My HijackThis log Advice and Guidance needed!

  1. 15-12-2004  #1
    fatsycline
    fatsycline is offline Newbie

    Exclamation My HijackThis log Advice and Guidance needed!

    Please advise on the steps to take to remove these annoying popups... here is my HijackThis log. Thank you in advance!

    PS. Both AdAware and SkyBot S&D have been run prior to updating this log. I downloaded the CWShredder but did not want to run it until told to do so per your posting instructions.

    Logfile of HijackThis v1.98.2
    Scan saved at 9:22:30 AM, on 12/15/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTSMON.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTPSPD.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLDIAL.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\SYSTEM\LVCOMS.EXE
    C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE
    C:\PROGRAM FILES\TROJANHUNTER 4.0\THGUARD.EXE
    C:\WINDOWS\TOOMO.EXE
    C:\PROGRAM FILES\SED\SED.EXE
    C:\PROGRAM FILES\WEBROOT\WASHER\WWDISP.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\1100784441\EE\AOLHOSTMANAGER.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\1100784441\EE\AOLSERVICEHOST.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 69.20.16.183 auto.search.msn.com
    O1 - Hosts: 69.20.16.183 search.netscape.com
    O1 - Hosts: 69.20.16.183 ieautosearch
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_12_0. DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\GRISOFT\AVG6\avgcc32.exe /STARTUP
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe
    O4 - HKLM\..\Run: [DeskMateAutoUpdate] C:\PROGRAM FILES\DESKMATES\DeskMateAutoUpdate.exe
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784441\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngi neMain
    O4 - HKLM\..\Run: [THGuard] "C:\PROGRAM FILES\TROJANHUNTER 4.0\THGUARD.EXE"
    O4 - HKLM\..\Run: [C:\WINDOWS\toomo.exe] C:\WINDOWS\toomo.exe
    O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBOUNCER\VirtualBouncer.exe
    O4 - HKLM\..\Run: [SESync] "C:\PROGRAM FILES\SED\SED.EXE"
    O4 - HKLM\..\Run: [Uninstall_WinTools] C:\WINDOWS\TEMP\WTUNINST.EXE /remove
    O4 - HKLM\..\Run: [Uninstall_TBPS] C:\WINDOWS\TEMP\TBUNINST.EXE /remove
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
    O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"
    O4 - HKLM\..\RunServices: [AOL TopSpeedMonitor] C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
    O4 - Startup: LimeWire 4.0.8.lnk = C:\Program Files\LimeWire\LimeWire 4.0.8\LimeWire.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
    O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
    O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
    O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
    O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-6.0.1.28/...-ob-assets.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/075b32cc...p/RdxIE601.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156/scanner/axscanner.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolweb07.pogo.com/game/deluxe...ploader_v6.cab
    O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/1...L/PhPSetup.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab27513.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0....-ob-assets.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6....-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.0.2.2...-ob-assets.cab
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    Last edited by fatsycline; 15-12-2004 at 03:25 PM. Reason: Had to Reboot my PC... Updating logs

  3. 15-12-2004  #2
    fatsycline
    fatsycline is offline Newbie
    Part 2... Thought this might help. Thanks again.

    * DLLCompare Log version()
    Files Found that Windows does not See or cannot Access
    *Not everything listed here means you are infected!
    ________________________________________________

    C:\WINDOWS\SYSTEM\mjpwl32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\ugdm32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\xtilexr.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\wlicore.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\mdlocusr.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\iovideo.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\mwprint.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\socur32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\jodw400.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\dtmsshrn.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\auusvr.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\izstsch.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\puc3250.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\shlsrv32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\spmedia.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\mpimrt32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    ________________________________________________

    949 items found: 949 files (16 H/S), 0 directories.
    Total of file sizes: 210,432,970 bytes 200.68 M

    --------------------End log---------------------
    Last edited by fatsycline; 15-12-2004 at 03:31 PM. Reason: Had to Reboot... log update
  4. 15-12-2004  #3
    owen
    owen is offline D-A-L Team Member (UK)
    Download the Pocket Killbox from here.

