MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Internet & Network Support arrow Security & Viruses arrow Topic: VIRUS HELPTROJ_STARTPAG.RE
March 29, 2020, 02:53:45 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
March 29, 2020, 02:53:45 PM

Login with username, password and session length
 Featured Sites:
News
Welcome to MyTechSupport.ca! - Registration is FREE, so why not join our friendly community today?
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: VIRUS HELPTROJ_STARTPAG.RE  (Read 3287 times)
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« on: November 10, 2005, 09:27:11 PM »

PLEASE SUPPLY RELEVANT INFORMATION:
Operating System Version:Mic XP Home version 2002
Problem Application Name & Version:
Problem Hardware Make & Model:AMD Athalon(tm)1800 +1.54 GZ
Error Messages:TROJ_STARTPAG.RE



Sad
Text
Text
Trend Micro Keeps reporting this as a virus and my browser was being hijacked I was getting programs installed without my doing it I have uninstalled, Deleted run every scan and program I have. IE: Adaware, Spybot, My Mcafee cleaned a lot but then on some it said my disk was write protected? Then it crashed an will not allpw me to reload it. Trend Micro and House Call are not finding any thing now and I have browser stabilized so it is no longer going to BLANK. But windows paint keeps opening by itself. Also my system is slower and eratic.
This is my first time posting so I know I am doinf this all wrong. But I am sooo lost here! I have too much to reformat now and Also my external CD-RW no longer works and I tried uninstalling it and reinstalling it but now it will not install!
Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #1 on: November 10, 2005, 11:35:17 PM »

Download HiJackThis.exe - this program will help us determine if there are any spyware/malware on your computer.  
Create a folder at C:\Program Files\HijackThis and move HiJackThis.exe there.  
Double click on the program to run it.

1. If it gives you an intro screen, just choose [Do a system scan and save a logfile].
2. If you don't get the intro screen, just hit [Scan] and then click on [Save log].
Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #2 on: November 10, 2005, 11:59:56 PM »

Ok  Here it is mess huh

Download Attachment: Logfile of HijackThis v1.99.1.txt 9.38 KB
Right click and select Save Target As... then rename the file as shown here and save.

Logfile of HijackThis v1.99.1
Scan saved at 6:51:48 PM, on 11/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\SCardSvr.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
F:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\WINDOWS\system32\pctspk.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\WINDOWS\wanmpsvc.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
F:\PROGRA~1\mcafee.com\agent\mcagent.exe
F:\Program Files\QuickTime\qttask.exe
F:\DOCUME~1\Dee\LOCALS~1\Temp\304.tmp.exe
F:\Program Files\MemTurbo\MemTurbo.exe
F:\WINDOWS\System32\svchost.exe
F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Program Files\America Online 9.0a\waol.exe
F:\Program Files\America Online 9.0a\shellmon.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PCCMAIN.EXE
F:\WINDOWS\system32\rundll32.exe
F:\WINDOWS\system32\notepad.exe
F:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.insightbb.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {CEE02B5D-4315-FD65-DC44-8CF554731941} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - F:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [MCUpdateExe] F:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iexplore.exe] F:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [304.tmp] F:\DOCUME~1\Dee\LOCALS~1\Temp\304.tmp.exe
O4 - HKLM\..\Run: [304.tmp.exe] F:\DOCUME~1\Dee\LOCALS~1\Temp\304.tmp.exe
O4 - HKLM\..\Run: [SpyFighterMonitor] "F:\Program Files\SpyFighter\SpyFighter.exe" monitor
O4 - HKLM\..\Run: [SpyFighterUpdate] "F:\Program Files\SpyFighter\AutoUpdate.exe" silent
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [mode tons] F:\DOCUME~1\Dee\APPLIC~1\IDLELI~1\mix plus.exe
O4 - Startup: AntiCrash.lnk.disabled
O4 - Startup: MemTurbo.lnk = F:\Program Files\MemTurbo\MemTurbo.exe
O4 - Startup: MemTurbo.lnk.disabled
O4 - Startup: ProtectX Hacker Defence Suite.lnk.disabled
O4 - Startup: Trend Micro Anti-Spyware.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: Trend Micro Anti-Spyware.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://F:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download All by FlashGet - F:\PROGRA~1\FLASGE~1.71\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - F:\PROGRA~1\FLASGE~1.71\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - F:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
O15 - Trusted Zone: *.AOLacsd.exe
O15 - Trusted Zone: *.AOLDial.exe
O15 - Trusted Zone: *.aoltpspd.exe
O15 - Trusted Zone: http://www.blogger.com
O15 - Trusted Zone: http://*.freeweb
O15 - Trusted Zone: http://members2.freewebs.com
O15 - Trusted Zone: *.i) waol.exe
O15 - Trusted Zone: http://www.insightbb.com
O15 - Trusted Zone: http://www.lavasoft.de
O15 - Trusted Zone: http://*.update.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O15 - Trusted Zone: http://ul2.rapidshare.de
O15 - Trusted Zone: *.waol.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} (Microsoft VM) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1120761067281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - F:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - F:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - F:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - F:\WINDOWS\system32\pctspk.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - F:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - F:\WINDOWS\wanmpsvc.exe

« Last Edit: November 11, 2005, 10:54:12 PM by sUBs » Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #3 on: November 11, 2005, 12:17:58 AM »

I notice that you have more than one anti-virus programs on your machine. That's not a good idea!!

Alike firewalls, anti-virus programs have conflicts co-existing with each other & may produce undesirable results. Please uninstall ALL leaving only one of them.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Please download these additional files/programs.  Do not run them until instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.  

CleanUp.exe - Install.

KillBox v2.0.0.175.zip

Download DelO15Domains.inf - Right click on this  & choose "Save As..."   DelO15Domains.inf
Right click on DelO15Domains.inf and choose Install. It will run immediately (you won't be able to see anything happen). You may delete the file afterwards.


'UNPLUG'/DISCONNECT YOUR COMPUTER FROM THE INTERNET WHEN YOU HAVE FINISHED DOWNLOADING


This webpage would not be available when you're carrying out the fix. Please save the following instructions in Notepad. I have customed my instructions on the assumption that you are using Notepad. It may lead to some confusion should you choose to do otherwise.

If there's anything that you don't understand, kindly ask your questions before proceeding with the fixes. There should not be any opened browsers when you are carrying out the procedures below.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Uninstall the following programs, if present, using Control Panel->Add/Remove Programs:
    SpyFighter

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


CLOSE ALL OTHER PROGRAMS & ALL OPEN WINDOWS

Run a scan with HiJackThis & select/tick the following & click "Fix checked" :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {CEE02B5D-4315-FD65-DC44-8CF554731941} - (no file)
O3 - Toolbar: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [iexplore.exe] F:\Program Files\Internet Explorer\iexplore.exe
O4 - HKLM\..\Run: [304.tmp] F:\DOCUME~1\Dee\LOCALS~1\Temp\304.tmp.exe
O4 - HKLM\..\Run: [304.tmp.exe] F:\DOCUME~1\Dee\LOCALS~1\Temp\304.tmp.exe
O4 - HKLM\..\Run: [SpyFighterMonitor] "F:\Program Files\SpyFighter\SpyFighter.exe" monitor
O4 - HKLM\..\Run: [SpyFighterUpdate] "F:\Program Files\SpyFighter\AutoUpdate.exe" silent
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [mode tons] F:\DOCUME~1\Dee\APPLIC~1\IDLELI~1\mix plus.exe
O16 - DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} (Microsoft VM) -  



= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


If you have not done so already, please enable the viewing of Hidden files
From Windows Explorer, go to Tools>Folder Options> View tab.
  • Tick - Show hidden files and folder
  • Untick - Hide file extensions for known types
  • Untick - Hide protected operating system files
Click Yes to confirm & then click OK

Locate and delete the following folders, if present:
  • F:\Program Files\SpyFighter\
    F:\DOCUME~1\Dee\APPLIC~1\IDLELI~1\  

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider to Standard CleanUp!
3. Uncheck the following:
  • Delete Newsgroup cache
  • Delete Newsgroup Subscriptions
  • Scan local drives for temporary files
4. Click OK
5. Press the CleanUp! button to start the program. Reboot/logoff when prompted.
* CleanUp! will not create any backups!!


