additional Ad-aware settings in logfile" and
"Unload recognized processes during scanning."
Under "Cleaning Engine", select the following:
"Let Windows remove files in use after reboot."
Click on 'Proceed' to save these Preferences.
Please make sure that you activate IN-DEPTH scanning before you proceed.

After the above post a fresh log ...
--

Disclaimer: Renaming the "Windows" key modified some security settings.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

Right-click the "Windows" key, select: Permissions

[Example]
Before renaming the "Windows" key:

"Path"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows"
"Read":
*"Administrators
*Power Users
*Users"
"Write"
*"Administrators"

--
[Example]

After Renaming the key:

"Path"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows"
"Read":
***"Everyone"***
"Write"
*"Administrators
--

You need to check that and if 'Everyone' was added (as seen above)
You need to reset your original settings as follows:
Note: do this after removing the infection.

Right-click "Windows", select: Permissions
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

Click Advanced [button]
If the "inherit permissions" box is checked = Uncheck it.
Then select "COPY" on the prompt.

Select "Everyone Group" (if listed) and remove. (only the group)
You can individually view/edit each group settings.
Be sure "Administrators" and "System" have full control on all.
Note: Creator owner full control on Sub keys only.
"Power users" and "users" = "read control".


--
Ross

Angela,

I know exactly the problem that you are having and that is the reason why

I'm using Mozilla to post this note.

I got infected with the same malware and after searching virtually all

newsgroups accepted that nobody has ever been able to clean it on XP
machines (apparently is possible on 98 computers).

I'm also tired of trying spyware software that do not remove the problem

(find the consequences but do not cure the problem).

It appears to be caused by a dll that is not visible from windows and that uses random names.

I have my Win XP CD next to me and I'm ready to take the plunge.
Good luck and see you at the other side.

with about blank, then martfinder etc etc. Sorry, but everyone answers with
...... cw shredder this and spybot that etc..repeat,repeat, repeat. None of
them work, I am going around in circles. Can one person actually refrain
from responding with an address for yet another adware/spyware site. I do
not need addresses of free spyware downloads, we can all search those
ourselves! Whoever can rid me of my problems will have their name in
lights!!! I have actually asked if someone can recommend an adware removal
pay site but what I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please dont give me the
usual web addwesses-keep it practical please.

 

[Kelly]

What is the name of it, Ross?

There is no "automated" anti-spyware removal tool for this type infection.
There are 2 DLLs involved, the "BHO" DLL which you see in your log and the
main culprit which is totally hidden. Removing the "BHO" DLL has no effect
as it (main culprit) will simply generate a new BHO DLL.

Ok, here goes ... this is my "How To:" (Hint: print out the below)

[Tools and files needed]

Download: "RepairAppInit.reg" (XP\2K only!)
http://www.mvps.org/winhelp2002/RepairAppInit.reg
Do not do anything with this file yet, it will be needed later.

Download: CWShredder
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Unzip, but do not run it yet, it will be needed later.

Download: Ad-Aware
http://www.lavasoft.de/software/adaware/
Install, but do not run it yet, it will be needed later.

Download: Find-All.zip
http://www10.brinkster.com/expl0iter/freeatlast/pvtool.htm
Unzip, but do not run it yet, it will be needed later.

Download: WINFILE.zip
http://www10.brinkster.com/expl0iter/freeatlast/WINFILE.zip
Unzip, but do not run it yet, it will be needed later.

Download: Registrar Lite [freeware]
http://www.resplendence.com/download
Install, but do not run it yet, it will be needed later.

[Step1]

Double-click the included "Find-All.bat" file from Find-All.zip.
Generates: "output.txt"
Note: if infected you will see:

Locked file(s) found...
C:\WINDOWS\System32\<filename> +++ File read error
Where "<filename>" is the hidden invisable installer.
Note: "+++ File read error" is not an error, this just identifies the
culprit.

[Step2]

Run "Registrar Lite" and navigate to:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
Double click on "AppInit_DLLs" entry (right pane)
The size will likely be something other than "1" (if infected)
IMPORTANT: Make a note of the filename and location (folder)

[Step3]

Rename the highlighted "Windows" key (left pane)
To rename: Right-click and select: Rename
(type) NoWindows


Double-click "AppInit_DLLs" again (right pane)
Clear (delete) the "Value" containing the .dll and click Ok.


IMPORTANT: Rename the "NoWindows" key (left pane)
To rename: Right-click and select: Rename
(type) "Windows" (no quotes) and close RegLite.