    Unzip it and run the program.

    Put a check in the Delete on Reboot box.

    Enter each of these lines into the white box one by one and then press the red X button. If firsts asks to confirm the deletion after each entry is added and the red X is pressed, you need to click yes, but it also asks if you want to Reboot. Click No each time until the last entries been entered.

    C:\WINDOWS\SYSTEM\mjpwl32.dll
    C:\WINDOWS\SYSTEM\ugdm32.dll
    C:\WINDOWS\SYSTEM\xtilexr.dll
    C:\WINDOWS\SYSTEM\wlicore.dll
    C:\WINDOWS\SYSTEM\mdlocusr.dll
    C:\WINDOWS\SYSTEM\iovideo.dll
    C:\WINDOWS\SYSTEM\mwprint.dll
    C:\WINDOWS\SYSTEM\socur32.dll
    C:\WINDOWS\SYSTEM\jodw400.dll
    C:\WINDOWS\SYSTEM\dtmsshrn.dll
    C:\WINDOWS\SYSTEM\auusvr.dll
    C:\WINDOWS\SYSTEM\izstsch.dll
    C:\WINDOWS\SYSTEM\puc3250.dll
    C:\WINDOWS\SYSTEM\shlsrv32.dll
    C:\WINDOWS\SYSTEM\spmedia.dll
    C:\WINDOWS\SYSTEM\mpimrt32.dll

    When KillBox has rebooted your system, post a fresh log here.
  5. 16-12-2004  #4
    fatsycline
    fatsycline is offline Newbie
    Updated Logs to follow....

    I really appreciate your help!!

    Logfile of HijackThis v1.98.2
    Scan saved at 8:45:11 AM, on 12/16/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTSMON.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTPSPD.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLDIAL.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\SYSTEM\LVCOMS.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE
    C:\PROGRAM FILES\TROJANHUNTER 4.0\THGUARD.EXE
    C:\WINDOWS\TOOMO.EXE
    C:\PROGRAM FILES\SED\SED.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\WINDOWS\SYSTEM\KALVFME32.EXE
    C:\PROGRAM FILES\WEBROOT\WASHER\WWDISP.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\1100784441\EE\AOLHOSTMANAGER.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\1100784441\EE\AOLSERVICEHOST.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 69.20.16.183 search.netscape.com
    O1 - Hosts: 69.20.16.183 auto.search.msn.com
    O1 - Hosts: 69.20.16.183 ieautosearch
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe
    O4 - HKLM\..\Run: [DeskMateAutoUpdate] C:\PROGRAM FILES\DESKMATES\DeskMateAutoUpdate.exe
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784441\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngi neMain
    O4 - HKLM\..\Run: [THGuard] "C:\PROGRAM FILES\TROJANHUNTER 4.0\THGUARD.EXE"
    O4 - HKLM\..\Run: [C:\WINDOWS\toomo.exe] C:\WINDOWS\toomo.exe
    O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBOUNCER\VirtualBouncer.exe
    O4 - HKLM\..\Run: [SESync] "C:\PROGRAM FILES\SED\SED.EXE"
    O4 - HKLM\..\Run: [Uninstall_WinTools] C:\WINDOWS\TEMP\WTUNINST.EXE /remove
    O4 - HKLM\..\Run: [Uninstall_TBPS] C:\WINDOWS\TEMP\TBUNINST.EXE /remove
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\Run: [kalvsys] C:\WINDOWS\SYSTEM\KALVFME32.EXE
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"
    O4 - HKLM\..\RunServices: [AOL TopSpeedMonitor] C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
    O4 - Startup: LimeWire 4.0.8.lnk = C:\Program Files\LimeWire\LimeWire 4.0.8\LimeWire.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
    O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
    O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
    O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
    O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-6.0.1.28/...-ob-assets.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/075b32cc...p/RdxIE601.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156/scanner/axscanner.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolweb07.pogo.com/game/deluxe...ploader_v6.cab
    O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/1...L/PhPSetup.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab27513.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0....-ob-assets.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6....-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.0.2.2...-ob-assets.cab
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    Last edited by fatsycline; 16-12-2004 at 02:49 PM. Reason: PC freezes with all this junk on it for a long time... had to reboot... redid the steps... fresh log
  6. 16-12-2004  #5
    fatsycline
    fatsycline is offline Newbie
    Part 2... Thanks again!