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Perform an online scan with Internet Explorer at one of the following sites:
Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #4 on: November 11, 2005, 03:50:32 PM »



Download Attachment: findlop.txt 11.79 KB
Right click and select Save Target As... then rename the file as shown here and save.SpyFighter  not on here
Mcafee was used to scan once but is not used as a rule only use the firewall AOL put it on.
I use PCCILLIN TrendMicro.
I first used House Call on lone it showed nothing,  No viruses No cookies No Trogans.
Then I used Panda ActiveScan Online. The after results of this are attached.
Trend Micro PCCllin 2005 showed nothing on the spyware.

In addition I told them to do my entire system But I see no mention of my second Hard drive on these logs.


Download Attachment: Activescan.txt 34.81 KB
Right click and select Save Target As... then rename the file as shown here and save.

 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\All Users\Application Data

10/27/2005  12:07 PM    <DIR>          Adobe
09/21/2005  04:58 PM    <DIR>          AOL
08/12/2005  04:38 PM    <DIR>          Apple Computer
06/18/2005  07:02 PM    <DIR>          InstallShield
10/28/2005  05:49 PM    <DIR>          Macromedia
10/29/2005  11:19 AM    <DIR>          Macrovision
11/06/2005  12:58 AM    <DIR>          McAfee.com
08/30/2005  02:45 AM    <DIR>          MSN6
07/24/2005  08:57 PM    <DIR>          Pure Networks
06/18/2005  03:03 AM    <DIR>          QuickTime
11/09/2005  01:34 AM    <DIR>          Spybot - Search & Destroy
07/24/2005  08:26 PM    <DIR>          Symantec
06/18/2005  03:03 AM    <DIR>          Viewpoint
11/06/2005  03:57 AM    <DIR>          Wait Bib Dent Lies
08/01/2005  05:30 AM    <DIR>          Windows Genuine Advantage
               0 File(s)              0 bytes
              15 Dir(s)  171,913,302,016 bytes free
 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\Dee\Application Data

09/30/2005  10:24 PM    <DIR>          Adobe
10/27/2005  12:19 PM    <DIR>          AdobeUM
08/02/2005  02:12 PM    <DIR>          Alien Skin
09/13/2005  06:38 PM    <DIR>          AOL
08/12/2005  04:42 PM    <DIR>          Apple Computer
11/06/2005  12:21 PM    <DIR>          clock ace send
09/12/2005  11:37 AM    <DIR>          Corel
08/28/2005  12:50 PM    <DIR>          GlobalSCAPE
07/12/2005  04:05 PM    <DIR>          Help
08/30/2005  12:00 AM    <DIR>          Identities
11/04/2005  06:45 PM         2,217,897 Install.dat
06/18/2005  07:45 PM    <DIR>          Jasc
06/18/2005  07:02 PM    <DIR>          Jasc Software Inc
06/19/2005  01:18 AM    <DIR>          Lavasoft
10/30/2005  08:46 PM    <DIR>          Learn2.com
10/29/2005  11:19 AM    <DIR>          Macromedia
06/20/2005  09:18 PM    <DIR>          McAfee.com Personal Firewall
08/30/2005  02:45 AM    <DIR>          MSN6
07/08/2005  02:13 AM    <DIR>          Real
09/17/2005  11:13 PM    <DIR>          Softland
07/03/2005  11:57 PM    <DIR>          Sun
08/01/2005  04:48 AM    <DIR>          TuneUp Software
07/24/2005  08:59 PM    <DIR>          You've Got Pictures Screensaver
               1 File(s)      2,217,897 bytes
              22 Dir(s)  171,913,039,872 bytes free
 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\Default User\Application Data

06/17/2005  10:37 PM    <DIR>          .
06/17/2005  10:37 PM    <DIR>          ..
06/17/2005  10:37 PM                62 desktop.ini
               1 File(s)             62 bytes
               2 Dir(s)  171,913,891,840 bytes free
 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\LocalService\Application Data

 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\NetworkService\Application Data

[TRACE] Enumerating jobs and queues
[TRACE] Activating job '1-Click Maintenance.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe'
  Parameters:         '/schedulestart'
  WorkingDirectory:   ''
  Comment:            'Starts 1-Click Maintenance at scheduled times'
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/04/2005 17:15:00
  NextRun:            11/11/2005 17:15:00
  StartError:         S_OK
  ExitCode:           0x40010004
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Weekly
    WeeksInterval:   1
    DaysOfTheWeek:   .....F.
    StartDate:       08/07/2001
    EndDate:         08/07/2005
    StartTime:       17:15
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'B1C89AB192D719C9.job'
[TRACE] Printing all job properties

  ApplicationName:    'f:\docume~1\dee\applic~1\idleli~1\GplThatBook.exe'
  Parameters:         ''
  WorkingDirectory:   ''
  Comment:            ''
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/06/2005  3:00:00
  NextRun:            11/11/2005 10:00:00
  StartError:         0x80070003
  ExitCode:           0
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 1
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       06/25/2001
    EndDate:         00/00/0000
    StartTime:       00:00
    MinutesDuration: 1440
    MinutesInterval: 60
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'McAfee.com Update Check (Myname.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\PROGRA~1\mcafee.com\agent\mcupdate.exe'
  Parameters:         '/Schedule'
  WorkingDirectory:   'F:\PROGRA~1\mcafee.com\agent'
  Comment:            'McAfee SecurityCenter periodically checks for updates for your McAfee Security Services.'
  Creator:            'name'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      00/00/0000  0:00:00
  NextRun:            11/11/2005 10:23:00
  StartError:         SCHED_S_TASK_HAS_NOT_RUN
  ExitCode:           0
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       11/11/2005
    EndDate:         00/00/0000
    StartTime:       10:23
    MinutesDuration: 1440
    MinutesInterval: 5
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'PcbugDoctorDee.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\Program Files\PcBugDoctor\PcBugDoctor.exe'
  Parameters:         'scan'
  WorkingDirectory:   'F:\Program Files\PcBugDoctor'
  Comment:            ''
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/10/2005 23:31:00
  NextRun:            11/11/2005 23:31:00
  StartError:         S_OK
  ExitCode:           0
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 1
    KillIfGoingOnBatteries  = 1
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       07/16/2005
    EndDate:         00/00/0000
    StartTime:       23:31
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'Spybot - Search & Destroy -  Scheduled Task.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe'
  Parameters:         '/AUTOCHECK /AUTOFIX /AUTOCLOSE'
  WorkingDirectory:   ''
  Comment:            ''
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      00/00/0000  0:00:00
  NextRun:            00/00/0000  0:00:00
  StartError:         SCHED_E_ACCOUNT_INFORMATION_NOT_SET
  ExitCode:           0
  Status:             SCHED_S_TASK_HAS_NOT_RUN
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 0
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Once
    StartDate:       09/06/2005
    EndDate:         00/00/0000
    StartTime:       15:00
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job '{04F2A13A-EB4B-4AC2-80D7-15C3B936003F}_MARCV-Dee.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\WINDOWS\system32\mobsync.exe'
  Parameters:         ' /Schedule="{04F2A13A-EB4B-4AC2-80D7-15C3B936003F}_MARCV-Dee"'
  WorkingDirectory:   ''
  Comment:            ''
  Creator:            'SyncMgrInternalCreatorName'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/10/2005 15:26:00
  NextRun:            11/11/2005 15:26:00
  StartError:         S_OK
  ExitCode:           0
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       07/10/2005
    EndDate:         00/00/0000
    StartTime:       15:26
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


