1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Will you tell me what to fix?

Discussion in 'Virus & Other Malware Removal' started by skydixon, Apr 4, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hi Tony,

    I had somehow acquired the Lop.com parasite... :rolleyes:
    passthrough/popupbaropener. In my search to find
    something to clean it out, I found a post by Dance mom
    and followed your directions to her about getting the
    Hijack program. Below is my log...would you please
    tell me what I need to clean out and what I don't. While
    I tend to be fairly PC literate...I'm new at this one and
    don't have time for mistakes.

    Thanks.
    Have fun. :D
    Sky


    Logfile of HijackThis v1.97.7
    Scan saved at 11:12:50 PM, on 4/4/2004
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\PROGRAM FILES\FLAP TWO\BIB DOES FLAW.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://amazingautossearch.com/searchbar.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://amazingautossearch.com/searchbar.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://amazingautossearch.com/passthrough/index.html?http://www.google.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://amazingautossearch.com/searchbar.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://amazingautossearch.com/searchbar.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://amazingautossearch.com/searchbar.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://amazingautossearch.com/searchbar.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSCSHELLEXTENSION.DLL
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [VirusScanMSC] "C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE" /EMBEDDING
    O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe
    O4 - HKLM\..\Run: [Link Ball] C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe
    O4 - HKLM\..\Run: [PopUpInspector] C:\PROGRAM FILES\GIANT COMPANY SOFTWARE INC\POPUP INSPECTOR\POPUPINSPECTOR.exe
    O8 - Extra context menu item: Coupons - file://C:\Program Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm
    O9 - Extra button: AIM (HKLM)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
     
  2. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    1. Download Ad-Aware 6.181 from http://www.lavasoftusa.com/
    2. Install the program, open it check to make sure you have the latest reference file by clicking on webupdate. Make sure that your reference file reads 01R279 31.03.2004 (or higher number/date). If it does not, then click here and install the file manually.
    3. Make sure the following settings are turned to ON
      -From the main window click on Start then Activate in-depth scan.
      -Click on Use custom scanning options>Customize and make sure the following options are turned on:
      Scan within archives
      Scan active processes
      Scan registry
      Scan my IE Favorites for banned URL
      Scan my host-files
    4. Click on Settings and make sure the following are enabled:
      Unload recognized processes during scanning
    5. Click on Cleaning engine and make sure that Let windows remove files in use at next reboot is on.
    6. Finally Click Proceed to save your settings.
    7. Click on Scan Now from the main window and select Use Custom Scanning options and click scan.
    8. When scan completes, remove all items, then run another scan but this time select the Perform Smart-System Scan option and then also remove all items it finds.

    then
    1. Download Spyboy S&D from this page
    2. Open and install the program then click here and follow the instructions for updating the program. Download all available updates.
    3. Run a scan by clicking on Spybot S&D and then clicking Search & Destroy and then Check for problems
    4. When scan completes, remove all items in red by making sure that they are checked and then click Fix selected problems

    Follow up with another log.
     
  3. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hi Nok1,

    I scanned with both of these prior to writing to you. All the settings were as you indicated...but I ran the scan again...you will see the logs below. I got this passthrough popup bar when my son went on line to find MP3's. Anyway, I've had and used spyblaster, spybot and ad-aware 6 regularly...as well as McAfee Anti-virus and McAfee Stinger. I keep everything updated weekly...so all I had to do was run all the scans again.
    Ad-aware found 16 objects when I ran it in the customized mode, and nothing in the Smart system mode...see below. Spybot found nothing either...nor did stinger. You may also like to know that before I wrote you initially, I had gone into regedit and searched for the things with the popup bar path names in them and cleaned them out by hand.
    Not to worry...if I don't know what something is, I leave it alone. I'm also fairly
    familiar with DOS and going into the setup program from a boot up, and I've also used a start-up disk to get into my restore files to clean viruses out by hand...so if you end up needing me to do any of that, I'm familiar enough to be talked through the steps.

    My machine usually runs quite well until one of these annoying little anomalies "pops up". Then I get to enjoy another new learning curve by asking the experts, such as
    yourself for help. You're skills are appreciated by this "learned it by doing it" amateur.

    Anyway...here's the first Ad-aware log after using the custom scan...


