I posted a thread in Win2000 Help forum;

http://www.d-a-l.com/help/showthread.php?t=22501

And as requested, here is the HJT log;

Logfile of HijackThis v1.99.1
Scan saved at 00:14:24, on 10/06/2005
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\WINNT\Explorer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matt Cowan\My Documents\Programme and exe files\Anit Virus, Firewall and Spyware Programmes\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://209.25.203.234/search.php?
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Gmail - {3CD12856-7A7B-4e4c-B53E-92DFDD44AFDE} - https://gmail.google.com (file missing)
O15 - Trusted Zone: www.hotmail.com
O15 - Trusted Zone: http://by103fd.bay103.hotmail.msn.com
O15 - Trusted Zone: http://www.passionford.com
O15 - Trusted IP range: http://209.25.203.234
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by103fd.bay103.hotmail.msn.co...x/HMAtchmt.ocx
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

Can anyone see anything in there not right? As for some reason it will still not load and run Spysweeper, un-install it or re-install it, won't let me install SpyBot or AVG either.... So the only things I got going on here are ZoneAlarm and Adaware....

Thanks!

Hello,Matt_Cowan & Welcome

Ok first i don't see anything in the logfile did
you try running them from Safe Mode see if you
have the same problem.

& you should run over to the Windows update site
& download all the latest updates for your PC

safe mode: Instructions here

also make sure all the progs are up to date

HGD

Yeah, I have run the windows update, now running Win2k Pro, service pack 4, but still have trouble getting into Hotmail (only on this PC, everywhere else is fine) and Swysweeper still hangs on startup and to close it it comes up with the "no responding" quote. (still can't uninstall or reinstall) aswell.

I'm thinking I might just F-Disk everything and totally reinstall, but don't want to do that just yet....

Hi,Matt_Cowan

Here is what i want you to do stop Swysweeper from running
at startup with Windows then see if you can run a full system scan

& do this here also goto
c:\winnt\system32\drivers\etc\hosts

once you find the Hosts file open it then copy all
inside of it & PM me a copy of the hosts file so i
may have a look at it for you.

HGD

Okay I found it, but what do I open it with? It isn't a valid filetype and wants me to select a program to use to open it with. Tried Wordpad but no luck there...

Hi,Matt_Cowan

Did you try NotePad see if this helps

HGD

I get the same with Notepad as I do with Wordpad;

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost


On a plus note, I was finally able to uninstall Spysweeper. I decided just to try going into Add/Remove Programmes again and trying it again and it worked this time.

Still cannot install AVG tho. It still goes through the whole process, then right at the end it says "1 error : couldn't write C:autoexac.bat" or something similar....

Hi,Matt_Cowan

Well i'm glad to say i don't see anything in the hosts file
that is doing this how is it now do you stell have the problem

HGD

Well now I have removed Spyweeper, the start up process doesn't hang like it did with it installed (when it wasn't loading) but I still can't install AVG for some reason...