Incident                      Status                        Location                                                                                                                                                                                                                                                        

Adware:adware/navipromo       No disinfected                F:\WINDOWS\SYSTEM32\sdklu32.exe                                                                                                                                                                                                                                
Spyware:spyware/new.net       No disinfected                F:\WINDOWS\NDNuninstall6_98.exe                                                                                                                                                                                                                                
Adware:adware/masterbar       No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.ags             No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{018B7EC3-EECA-11D3-8E71-0000E82C6C0D}                                                                                                                                            
Adware:adware/ipbill          No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.adn             No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{5F426A93-0821-47D2-A126-5A48A874B289}                                                                                                                                            
Adware:adware/delta           No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.yz              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{02C20140-76F8-4763-83D5-B660107B7A90}                                                                                                                                            
Dialer:dialer.yy              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{23273a1c-c870-43c4-a3e3-67dc98630ac6}                                                                                                                                            
Dialer:dialer.yx              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{6ed16eff-3b18-11d6-9139-00e02964e8e3}                                                                                                                                            
Dialer:dialer.yc              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{e8edb60c-951e-4130-93dc-faf1ad25f8e7}                                                                                                                                            
Adware:adware/powerstrip      No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.xs              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{ceb29da4-7afa-4f24-b3cd-17351d590df0}                                                                                                                                            
Spyware:spyware/whazit        No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.py              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{8522F9B3-38C5-4AA4-AE40-7401F1BBC851}                                                                                                                                            
Adware:adware/ieplugin        No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.b               No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{2c1651ef-8827-11d6-91a2-00e02964e8e3}                                                                                                                                            
Virus:Eicar.Mod               No disinfected                F:\Program Files\FSI\F-Prot\fpav-help.chm[prob-scan-ok.html]                                                                                                                                                                                                    
Virus:Eicar.Mod               No disinfected                F:\Program Files\InstallShield Installation Information\{9FD12630-1991-46F5-8479-92DE1EAE87DA}\data1.cab[fpav-help.chm][prob-scan-ok.html]                                                                                                                      
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-0.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-1.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-2.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-3.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-5.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-6.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-7.bak                                                                                                                                                                                    
Dialer:Dialer.DNA             No disinfected                F:\Program Files\PhatCat Technologies\PCRepair\bak\11\files\1131340415-8.bak                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\adddq.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\addsq.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\addvi.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\apika.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\apprp32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\apptz32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\appzb.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\atlby.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\atlpa32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\atlqa32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\atlux32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\atlxb32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\atlzw.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\d3ud32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ieas32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\iebc32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ieve32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ievw32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ipag32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ipbo.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\iphj.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ipjo32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ipjw32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ipnr.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ipok32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ippv32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\javaby32.exe                                                                                                                                                                                                                                        
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\javajw.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\javamm32.exe                                                                                                                                                                                                                                        
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\mfcgw32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\mfcvw.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\msve.exe                                                                                                                                                                                                                                            
Spyware:Spyware/New.net       No disinfected                F:\WINDOWS\NDNuninstall6_98.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\netpj.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ntpd32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ntxz.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\ntyb32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\sdkio.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\sdkym32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\addbl.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\addzr32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\apihe.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\apimz.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\apipe.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\apixs32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\atljo.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\atlni.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\atlow.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\crdv32.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\crpg.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\crxs.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\d3ln.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\d3oh32.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\ieha32.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\ieqg32.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\ipit32.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\ipnt.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\javagw.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\javaqp32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\javatn.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\javauv.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\mfcbs.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\mfcex32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\mfcgp32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\msrt32.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\mstd.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\netde.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\netew.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\netit32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\netlm32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\netnm.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\netyh32.exe                                                                                                                                                                                                                                
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\ntbc.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\nthl.exe                                                                                                                                                                                                                                    
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\sdkca.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\sdkvp.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\system32\winvr.exe                                                                                                                                                                                                                                  
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\winbw32.exe                                                                                                                                                                                                                                          
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\winip.exe                                                                                                                                                                                                                                            
Adware:Adware/SearchAid       No disinfected                F:\WINDOWS\winlx32.exe                                                                                                                                                                                                                                          
« Last Edit: November 11, 2005, 10:54:50 PM by sUBs » Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #5 on: November 11, 2005, 04:02:53 PM »

You forgot to include your HJT log. Please post it now.
Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #6 on: November 11, 2005, 10:51:45 PM »

HUT I thought it was there.

Download Attachment: Logfile of HijackThis v1.99.1.txt 7.73 KB
Right click and select Save Target As... then rename the file as shown here and save.

Logfile of HijackThis v1.99.1
Scan saved at 7:49:31 PM, on 11/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\SCardSvr.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
F:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\WINDOWS\system32\pctspk.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\WINDOWS\wanmpsvc.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
F:\PROGRA~1\mcafee.com\agent\mcagent.exe
F:\Program Files\QuickTime\qttask.exe
F:\Program Files\MemTurbo\MemTurbo.exe
F:\WINDOWS\System32\svchost.exe
F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
F:\WINDOWS\system32\NOTEPAD.EXE
F:\Program Files\HijackThis\HijackThis.exe
F:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.insightbb.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - F:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O4 - HKLM\..\Run: [MCUpdateExe] F:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Startup: AntiCrash.lnk.disabled
O4 - Startup: MemTurbo.lnk = F:\Program Files\MemTurbo\MemTurbo.exe
O4 - Startup: MemTurbo.lnk.disabled
O4 - Startup: ProtectX Hacker Defence Suite.lnk.disabled
O4 - Startup: Trend Micro Anti-Spyware.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: Trend Micro Anti-Spyware.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://F:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download All by FlashGet - F:\PROGRA~1\FLASGE~1.71\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - F:\PROGRA~1\FLASGE~1.71\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - F:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
O15 - Trusted Zone: *.AOLacsd.exe
O15 - Trusted Zone: *.AOLDial.exe
O15 - Trusted Zone: *.aoltpspd.exe
O15 - Trusted Zone: http://www.blogger.com
O15 - Trusted Zone: http://*.freeweb
O15 - Trusted Zone: http://members2.freewebs.com
O15 - Trusted Zone: *.i) waol.exe
O15 - Trusted Zone: http://www.insightbb.com
O15 - Trusted Zone: http://www.lavasoft.de
O15 - Trusted Zone: http://*.update.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O15 - Trusted Zone: *.waol.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1120761067281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - F:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - F:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - F:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - F:\WINDOWS\system32\pctspk.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - F:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - F:\WINDOWS\wanmpsvc.exe

« Last Edit: November 11, 2005, 10:53:45 PM by sUBs » Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #7 on: November 11, 2005, 11:08:48 PM »

You still have two AVs/firewalls. If you do not uninstall, you will experience software conflicts & an overall slowdown of your system.

