I picked up something--probably going through the e-card sites looking for that Blue Moon card. I have two new items in Close Programs-- SMC, which is always a 'not responding,' and KDX, which goes with something called "gamespot". I fixed the two 016 items that had gamespot in them figuring that would get rid of it (it's my birthday, these things are not supposed to happen on your birthday...), then I thought I'd better post the log because they are still in Close Programs. I have a bunch of 09 items that I don't recognize. . . Thanks


Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ESET\NOD32KRN.EXE
C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\PCTVOICE.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\COMPAQ\CPQINET\CPQINET.EXE
C:\PROGRAM FILES\COMPAQ\DIGITAL DASHBOARD\DEVGULP.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\ESET\NOD32KUI.EXE
C:\WINDOWS\KDX\KHOST.EXE
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\MY DOCUMENTS\BUG BITERS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=search&LC=0409
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcguide.com/vb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=search&LC=0409
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.presario.net/scripts/redirectors/presario/srchredir.dll?c=3c00&s=searchbar&LC=0409
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: EarthLink Popup Blocker - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: Pop-Up Blocker - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
O4 - HKLM\..\Run: [Digital Dashboard] C:Program Files\Compaq\Digital Dashboard\DevGulp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\KDX\KHOST.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\SYGATE\SPF\SMC.EXE -startgui
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"
O4 - HKLM\..\RunServices: [SmcService] C:\PROGRAM FILES\SYGATE\SPF\SMC.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [E6TaskPanel] "C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE" -winstart
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=0409[/url] (file missing)
O9 - Extra 'Tools' menuitem: AV &Translate - {06FE5D05-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avbabelfish&c=3c00&LC=0409[/url] (file missing)
O9 - Extra button: (no name) - {06FE5D02-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=0409[/url] (file missing)
O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL - {06FE5D02-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avlinksearch&c=3c00&LC=0409[/url] (file missing)
O9 - Extra button: (no name) - {06FE5D03-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=0409[/url] (file missing)
O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host - {06FE5D03-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=avhostsearch&c=3c00&LC=0409[/url] (file missing)
O9 - Extra button: (no name) - {06FE5D04-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=0409[/url] (file missing)
O9 - Extra 'Tools' menuitem: AV Live - {06FE5D04-8F11-11d2-804F-00105A133818} - [url]http://search.presario.net/scripts/redirectors/presario/srchredir.dll?s=altavista&c=3c00&LC=0409[/url] (file missing)

SMC.exe is the Sygate personal firewall.
Process File: khost or khost.exe

Description:
khost.exe is a secure data delivery application by Kontiki Inc. which delivers data such as iamges and files to secure servers for sharing. This is a non-essential process. Disabling or enabling this is down to user preference

Nothing obviously wrong in your log.

David, thanks, but I having trouble operating video clips, and if I end task on KDX it gives me an error screen and tells me to 'hit enter to return to windows,' and when I do it shuts me down and restarts. Why is Smc (correct spelling in the box) always on 'not responding,' and what could be amiss that is it not responding all the time? Make sense to just re-install Sygate ?

Donn,
After installing - uninstalling 2 versions of Sygate, I find version 2808 to report that error in Task Manager. Both that one and the immediately prior one 27** cause my pc to freeze up for 1 second every 6 seconds. This is continuous for the first 5 minutes of EVERY boot up! It's not aggravating, it infuriatingly annoying!!! Go, stop, go, stop cursor, characters as you type, I go off the edge of the table with my mouse but the pointer is still in the middle of the monitor screen :mad:

I'm going to try them one more download (just to give them 3 strikes) and if it happens again, Sygate will be banned from any of my boxes and I'll download someone elses. Too bad, I kinda liked that firewall for awhile.

This all happened after I began to get popup messages at boot time saying that Sygate had newer builds available and did I want to upgrade now or remind me later. I put it off for a few days, now nothing but 'Good Grief'! (Where's the Charlie Brown Smilie???) :(

Well then, apparently, Mr. Sygate is going to have to take his creation to the woodshed for a little hand to butt talk. There has been one other peculiar thing with Sygate here at the Donn Hacienda. It keeps telling me that it has blocked Win32 Kernel, when in fact I have it on 'allow'. So more than one thing is not right. So I will, as an act of Mercy, of course, uninstall Sygate, and re-install it one more time. Who else besides ZA has a good free firewall?

Edit: error

Ok, I re-installed Sygate and Smc is gone, but KDX is still there, and if I close-program it, it gives me an error screen, press any key to continue, and if I do it shuts me down.

