Relatives computer with a recently developed quirk: It works fine for normal computing but once on the internet it becomes unpredictable. Before I have them spend money on a new modem, would you look at these symptoms and see if that is the problem. System is running win98SE with 512K ram which checks okay. It has a video card Radeon7000 I believe. Not sure about the number, it is AGP. The modem is an older serial external Diamonds Supra Express. While playing with it, I reinstalled the video driver, just in case and also the modem driver. When on the internet, it gets quirky by refusing to respond to requests. If told to disconnect, it may or may not. If it refuses, the only recourse is shut down the pc. Mouse becomes uncontrollable, almost a video game of catch the mouse at the right place :-) Is this the time to buy a new modem?

Hi PtBetsie,
My first instinct would be to run all adware, spyware and antivirus programs you have, maybe an online scan too. Then be sure you have all the latest updates for Windows.
I'm sure the guru's will be around soon with more ideas and information.
LG ;)

I agree... Run Ad-Aware SE and Spybot after first updating them... Run an online virus scan like HouseCall and also consider running the trial version of TrojanHunter after manually updating it...

After you do all this, run a HijackThis scan and post it here...

To run HJT, extract it to a permanent folder such as one you create like C:\HJT. Close all open windows and browsers and make sure that all programs are enabled if you use msconfig. Run it and Scan, then Save the log. When the log window appears, Right click to Copy it, open your browser and come here to Paste the entire log. Do not make any changes until it is checked since most items are either benign or essential to the computer.

I did everything but the Hijack and trojanhunter. If I do a google search will I find trojanhunter there? I think I can borrow another modem and may try that to but everything is going to be postponed until we dig out of the snow, once again.

Here is the link for TrojanHunter:

http://www.trojanhunter.com/

Be sure to also get the update for it... it needs to be installed manually on the trial version....

The link for HijackThis is in my signature below...

In between snow storms so I installed a borrowed modem. Prior to install, I check for trojans, all clean. (still haven't done HJT) The new modem is a Creative Modem Blaster, the install went without a hitch. It worked correctly for two days so I thought the problem was solved. This morning, received a call that it is back to it's old tricks or at least one of them. It will not properly or predictably disconnect. Even if you cut off the power, it shows connected on the monitor and trying to tell it to dial brings an error message that the port is already open. To get rid of it, (CTRL ALT DEL dosn't work) you need to reboot. So having them buy a new modem is not going to fix things. What would these two modems have in common other than they are both serial modems. Could the serial port be bad?

It is more likely that you have a dialer or trojan on the machine that is using the modem... Problem with that is that it could be running up HUGE phone bills in the process... I suggest getting that HJT log ASAP... It only take a couple of minutes to download it and get the log....

I just ran HJT and the startup log and have them in a folder. At the top of the message box are different icons. Which one do I choose to attach the files, or is there another method that I should use? Thanks for being patient.

Just copy/paste the HJT log into a Reply... If it won't fit in one reply, break it and post in more than one... DO NOT post the StartupList Log... If we need it, we will ask for it...

Hope this is correct posting.
.Logfile of HijackThis v1.99.0
Scan saved at 9:10:31 PM, on 1/22/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
D:\AVG\AVGCC.EXE
D:\AVG\AVGEMC.EXE
D:\AVG\AVGAMSVR.EXE
D:\SCANNER\CONFIG\EREG\REMIND32.EXE
E:\LOGITECHNEW\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\DESKTOP\HJT\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\ACROBAT\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [OWCCardbusTray] ocbtray.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [AVG7_CC] D:\AVG\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] D:\AVG\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] D:\AVG\AVGAMSVR.EXE
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [InCD] F:\Nero\InCD.exe
O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe
O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - Startup: reminder-ScanSoft Product Registration.lnk = D:\scanner\Config\Ereg\REMIND32.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINDOWS\SYSTEM\E_SRCV03.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

You log looks quite clean... Assuming that you ran TrojanHunter and it was clean, it seems likely that your system is clean... If this is the case, it could indicate a hardware problem as you suspected or it could even be a problem with your ISP... Check all connections to see if anything might be shorting... Also, pick up the phone after turning off the modem... If it is on, that should disconnect it... Other than that, others may have to give you more ideas...

Thanks for all the help. I also suspect the ISP as they have only one local number for dial up ISP and the problem surfaces more often on days when they are getting frequent disconnects.

A couple of other suggestions...

You really need to update IE, the version you are running is quite vulnerable to attack...

Here is my prevention speech to help in keeping your computer clean:

This is a good time to set up protection against further attacks. Read the article linked below about "How did I get infected". You need an antivirus that is updated, a good firewall (a router firewall is not enough) and a spyware blocker like SpywareBlaster and also IE-Spyads. All of these have good free versions available... be very cautious about any security software that advertises in popups or other intrusive ways, they are not only usually useless, but also often have malware in them....

http://www.computercops.biz/postlite7736-.html