Please download these additional files/programs.  Do not run them until instructed to do so.
Unless otherwise stated, they should be stored in same directory as the HiJackThis program.  

Del.zip (Do NOT run it yet)

About Buster.zip - Unzip to a new folder. Update About Buster & exit the program once that is completed.

CWShredder.exe    
 Open CWShredder and click - I AGREE
 Click - Check For Update
 Close CWShredder after updating      

Ewido Security Suite
  • Install Ewido Security Suite
  • When installing, under "Additional Options" uncheck..
    • Install background guard
    • Install scan via context menu
  • Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.
  • On the left hand side of the main screen click update.
  • Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.


'UNPLUG'/DISCONNECT YOUR COMPUTER FROM THE INTERNET WHEN YOU HAVE FINISHED DOWNLOADING


This webpage would not be available when you're carrying out the fix. Please save the following instructions in Notepad. I have customed my instructions on the assumption that you are using Notepad. It may lead to some confusion should you choose to do otherwise.

If there's anything that you don't understand, kindly ask your questions before proceeding with the fixes. There should not be any opened browsers when you are carrying out the procedures below.


IT IS IMPORTANT THAT YOU DON'T MISS A STEP & PERFORM EVERYTHING IN THE RIGHT ORDER.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =

Next, please reboot your computer in SafeMode by doing the following:
1. Restart your computer
2. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3. Instead of Windows loading as normal, a menu should appear
4. Select the first option, to run Windows in Safe Mode.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


From within del.zip, double click on regdel.reg & allow it to merge into the registry

Also double click on delbat.bat & allow it to run it's course


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Start HijackThis & Go to Config> Misc Tools > Open ADS Spy
  1. Checkmark/tick - "Ignore Safe System Info Streams"  
  2. Click the "Scan" button
  3.  
  4. When it has finished scanning, checkmark/tick all that it found
  5.  
  6. Click the "remove selected" button  
  7.  

= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider to Standard CleanUp!
3. Uncheck the following:
  • Delete Newsgroup cache
  • Delete Newsgroup Subscriptions
  • Scan local drives for temporary files
4. Click OK
5. Press the CleanUp! button to start the program. Reboot/logoff when prompted.  
* CleanUp! will not create any backups!!


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Run CWShredder & click on Fix.

Run About Buster and click - Begin Removal.
Locate 'Ab LogFile.txt' (... in the same folder as AboutBuster) and post it in your next reply.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


Run Ewido with it's updated definitions:(...it's important that all windows must be closed)
  • Click Scanner
  • Click Complete System Scan to begin scanning.
  • Click OK when prompted to clean files
With the first file it prompts to clean, select the option:
  • "Perform action on all infections"
  • Choose clean and click OK.
Once finished, click the Save report button & save the report to your desktop

** Ewido scan would require at least an hour. I suggest that you go grab a cup of coffee & do something else while you wait for it to complete.


= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =


REBOOT TO NORMAL MODE


Do another Panda Activescan & run fl.bat again


In your next post, please include fresh logs from:

HiJackThis
Online scan
Findlop.txt
About Buster  
Ewido  


Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now

Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #8 on: November 12, 2005, 09:38:12 AM »

OK Panda still says 2 viruses an desk top looks grayer but cleaner


Download Attachment: Ab LogFile.txt 1.17 KB
Right click and select Save Target As... then rename the file as shown here and save.

Download Attachment: Activescan.txt 6.2 KB
Right click and select Save Target As... then rename the file as shown here and save.

Download Attachment: cwshreddrreport.txt 13.09 KB
Right click and select Save Target As... then rename the file as shown here and save.

Download Attachment: findlop.txt 10.4 KB
Right click and select Save Target As... then rename the file as shown here and save.

Download Attachment: Scan report_20051112.txt.txt 7.41 KB
Right click and select Save Target As... then rename the file as shown here and save.

Download Attachment: hijackthis.txt 7.72 KB
Right click and select Save Target As... then rename the file as shown here and save.

 **** Run Keys ****

RUN: [MCUpdateExe] F:\PROGRA~1\mcafee.com\agent\McUpdate.exe
RUN: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
RUN: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime


 **** Browser Helper Objects ****

BHO: [AcroIEHlprObj Class] F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll


 **** IE Toolbars ****

TOOLBAR: [FlashGet Bar] F:\PROGRA~1\FLASGE~1.71\FlashGet\fgiebar.dll
TOOLBAR: [&Translator Internet] F:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL


 **** IE Extensions ****

IEExt: [Web Browser Applet Control] F:\WINDOWS\system32\msjava.dll
IEExt: [AOL Toolbar] F:\WINDOWS\system32\msjava.dll
IEExt: [AOL Toolbar] F:\WINDOWS\system32\msjava.dll
IEExt: [Research] F:\WINDOWS\system32\msjava.dll
IEExt: [Real.com] F:\WINDOWS\system32\msjava.dll
IEExt: [FlashGet] F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
IEExt: [Messenger] F:\Program Files\Messenger\msmsgs.exe


 **** Hosts File Entries ****



 **** IE Settings ****

Default Page: http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default Search: http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch


 **** IE Context Menu (Right click) ****



 **** Layered Service Providers ****

LSP: Port Magic Chain over MSAFD Tcpip [UDP/IP]
LSP: Port Magic Chain over RSVP UDP Service Provider
LSP: Port Magic Chain over MSAFD Tcpip [TCP/IP]
LSP: Port Magic Chain over RSVP TCP Service Provider
LSP: MSAFD Tcpip [TCP/IP]
LSP: MSAFD Tcpip [UDP/IP]
LSP: RSVP UDP Service Provider
LSP: RSVP TCP Service Provider
LSP: MSAFD Tcpip [TCP/IPv6]
LSP: MSAFD Tcpip [UDP/IPv6]
LSP: MSAFD nwlnkipx [IPX]
LSP: MSAFD nwlnkspx [SPX]
LSP: MSAFD nwlnkspx [SPX] [Pseudo Stream]
LSP: MSAFD nwlnkspx [SPX II]
LSP: MSAFD nwlnkspx [SPX II] [Pseudo Stream]
LSP: MSAFD NetBIOS [\Device\NwlnkNb] SEQPACKET 11
LSP: MSAFD NetBIOS [\Device\NwlnkNb] DATAGRAM 11
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{18B11A26-68AB-409A-BF70-189B47BAFCFD}] SEQPACKET 9
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{18B11A26-68AB-409A-BF70-189B47BAFCFD}] DATAGRAM 9
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A787CE32-8561-45DA-BECA-7A21B7D5D5BD}] SEQPACKET 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{A787CE32-8561-45DA-BECA-7A21B7D5D5BD}] DATAGRAM 6
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5928E9FC-CE46-4F22-B7BA-5C2E637F774E}] SEQPACKET 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{5928E9FC-CE46-4F22-B7BA-5C2E637F774E}] DATAGRAM 7
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F7F209CD-B5E1-4996-84A5-CF052F1CCF2E}] SEQPACKET 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{F7F209CD-B5E1-4996-84A5-CF052F1CCF2E}] DATAGRAM 8
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{18B11A26-68AB-409A-BF70-189B47BAFCFD}] SEQPACKET 10
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{18B11A26-68AB-409A-BF70-189B47BAFCFD}] DATAGRAM 10
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A787CE32-8561-45DA-BECA-7A21B7D5D5BD}] SEQPACKET 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A787CE32-8561-45DA-BECA-7A21B7D5D5BD}] DATAGRAM 0
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5928E9FC-CE46-4F22-B7BA-5C2E637F774E}] SEQPACKET 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{5928E9FC-CE46-4F22-B7BA-5C2E637F774E}] DATAGRAM 1
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A9ABC4B2-68BE-463D-A111-6CBCD9CC2F4C}] SEQPACKET 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{A9ABC4B2-68BE-463D-A111-6CBCD9CC2F4C}] DATAGRAM 2
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C41B7071-616D-48E3-B430-8E9A84A1D652}] SEQPACKET 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C41B7071-616D-48E3-B430-8E9A84A1D652}] DATAGRAM 3
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8BE74970-76B7-4F4E-9F8D-671F3B52A654}] SEQPACKET 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{8BE74970-76B7-4F4E-9F8D-671F3B52A654}] DATAGRAM 4
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9A6DDB9A-D470-42BA-BEA5-56922A201C04}] SEQPACKET 5
LSP: MSAFD NetBIOS [\Device\NetBT_Tcpip_{9A6DDB9A-D470-42BA-BEA5-56922A201C04}] DATAGRAM 5