Error= 0D : 089F : 00005E37

the zeors have a line through them, is that a zero or a letter 'O' ?

:(

I ran KDX through search files and folders and got this:

[Version]
Signature="$Chicago$"
AdvancedINF=2.5
Provider=%providername%

[DefaultInstall]
CopyFiles=DLFiles, inffile
RegisterOCXs=RegisterOCXSection

[DefaultUninstall]
cleanup=1
Delfiles=DLFiles
UnRegisterOCXs=UnRegisterOCXSection

[strings]
productname="Secure Delivery"
providername="Kontiki"

[RegisterOCXSection]
%10%\kdx\KHost.exe
%10%\kdx\kpgreader.exe

Newest symptoms include screen freeze, and alterations of the mouse function, on some sites if I try to scroll on the screen it just zooms in or out as I try to scroll up or down. Font size changed to smallest when I log on, and the screen set-up has to be read from left to right using the pointers at the bottom of the screen to slide the image over to the right and back to the left.

I f I end-task KDX it still shuts down and restarts.

See previous two posts.

Like I said, I need an excorcist for this Compaq..... :(

the zeors have a line through them, is that a zero or a letter 'O' ?
It's a circle with a line through it. :D

Donn,
Browsing around Google turns up a few suggestions but nothing solid that Kontiki and/or KDX are a sort of spyware. As said above it is not needed so if you take it out with HijackThis (maybe in safe mode) you should be ok.

Is this 'service' something that gets installed when you do a system recovery? It may be.

I tried 2 other firewalls and came back to Sygate already. Too bad I deleted the installer for the only version that wasn't giving me any problems other than an update reminder :rolleyes: Both remaining ones pause/freeze my pc and the newest one (D/Led last night) does also. So I'm back to 3 versions but they a-l-l freeze my system for about 5 minutes. Then everything is ok. I guess I can live with it,, like a wart on my butt.... At least I don't have to look at it all the time..

Another good free firewall is Kerio. It takes a bit more tweaking than Zone alarm to get it set up the way you want, but it's very good.
Usually Kontiki does not give rise to problems, but if it is, then uninstalling it should solve them. Check in Add/Remove programs before using HJT.

Well thanks guys, I tried Kerio once and it didn't agree with my system, which, by now I hope, we are all convinced is in need of an excorcist, but perhaps I just didn't know how to tweak it. I rei-nstalled Sygate last night (saved the setup file, in fact, saved ALL the setup files...Adaware, Spybot etc.), and so far Win32 Kernel has not come up as I immediately put it on 'allow.'

Now that I have a few contracts under me ($$ :D) I am going to look around for some more memory for the Dell (Rambus--FTT, you had a site for that, yes?), and get that on line and use this one for storage and off line functions like Word and music.

KDX isn't in Add Remove, neither is Kontiki. How about just deleting the files from 'search files and folders' in safe mode? Will that be enough?

Ah, to answer your question specifically, FTT, no I don't think it came with the recovery program, because I have done that three times in three years and never seen it before in Close Programs, and I have been in CP a number of times since the last recovery, and I just now noticed it the other night when I was having trouble viewing clips, and, AND, I have also noticed that 'skipping' cursor in the last few days, and momentary screen freeze--that has actually happened when Adaware is first starting up. . . .hmmmm :(

Kontiki used to install spyware, but they have cleaned up their act now. It is aautomatically installed by several download sites, so uninstalling it may not be a permanent answer.
That said, deleting the entries in the Hijack this log, and then deleting the files should get rid of it.

David--that's what I did last night and the system seems to be immediately more stable--no more stuck-and-skip cursor, no screen freeeze so far, and KDX is gone from the Close Program. No adverse effects that I can see. Too bad I have no idea which E-Card site I was at when I picked it up. .. .

(Rambus--FTT, you had a site for that, yes?)

Start here (http://www.pricewatch.com/) but use these guys (http://www.resellerratings.com/) to check out the various vendors.

Give me another holler if you don't find any and I'll look elsewhere.

Fruss, thanks, I'll check it all out over the weeekend (lunch break now).

Now, typical understudy question: if I want to use a different kind of memory chip, is there an adapter to use between the RIMM and the (non-RAMBUS) wafer? Or, if I want to use a more common (not as expensive) memory chip can I change from RIMM to DIMM somehow, or would that involve a whole new mobo?

There weren't any at the eaelier link but there is some here:

expensive (http://www.computersurplusoutlet.com/showproduct.asp?C=6&s=103)

gooddeals (http://www.compgeeks.com/products.asp?cat=RAM#184-pin%20RIMM%20Memory)