[Step 4]

Using Windows Explorer go to your root drive: (typically) "C:\"
Click File (up top) select: New > Folder
(type) "Junk" (no quotes)

Open Winfile

Navigate to System32 folder.
Click File (up top) select: Move

Copy and paste this into the 'From' box:
C:\WINDOWS\System32\<filename>.dll
Copy and paste this into the 'To' box: C:\Junk\<filename>.dll

Note: where "<filename>" = culprit dll from "output.txt"

Click OK. Close Winfile
Open Windows Explorer and check in C:\Junk for the "<filename>.dll" file.

At this point see if you can rename the "<filename>.dll"
Do this several time, changing the name and extension each time.
Then see if you can "Move" to "A:\" (floppy)

[Step 5]

Locate: "RepairAppInit.reg" right-click and select: Merge
Ok the prompt

[Step 6]

Open Regedit (Start | Run (type) "regedit" (no quotes)
Use the Search function for the <filename>.dll
Click: Edit (up top) select: Find
(type) <filename>.dll, click: Find Next

Note: where "<filename>" = culprit dll from "output.txt"

Remove all instances found.Press "F3" to continue searching
until you see the "Completed" message.

Next repeat the above steps, subsitute the "secondary dll"
From: "text/html" as seen in the "output.txt"


[Step 7]

Run CWShredder and reboot.

[Step 8]
Run Ad-Aware

Reconfigure Ad-Aware for Full Scan:
Please update the reference file following the instructions here:
http://www.lavahelp.com/howto/updref/index.html

Launch the program, and click on the Gear at the top of the start screen.

Click the "Scanning" button.
Under Drives & Folders, select "Scan within Archives".
Click "Click here to select Drives + folders" and select your installed
hard
drives.

Under Memory & Registry, select all options.
Click the "Advanced" button.
Under "Log-file detail", select all options.
Click the "Tweaks" button.

Under "Scanning Engine", select the following:
"Include additional Ad-aware settings in logfile" and
"Unload recognized processes during scanning."
Under "Cleaning Engine", select the following:
"Let Windows remove files in use after reboot."
Click on 'Proceed' to save these Preferences.
Please make sure that you activate IN-DEPTH scanning before you proceed.

After the above post a fresh log ...
--

Disclaimer: Renaming the "Windows" key modified some security settings.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

Right-click the "Windows" key, select: Permissions

[Example]
Before renaming the "Windows" key:

"Path"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows"
"Read":
*"Administrators
*Power Users
*Users"
"Write"
*"Administrators"

--
[Example]

After Renaming the key:

"Path"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows"
"Read":
***"Everyone"***
"Write"
*"Administrators
--

You need to check that and if 'Everyone' was added (as seen above)
You need to reset your original settings as follows:
Note: do this after removing the infection.

Right-click "Windows", select: Permissions
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

Click Advanced [button]
If the "inherit permissions" box is checked = Uncheck it.
Then select "COPY" on the prompt.

Select "Everyone Group" (if listed) and remove. (only the group)
You can individually view/edit each group settings.
Be sure "Administrators" and "System" have full control on all.
Note: Creator owner full control on Sub keys only.
"Power users" and "users" = "read control".


--
Ross

Angela,

I know exactly the problem that you are having and that is the reason why

I'm using Mozilla to post this note.

I got infected with the same malware and after searching virtually all

newsgroups accepted that nobody has ever been able to clean it on XP
machines (apparently is possible on 98 computers).

I'm also tired of trying spyware software that do not remove the problem

(find the consequences but do not cure the problem).

It appears to be caused by a dll that is not visible from windows and
that uses random names.

I have my Win XP CD next to me and I'm ready to take the plunge.
Good luck and see you at the other side.

with about blank, then martfinder etc etc. Sorry, but everyone answers
with
..... cw shredder this and spybot that etc..repeat,repeat, repeat. None of
them work, I am going around in circles. Can one person actually refrain
from responding with an address for yet another adware/spyware site. I do
not need addresses of free spyware downloads, we can all search those
ourselves! Whoever can rid me of my problems will have their name in
lights!!! I have actually asked if someone can recommend an adware removal
pay site but what I get back is the usual 1/2 dozen spyware removal info
(which does not work)the challenge is on... but please dont give me the
usual web addwesses-keep it practical please.

 

[David Candy]

There is no such thing as a dll not visible to windows.