 **** Blocked Control Panel Items ****

BLOCKED: [ncpa.cpl] No
BLOCKED: [odbccp32.cpl] No


 **** Downloaded Program Files ****

Microsoft XML Parser for Java []
{04E214E5-63AF-4236-83C6-A7ADCBF9BD02} [http://housecall60.trendmicro.com/housecall/xscan60.cab] F:\WINDOWS\system32\msvcrt.dll F:\WINDOWS\system32\mfc42.dll F:\WINDOWS\runtsckl.exe F:\WINDOWS\tmupdate.ini F:\WINDOWS\aucfg.ini F:\WINDOWS\loadhttp.dll F:\WINDOWS\system32\msvcp60.dll F:\WINDOWS\TSC.ini F:\WINDOWS\RMAgentOutput.dll F:\WINDOWS\dllTSCLIBMT.dll F:\WINDOWS\patchw32.dll F:\WINDOWS\Downloaded Program Files\xscan60.ocx
{17492023-C23A-453E-A040-C7C580BBF700} [http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409]
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [http://office.microsoft.com/officeupdate/content/opuc3.cab]
{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} [http://aolcc.aol.com/computercheckup/qdiagcc.cab]
{4B48D5DF-9021-45F7-A240-60304302A215} [http://download.microsoft.com/download/b/d/b/bdb4e4ee-63b2-45ff-9d84-33205bf43143/WebCleaner.cab]
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [http://download.bitdefender.com/resources/scan8/oscan8.cab]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1120761067281]
{8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} [http://acs.pandasoftware.com/activescan/as5free/asinst.cab]
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} [https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab]
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} [http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab]
{D27CDB6E-AE6D-11CF-96B8-444553540000} [http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab]
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} [http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4624/mcfscan.cab]


 **** Windows Services ****

[Alerter] %SystemRoot%\System32\svchost.exe -k LocalService
[ALG] %SystemRoot%\System32\alg.exe
[AOL ACS] F:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
[AppMgmt] %SystemRoot%\system32\svchost.exe -k netsvcs
[AudioSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[BITS] %SystemRoot%\System32\svchost.exe -k netsvcs
[Browser] %SystemRoot%\System32\svchost.exe -k netsvcs
[CiSvc] %SystemRoot%\system32\cisvc.exe
[ClipSrv] %SystemRoot%\system32\clipsrv.exe
[COMSysApp] F:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[CryptSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[DcomLaunch] %SystemRoot%\system32\svchost -k DcomLaunch
[Dhcp] %SystemRoot%\System32\svchost.exe -k netsvcs
[dmadmin] %SystemRoot%\System32\dmadmin.exe /com
[dmserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[Dnscache] %SystemRoot%\System32\svchost.exe -k NetworkService
[ERSvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[Eventlog] %SystemRoot%\system32\services.exe
[EventSystem] F:\WINDOWS\System32\svchost.exe -k netsvcs
[FastUserSwitchingCompatibility] %SystemRoot%\System32\svchost.exe -k netsvcs
[helpsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[HidServ] %SystemRoot%\System32\svchost.exe -k netsvcs
[HTTPFilter] %SystemRoot%\System32\svchost.exe -k HTTPFilter
[ImapiService] F:\WINDOWS\System32\imapi.exe
[lanmanserver] %SystemRoot%\System32\svchost.exe -k netsvcs
[lanmanworkstation] %SystemRoot%\System32\svchost.exe -k netsvcs
[LmHosts] %SystemRoot%\System32\svchost.exe -k LocalService
[mcupdmgr.exe] F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
[MDM] "F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
[Messenger] %SystemRoot%\System32\svchost.exe -k netsvcs
[mnmsrvc] F:\WINDOWS\System32\mnmsrvc.exe
[MpfService] F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
[MSDTC] F:\WINDOWS\System32\msdtc.exe
[MSIServer] F:\WINDOWS\System32\msiexec.exe /V
[NetDDE] %SystemRoot%\system32\netdde.exe
[NetDDEdsdm] %SystemRoot%\system32\netdde.exe
[Netlogon] %SystemRoot%\System32\lsass.exe
[Netman] %SystemRoot%\System32\svchost.exe -k netsvcs
[Nla] %SystemRoot%\System32\svchost.exe -k netsvcs
[NtLmSsp] %SystemRoot%\System32\lsass.exe
[NtmsSvc] %SystemRoot%\system32\svchost.exe -k netsvcs
[ose] "F:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[PcCtlCom] F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
[Pctspk] %SystemRoot%\system32\pctspk.exe
[PlugPlay] %SystemRoot%\system32\services.exe
[PolicyAgent] %SystemRoot%\System32\lsass.exe
[ProtectedStorage] %SystemRoot%\system32\lsass.exe
[RasAuto] %SystemRoot%\System32\svchost.exe -k netsvcs
[RasMan] %SystemRoot%\System32\svchost.exe -k netsvcs
[RDSessMgr] F:\WINDOWS\system32\sessmgr.exe
[RemoteAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[RpcLocator] %SystemRoot%\System32\locator.exe
[RpcSs] %SystemRoot%\system32\svchost -k rpcss
[RSVP] %SystemRoot%\System32\rsvp.exe
[SamSs] %SystemRoot%\system32\lsass.exe
[SCardSvr] %SystemRoot%\System32\SCardSvr.exe
[Schedule] %SystemRoot%\System32\svchost.exe -k netsvcs
[seclogon] %SystemRoot%\System32\svchost.exe -k netsvcs
[SENS] %SystemRoot%\system32\svchost.exe -k netsvcs
[SharedAccess] %SystemRoot%\System32\svchost.exe -k netsvcs
[ShellHWDetection] %SystemRoot%\System32\svchost.exe -k netsvcs
[Spooler] %SystemRoot%\system32\spoolsv.exe
[srservice] %SystemRoot%\System32\svchost.exe -k netsvcs
[SSDPSRV] %SystemRoot%\System32\svchost.exe -k LocalService
[stisvc] %SystemRoot%\System32\svchost.exe -k imgsvc
[SwPrv] F:\WINDOWS\System32\dllhost.exe /Processid:{33633B2D-885D-47A5-9C48-26BB8EEFE413}
[SysmonLog] %SystemRoot%\system32\smlogsvc.exe
[TapiSrv] %SystemRoot%\System32\svchost.exe -k netsvcs
[TermService] %SystemRoot%\System32\svchost -k DComLaunch
[Themes] %SystemRoot%\System32\svchost.exe -k netsvcs
[Tmntsrv] F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
[TmPfw] F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
[tmproxy] F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
[TrkWks] %SystemRoot%\system32\svchost.exe -k netsvcs
[UMWdf] F:\WINDOWS\system32\wdfmgr.exe
[upnphost] %SystemRoot%\System32\svchost.exe -k LocalService
[UPS] %SystemRoot%\System32\ups.exe
[VSS] %SystemRoot%\System32\vssvc.exe
[W32Time] %SystemRoot%\System32\svchost.exe -k netsvcs
[WANMiniportService] "F:\WINDOWS\wanmpsvc.exe"
[WebClient] %SystemRoot%\System32\svchost.exe -k LocalService
[winmgmt] %systemroot%\system32\svchost.exe -k netsvcs
[WmcCds] f:\program files\windows media connect\mswmccds.exe
[WmcCdsLs] F:\Program Files\Windows Media Connect\mswmcls.exe
[WmdmPmSN] %SystemRoot%\System32\svchost.exe -k netsvcs
[WmiApSrv] F:\WINDOWS\System32\wbem\wmiapsrv.exe
[wscsvc] %SystemRoot%\System32\svchost.exe -k netsvcs
[wuauserv] %systemroot%\system32\svchost.exe -k netsvcs
[WZCSVC] %SystemRoot%\System32\svchost.exe -k netsvcs
[xmlprov] %SystemRoot%\System32\svchost.exe -k netsvcs