    * DLLCompare Log version()
    Files Found that Windows does not See or cannot Access
    *Not everything listed here means you are infected!
    ________________________________________________

    C:\WINDOWS\SYSTEM\mjpwl32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    ________________________________________________

    948 items found: 948 files (1 H/S), 0 directories.
    Total of file sizes: 210,376,080 bytes 200.63 M

    --------------------End log---------------------
  7. 16-12-2004  #6
    owen
    owen is offline D-A-L Team Member (UK)
    Download the Pocket Killbox from here.

    Unzip it and run the program.

    Put a check in the Delete on Reboot box.

    Enter each of these lines into the white box one by one and then press the red X button. If firsts asks to confirm the deletion after each entry is added and the red X is pressed, you need to click yes, but it also asks if you want to Reboot. Click No each time until the last entries been entered.

    C:\WINDOWS\SYSTEM\mjpwl32.dll

    When KillBox has rebooted your system, post a fresh Hijack This log and DLLCompare log here.
  8. 16-12-2004  #7
    fatsycline
    fatsycline is offline Newbie
    Keep trying to delete this one and it keeps coming back after reboot. For the record, perhaps I am doing something incorrectly, but KillBox does not offer to reboot my system, I just reboot manually after entering all information and checking delete upon reboot. I hope I am doing everything correctly. This is driving me up a wall! Thanks again...


    * DLLCompare Log version(1.0.0.125)
    Files Found that Windows does not See or cannot Access
    *Not everything listed here means you are infected!
    ________________________________________________

    C:\WINDOWS\SYSTEM\mjpwl32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    ________________________________________________

    947 items found: 947 files (1 H/S), 0 directories.
    Total of file sizes: 210,281,872 bytes 200.54 M