 **** Custom IE Search Items ****

SEARCH: [CustomizeSearch] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
SEARCH: [CustomSearch] http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr7/*http://www.yahoo.com/ext/search/search.html
SEARCH: [SearchAssistant] http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


 **** Complete IE Options ****

IEOPT: [NoUpdateCheck]  
IEOPT: [NoJITSetup]  
IEOPT: [Disable Script Debugger] yes
IEOPT: [ShowedCheckBrowser] Yes
IEOPT: [Check_Associations] No
IEOPT: [FullScreen] no
IEOPT: [Window_Placement] ,
IEOPT: [Default_Page_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
IEOPT: [Enable_Disk_Cache] yes
IEOPT: [Cache_Percent_of_Disk]  
IEOPT: [Delete_Temp_Files_On_Exit] yes
IEOPT: [Anchor_Visitation_Horizon]  
IEOPT: [Use_Async_DNS] yes
IEOPT: [Placeholder_Width]  
IEOPT: [Placeholder_Height]  
IEOPT: [Start Page] http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IEOPT: [CompanyName] Microsoft Corporation
IEOPT: [Custom_Key] MICROSO
IEOPT: [Wizard_Version] 6.0.2600.0000
IEOPT: [FullScreen] no
IEOPT: [Check_Associations] yes
IEOPT: [Default_Search_URL] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Search Page] http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IEOPT: [Use_DlgBox_Colors] yes
IEOPT: [Local Page] F:\WINDOWS\SYSTEM32\blank.htm

AboutBuster 5.1, reference file 33
Scan started on [11/11/2005] at [9:32:57 PM]
------------------------------------------------
No Ads Found!
------------------------------------------------
Removed File! : F:\WINDOWS\ttyts.dat
Removed File! : F:\WINDOWS\system32\dhytz.dat
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 9:33:57 PM


AboutBuster 5.1, reference file 33
Scan started on [11/11/2005] at [10:19:09 PM]
------------------------------------------------
No Ads Found!
------------------------------------------------
No Files Found!
------------------------------------------------
Scan was COMPLETED SUCCESSFULLY at 10:19:58 PM


---------------------------------------------------------
 ewido security suite - Scan report
---------------------------------------------------------

 + Created on:         12:55:29 AM, 11/12/2005
 + Report-Checksum:      63A56776

 + Scan result:

   HKLM\SOFTWARE\Classes\CLSID\{1D3E7FA6-E393-C514-F461-E0B59435D825} -> Spyware.CoolWebSearch : Cleaned without backup
   HKLM\SOFTWARE\Classes\CLSID\{551764CC-ABCF-335C-76F6-62283B478A0F} -> Spyware.CoolWebSearch : Cleaned without backup
   HKLM\SOFTWARE\Classes\CLSID\{99B1E639-DCA2-2C21-013F-DEF4B5729CA9} -> Spyware.CoolWebSearch : Cleaned without backup
   HKLM\SOFTWARE\Classes\CLSID\{FA6A8ADC-5ACF-A739-A8BF-5E4D7B5991C1} -> Spyware.CoolWebSearch : Cleaned without backup
   F:\WINDOWS\addxj32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\apphr32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\appux.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\atllo32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\craa.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\crwj.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\d3sp.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\iegm32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\iely.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\ipfj.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\iplg32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\javaio32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\javaza32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\mfcag.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\mfcdt.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\mfcqm.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\mfctv.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\netlh.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\nettv.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\sdkkf.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\addxu32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\apiho32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\apius32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\appva32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\atlct.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\atlfa.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\atlor32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\ipbd32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\javare32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\msrp32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\ntty.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\sdkof32.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\winmo.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\system32\winzd.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\winnr.exe -> Trojan.Agent.bi : Cleaned without backup
   F:\WINDOWS\winpq32.exe -> Trojan.Agent.bi : Cleaned without backup
   G:\1dee saved\full songs\Cdee\WildTangent\LFS\Wildtangent\Cdacache\00\00\0C.dat/files\wtvh.dll -> Spyware.WildTangent : Cleaned without backup

Incident                      Status                        Location                                                                                                                                                                                                                                                        

Adware:adware/masterbar       No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.ags             No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{018B7EC3-EECA-11D3-8E71-0000E82C6C0D}                                                                                                                                            
Adware:adware/ipbill          No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.adn             No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{5F426A93-0821-47D2-A126-5A48A874B289}                                                                                                                                            
Adware:adware/delta           No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.yz              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{02C20140-76F8-4763-83D5-B660107B7A90}                                                                                                                                            
Dialer:dialer.yy              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{23273a1c-c870-43c4-a3e3-67dc98630ac6}                                                                                                                                            
Dialer:dialer.yx              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{6ed16eff-3b18-11d6-9139-00e02964e8e3}                                                                                                                                            
Dialer:dialer.yc              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{e8edb60c-951e-4130-93dc-faf1ad25f8e7}                                                                                                                                            
Adware:adware/powerstrip      No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.xs              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{ceb29da4-7afa-4f24-b3cd-17351d590df0}                                                                                                                                            
Spyware:spyware/whazit        No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.py              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{8522F9B3-38C5-4AA4-AE40-7401F1BBC851}                                                                                                                                            
Adware:adware/ieplugin        No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.b               No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{2c1651ef-8827-11d6-91a2-00e02964e8e3}                                                                                                                                            
Virus:Eicar.Mod               No disinfected                F:\Program Files\FSI\F-Prot\fpav-help.chm[prob-scan-ok.html]                                                                                                                                                                                                    
Virus:Eicar.Mod               No disinfected                F:\Program Files\InstallShield Installation Information\{9FD12630-1991-46F5-8479-92DE1EAE87DA}\data1.cab[fpav-help.chm][prob-scan-ok.html]                                                                                                                      


::Report End

 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\All Users\Application Data

10/27/2005  12:07 PM    <DIR>          Adobe
09/21/2005  04:58 PM    <DIR>          AOL
08/12/2005  04:38 PM    <DIR>          Apple Computer
06/18/2005  07:02 PM    <DIR>          InstallShield
10/28/2005  05:49 PM    <DIR>          Macromedia
10/29/2005  11:19 AM    <DIR>          Macrovision
11/06/2005  12:58 AM    <DIR>          McAfee.com
08/30/2005  02:45 AM    <DIR>          MSN6
07/24/2005  08:57 PM    <DIR>          Pure Networks
06/18/2005  03:03 AM    <DIR>          QuickTime
11/09/2005  01:34 AM    <DIR>          Spybot - Search & Destroy
07/24/2005  08:26 PM    <DIR>          Symantec
06/18/2005  03:03 AM    <DIR>          Viewpoint
08/01/2005  05:30 AM    <DIR>          Windows Genuine Advantage
               0 File(s)              0 bytes
              14 Dir(s)  172,962,824,192 bytes free
 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\Dee\Application Data

09/30/2005  10:24 PM    <DIR>          Adobe
10/27/2005  12:19 PM    <DIR>          AdobeUM
08/02/2005  02:12 PM    <DIR>          Alien Skin
09/13/2005  06:38 PM    <DIR>          AOL
08/12/2005  04:42 PM    <DIR>          Apple Computer
09/12/2005  11:37 AM    <DIR>          Corel
08/28/2005  12:50 PM    <DIR>          GlobalSCAPE
07/12/2005  04:05 PM    <DIR>          Help
08/30/2005  12:00 AM    <DIR>          Identities
11/04/2005  06:45 PM         2,217,897 Install.dat
06/18/2005  07:45 PM    <DIR>          Jasc
06/18/2005  07:02 PM    <DIR>          Jasc Software Inc
06/19/2005  01:18 AM    <DIR>          Lavasoft
10/30/2005  08:46 PM    <DIR>          Learn2.com
10/29/2005  11:19 AM    <DIR>          Macromedia
06/20/2005  09:18 PM    <DIR>          McAfee.com Personal Firewall
08/30/2005  02:45 AM    <DIR>          MSN6
07/08/2005  02:13 AM    <DIR>          Real
09/17/2005  11:13 PM    <DIR>          Softland
07/03/2005  11:57 PM    <DIR>          Sun
08/01/2005  04:48 AM    <DIR>          TuneUp Software
07/24/2005  08:59 PM    <DIR>          You've Got Pictures Screensaver
               1 File(s)      2,217,897 bytes
              21 Dir(s)  172,962,824,192 bytes free
 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\Default User\Application Data

06/17/2005  10:37 PM    <DIR>          .
06/17/2005  10:37 PM    <DIR>          ..
06/17/2005  10:37 PM                62 desktop.ini
               1 File(s)             62 bytes
               2 Dir(s)  172,962,824,192 bytes free
 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\LocalService\Application Data

 Volume in drive F is Big One
 Volume Serial Number is B479-CDDC

 Directory of F:\Documents and Settings\NetworkService\Application Data

[TRACE] Enumerating jobs and queues
[TRACE] Activating job '1-Click Maintenance.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe'
  Parameters:         '/schedulestart'
  WorkingDirectory:   ''
  Comment:            'Starts 1-Click Maintenance at scheduled times'
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/04/2005 17:15:00
  NextRun:            11/18/2005 17:15:00
  StartError:         0x80070002
  ExitCode:           0x40010004
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Weekly
    WeeksInterval:   1
    DaysOfTheWeek:   .....F.
    StartDate:       08/07/2001
    EndDate:         08/07/2005
    StartTime:       17:15
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'McAfee.com Update Check (MARCV-Dee).job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\PROGRA~1\mcafee.com\agent\mcupdate.exe'
  Parameters:         '/Schedule'
  WorkingDirectory:   'F:\PROGRA~1\mcafee.com\agent'
  Comment:            'McAfee SecurityCenter periodically checks for updates for your McAfee Security Services.'
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      00/00/0000  0:00:00
  NextRun:            11/12/2005  5:10:00
  StartError:         SCHED_S_TASK_HAS_NOT_RUN
  ExitCode:           0
  Status:             SCHED_S_TASK_HAS_NOT_RUN
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0

    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       11/12/2005
    EndDate:         00/00/0000
    StartTime:       05:10
    MinutesDuration: 1440
    MinutesInterval: 5
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'PcbugDoctorDee.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\Program Files\PcBugDoctor\PcBugDoctor.exe'
  Parameters:         'scan'
  WorkingDirectory:   'F:\Program Files\PcBugDoctor'
  Comment:            ''
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/10/2005 23:31:00
  NextRun:            11/12/2005 23:31:00
  StartError:         S_OK
  ExitCode:           0
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 1
    KillIfGoingOnBatteries  = 1
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       07/16/2005
    EndDate:         00/00/0000
    StartTime:       23:31
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job 'Spybot - Search & Destroy -  Scheduled Task.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\Program Files\Spybot - Search & Destroy\SpybotSD.exe'
  Parameters:         '/AUTOCHECK /AUTOFIX /AUTOCLOSE'
  WorkingDirectory:   ''
  Comment:            ''
  Creator:            'Dee'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      00/00/0000  0:00:00
  NextRun:            00/00/0000  0:00:00
  StartError:         SCHED_E_ACCOUNT_INFORMATION_NOT_SET
  ExitCode:           0
  Status:             SCHED_S_TASK_HAS_NOT_RUN
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 0
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Once
    StartDate:       09/06/2005
    EndDate:         00/00/0000
    StartTime:       15:00
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0


[TRACE] Activating job '{04F2A13A-EB4B-4AC2-80D7-15C3B936003F}_MARCV_Dee.job'
[TRACE] Printing all job properties

  ApplicationName:    'F:\WINDOWS\system32\mobsync.exe'
  Parameters:         ' /Schedule="{04F2A13A-EB4B-4AC2-80D7-15C3B936003F}_MARCV_Dee"'
  WorkingDirectory:   ''
  Comment:            ''
  Creator:            'SyncMgrInternalCreatorName'
  Priority:           NORMAL
  MaxRunTime:         259200000 (3d  0:00:00)
  IdleWait:           10
  IdleDeadline:       60
  MostRecentRun:      11/11/2005 15:26:00
  NextRun:            11/12/2005 15:26:00
  StartError:         S_OK
  ExitCode:           0
  Status:             SCHED_S_TASK_READY
  ScheduledWorkItem Flags:
    DeleteWhenDone          = 0
    Suspend                 = 0
    StartOnlyIfIdle         = 0
    KillOnIdleEnd           = 0
    RestartOnIdleResume     = 0
    DontStartIfOnBatteries  = 0
    KillIfGoingOnBatteries  = 0
    RunOnlyIfLoggedOn       = 1
    SystemRequired          = 0
    Hidden                  = 0
  TaskFlags:          0