    --------------------End log---------------------
  9. 16-12-2004  #8
    fatsycline
    fatsycline is offline Newbie
    Logfile of HijackThis v1.98.2
    Scan saved at 4:20:34 PM, on 12/16/04
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTSMON.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\TOPSPEED\2.0\AOLTPSPD.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLDIAL.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\AOL SPYWARE PROTECTION\AOLSP SCHEDULER.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\WINDOWS\SYSTEM\LVCOMS.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\SUPPORT.COM\BIN\TGCMD.EXE
    C:\PROGRAM FILES\TROJANHUNTER 4.0\THGUARD.EXE
    C:\WINDOWS\TOOMO.EXE
    C:\PROGRAM FILES\SED\SED.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
    C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
    C:\WINDOWS\SYSTEM\KALVFME32.EXE
    C:\PROGRAM FILES\WEBROOT\WASHER\WWDISP.EXE
    C:\PROGRAM FILES\AMERICA ONLINE 9.0\WAOL.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\1100784441\EE\AOLHOSTMANAGER.EXE
    C:\PROGRAM FILES\COMMON FILES\AOL\1100784441\EE\AOLSERVICEHOST.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\PROGRAM FILES\AMERICA ONLINE 9.0\SHELLMON.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\DESKMATES\UPDATE.EXE
    C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 69.20.16.183 search.netscape.com
    O1 - Hosts: 69.20.16.183 auto.search.msn.com
    O1 - Hosts: 69.20.16.183 ieautosearch
    O1 - Hosts: 69.20.16.183 ieautosearch
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
    O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe
    O4 - HKLM\..\Run: [DeskMateAutoUpdate] C:\PROGRAM FILES\DESKMATES\DeskMateAutoUpdate.exe
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\support.com\bin\tgcmd.exe" /server
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1100784441\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe C:\PROGRA~1\WILDTA~1\APPS\CDA\CDAENG~1.DLL,cdaEngi neMain
    O4 - HKLM\..\Run: [THGuard] "C:\PROGRAM FILES\TROJANHUNTER 4.0\THGUARD.EXE"
    O4 - HKLM\..\Run: [C:\WINDOWS\toomo.exe] C:\WINDOWS\toomo.exe
    O4 - HKLM\..\Run: [VBouncer] C:\PROGRA~1\VBOUNCER\VirtualBouncer.exe
    O4 - HKLM\..\Run: [SESync] "C:\PROGRAM FILES\SED\SED.EXE"
    O4 - HKLM\..\Run: [Uninstall_WinTools] C:\WINDOWS\TEMP\WTUNINST.EXE /remove
    O4 - HKLM\..\Run: [Uninstall_TBPS] C:\WINDOWS\TEMP\TBUNINST.EXE /remove
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
    O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
    O4 - HKLM\..\Run: [kalvsys] C:\WINDOWS\SYSTEM\KALVFME32.EXE
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [AolAcsDaemon1] "C:\PROGRAM FILES\COMMON FILES\AOL\ACS\AOLACSD.EXE"
    O4 - HKLM\..\RunServices: [AOL TopSpeedMonitor] C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\PROGRAM FILES\AMERICA ONLINE 9.0\AOL.EXE" -b
    O4 - Startup: LimeWire 4.0.8.lnk = C:\Program Files\LimeWire\LimeWire 4.0.8\LimeWire.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRAM FILES\AIM\AIM.EXE
    O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
    O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
    O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
    O16 - DPF: Jungle Gin by pogo - http://gin.pogo.com/applet-6.0.1.28/...-ob-assets.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/075b32cc...p/RdxIE601.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://69.44.122.156/scanner/axscanner.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolweb07.pogo.com/game/deluxe...ploader_v6.cab
    O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker.com/send/file/1...L/PhPSetup.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab27513.cab
    O16 - DPF: WordJong by pogo - http://wordjong.pogo.com/applet-6.0....-ob-assets.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://waterwheel.pogo.com/applet-6....-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game4.pogo.com/applet-6.0.2.2...-ob-assets.cab
    O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = aoldsl.net
  10. 16-12-2004  #9
    owen
    owen is offline D-A-L Team Member (UK)
    Lets try a different method. Open Hijack This. Click Config. Click Misc Tools.

    Click Delete a file on Reboot. In the file name box type C:\WINDOWS\SYSTEM\mjpwl32.dll.

    Then hit Open. You will get a message about needing to reboot. Click Yes.

    When Hijack This has rebooted your PC, post a new DLLCompare and Hijack This Log.
  11. 16-12-2004  #10
    fatsycline
    fatsycline is offline Newbie
    Save 20% on AVG Internet Security 2012 Suite!
    * DLLCompare Log version(1.0.0.125)
    Files Found that Windows does not See or cannot Access
    *Not everything listed here means you are infected!
    ________________________________________________

    C:\WINDOWS\SYSTEM\mjpwl32.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    C:\WINDOWS\SYSTEM\wrasf.dll Fri Dec 10 2004 10:45:24p ..S.R 217,088 212.00 K
    ________________________________________________

    948 items found: 948 files (2 H/S), 0 directories.
    Total of file sizes: 210,498,960 bytes 200.75 M

    --------------------End log---------------------
+ Reply to Thread
Page 1 of 2 1 2 LastLast
« Annoying little box. | help needed with hijack this log! »