  1 Trigger

  Trigger 0:
    Type:            Daily
    DaysInterval:    1
    StartDate:       07/10/2005
    EndDate:         00/00/0000
    StartTime:       15:26
    MinutesDuration: 0
    MinutesInterval: 0
    Flags:
      HasEndDate      = 0
      KillAtDuration  = 0
      Disabled        = 0

Logfile of HijackThis v1.99.1
Scan saved at 7:49:31 PM, on 11/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\SCardSvr.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
F:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
F:\WINDOWS\system32\pctspk.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
F:\WINDOWS\wanmpsvc.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
F:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
F:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
F:\PROGRA~1\mcafee.com\agent\mcagent.exe
F:\Program Files\QuickTime\qttask.exe
F:\Program Files\MemTurbo\MemTurbo.exe
F:\WINDOWS\System32\svchost.exe
F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
F:\WINDOWS\system32\NOTEPAD.EXE
F:\Program Files\HijackThis\HijackThis.exe
F:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.insightbb.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\fgiebar.dll
O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - F:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL
O4 - HKLM\..\Run: [MCUpdateExe] F:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] f:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Startup: AntiCrash.lnk.disabled
O4 - Startup: MemTurbo.lnk = F:\Program Files\MemTurbo\MemTurbo.exe
O4 - Startup: MemTurbo.lnk.disabled
O4 - Startup: ProtectX Hacker Defence Suite.lnk.disabled
O4 - Startup: Trend Micro Anti-Spyware.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: Trend Micro Anti-Spyware.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &AOL Toolbar search - res://F:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Download All by FlashGet - F:\PROGRA~1\FLASGE~1.71\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - F:\PROGRA~1\FLASGE~1.71\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - F:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - F:\PROGRA~1\FLASGE~1.71\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing
O15 - Trusted Zone: *.AOLacsd.exe
O15 - Trusted Zone: *.AOLDial.exe
O15 - Trusted Zone: *.aoltpspd.exe
O15 - Trusted Zone: http://www.blogger.com
O15 - Trusted Zone: http://*.freeweb
O15 - Trusted Zone: http://members2.freewebs.com
O15 - Trusted Zone: *.i) waol.exe
O15 - Trusted Zone: http://www.insightbb.com
O15 - Trusted Zone: http://www.lavasoft.de
O15 - Trusted Zone: http://*.update.microsoft.com
O15 - Trusted Zone: http://*.windowsupdate.microsoft.com
O15 - Trusted Zone: *.waol.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1120761067281
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - F:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - F:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - F:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - F:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - F:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - F:\WINDOWS\system32\pctspk.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - F:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe (file missing)
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - F:\WINDOWS\wanmpsvc.exe


« Last Edit: November 12, 2005, 01:55:22 PM by sUBs » Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #9 on: November 12, 2005, 02:06:14 PM »

Download this attached file - regdel.zip

From within it, double click on regdel.reg & allow it to merge with the Registry

Reboot your computer & let me know if you still have any other issues with it.
Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #10 on: November 12, 2005, 08:01:13 PM »

Well I also reran Pamda and it is still showing 2 viruses.
and I am still seeing some things as grayed out although
AOL and my screen saver are in full color so I know that it cannot be my monitor.


Image Insert:
153.71 KB
Right click and select Save Target As... then rename the file as shown here and save.

Incident                      Status                        Location                                                                                                                                                                                                                                                        

Adware:adware/masterbar       No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.ags             No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{018B7EC3-EECA-11D3-8E71-0000E82C6C0D}                                                                                                                                            
Adware:adware/ipbill          No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.adn             No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{5F426A93-0821-47D2-A126-5A48A874B289}                                                                                                                                            
Adware:adware/delta           No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.yz              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{02C20140-76F8-4763-83D5-B660107B7A90}                                                                                                                                            
Dialer:dialer.yy              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{23273a1c-c870-43c4-a3e3-67dc98630ac6}                                                                                                                                            
Dialer:dialer.yx              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{6ed16eff-3b18-11d6-9139-00e02964e8e3}                                                                                                                                            
Dialer:dialer.yc              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{e8edb60c-951e-4130-93dc-faf1ad25f8e7}                                                                                                                                            
Adware:adware/powerstrip      No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.xs              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{ceb29da4-7afa-4f24-b3cd-17351d590df0}                                                                                                                                            
Spyware:spyware/whazit        No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.py              No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{8522F9B3-38C5-4AA4-AE40-7401F1BBC851}                                                                                                                                            
Adware:adware/ieplugin        No disinfected                Windows Registry                                                                                                                                                                                                                                                
Dialer:dialer.b               No disinfected                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX Compatibility\{2c1651ef-8827-11d6-91a2-00e02964e8e3}                                                                                                                                            
Virus:Eicar.Mod               No disinfected                F:\Program Files\FSI\F-Prot\fpav-help.chm[prob-scan-ok.html]                                                                                                                                                                                                    
Virus:Eicar.Mod               No disinfected                F:\Program Files\InstallShield Installation Information\{9FD12630-1991-46F5-8479-92DE1EAE87DA}\data1.cab[fpav-help.chm][prob-scan-ok.html]                                                                                                                      


« Last Edit: November 12, 2005, 08:11:12 PM by sUBs » Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #11 on: November 12, 2005, 08:20:42 PM »

If you're refering to the entries identified as Virus:Eicar.Mod, you have nothing to worry about. It's a test file used b AntiVirus programs to simulate virus activity. You can read up about it here

As to your 'gray' disposition, that is probably caused by your not following instructions when you ran CleanUp. You were not supposed to 'Scan local drives for temporary files'. That caused the default themes file to be deleted.

Download the Luna theme from either of these sites:

http://users.pandora.be/bluepatchy/luna.zip
http://castlecops.com/zx/flrman1/luna.zip
http://www.greyknight17.com/spy/luna.zip
http://www.kellys-korner-xp.com/reg...s/Resources.zip


Unzip it and MOVE the luna.msstyles which is present in that folder you unzipped to next folder: C:\WINDOWS\Resources\Themes\Luna
Don't move it to anywhere else other than that folder!

When moved it there, rightclick on your desktop > properties ... and look if Windows XP style is now present again. Choose apply and OK.

Reboot the PC

You should now be able to choose XP Theme for your desktop. Let me know the outcome.

Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #12 on: November 12, 2005, 08:24:06 PM »

so the only difference is the grey color? If so I do not really care about that
Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


sUBs
Global Moderator
Hero Member
*****

Karma: +0/-0
Offline Offline

Posts: 278


Bookmark and Share

View Profile
« Reply #13 on: November 12, 2005, 08:31:01 PM »

quote:
so the only difference is the grey color? If so I do not really care about that
If that's the case, we're done.

Your system is clean
Logged

 
ezfli
Jr. Member
**

Karma: +0/-0
Offline Offline

Gender: Female
Posts: 13


Bookmark and Share

View Profile
« Reply #14 on: November 12, 2005, 10:04:19 PM »

Thank you I wish I had done this before I reformated all those other times!
« Last Edit: November 12, 2005, 10:05:22 PM by ezfli » Logged


 want Tags,Games,.Links,Audio jokes an stories?

: and anything else I can think of.

: visit my Web pages http//www.eztagsntales.com


Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page August 06, 2017, 01:33:38 PM