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Monday, April 05, 2004 2:22:17 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R279 31.03.2004
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file


    4-5-2004 2:22:17 PM - Scan started. (Custom mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [kernel32.dll]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4287586005
    Threads : 8
    Priority : High
    FileSize : 524 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1991-2000
    CompanyName : Microsoft Corporation
    FileDescription : Win32 Kernel core component
    InternalName : KERNEL32
    OriginalFilename : KERNEL32.DLL
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:2 [msgsrv32.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294911117
    Threads : 1
    Priority : Normal
    FileSize : 11 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1992-1998
    CompanyName : Microsoft Corporation
    FileDescription : Windows 32-bit VxD Message Server
    InternalName : MSGSRV32
    OriginalFilename : MSGSRV32.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:3 [mmtask.tsk]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294935673
    Threads : 1
    Priority : Normal
    FileSize : 1 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Multimedia background task support module
    InternalName : mmtask.tsk
    OriginalFilename : mmtask.tsk
    ProductName : Microsoft Windows
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:4 [mprexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294935229
    Threads : 1
    Priority : Normal
    FileSize : 28 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : WIN32 Network Interface Service Process
    InternalName : MPREXE
    OriginalFilename : MPREXE.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:5 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 4294948085
    Threads : 14
    Priority : Normal
    FileSize : 220 KB
    FileVersion : 5.50.4134.100
    ProductVersion : 5.50.4134.100
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft(R) Windows (R) 2000 Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:6 [systray.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294711905
    Threads : 2
    Priority : Normal
    FileSize : 36 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : System Tray Applet
    InternalName : SYSTRAY
    OriginalFilename : SYSTRAY.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:7 [vsstat.exe]
    FilePath : C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\
    ProcessID : 4294748117
    Threads : 1
    Priority : Normal
    FileSize : 240 KB
    FileVersion : 7.03.6000
    ProductVersion : 7.03.6000
    Copyright : Copyright
    CompanyName : Network Associates, Inc.
    FileDescription : VirusScan System Tray
    InternalName : VsStat
    OriginalFilename : VsStat.exe
    ProductName : VirusScan Home Edition
    Created on : 6/3/2003 11:03:00 AM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/3/2003 11:03:00 AM

    #:8 [bib does flaw.exe]
    FilePath : C:\PROGRAM FILES\FLAP TWO\
    ProcessID : 4294797601
    Threads : 1
    Priority : Normal
    FileSize : 234 KB
    Created on : 4/3/2004 2:57:42 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/3/2004 2:57:40 PM

    #:9 [wmiexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294826829
    Threads : 3
    Priority : Normal
    FileSize : 16 KB
    FileVersion : 4.90.2452.1
    ProductVersion : 4.90.2452.1
    Copyright : Copyright (C) Microsoft Corp. 1981-1999
    CompanyName : Microsoft Corporation
    FileDescription : WMI service exe housing
    InternalName : wmiexe
    OriginalFilename : wmiexe.exe
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:10 [ddhelp.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294108249
    Threads : 5
    Priority : Realtime
    FileSize : 32 KB
    FileVersion : 4.09.00.0900
    ProductVersion : 4.09.00.0900
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft DirectX Helper
    InternalName : DDHelp.exe
    OriginalFilename : DDHelp.exe
    ProductName : Microsoft
    Created on : 4/16/2003 8:20:21 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 12/12/2002 4:14:32 AM

    #:11 [iexplore.exe]
    FilePath : C:\PROGRAM FILES\INTERNET EXPLORER\
    ProcessID : 4294110793
    Threads : 9
    Priority : Normal
    FileSize : 89 KB
    FileVersion : 6.00.2800.1106
    ProductVersion : 6.00.2800.1106
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    OriginalFilename : IEXPLORE.EXE
    ProductName : Microsoft
    Created on : 8/29/2002 11:07:38 AM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 8/29/2002 11:07:38 AM

    #:12 [ad-aware.exe]
    FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
    ProcessID : 4294110493
    Threads : 2
    Priority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 7/29/2003 4:38:35 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 7/13/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    WildTangent Object recognized!
    Type : File
    Data : a0014620.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 44 KB
    FileVersion : 1.6.1.2
    ProductVersion : 1.6.1.2
    Copyright : Copyright
    CompanyName : WildTangent, Inc.
    FileDescription : wtcpl
    InternalName : wtcpl
    OriginalFilename : wtcpl.cpl
    ProductName : Wild Tangent wtcpl
    Created on : 2/16/2004 10:36:32 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 9/23/2003 10:48:48 PM



    Dialer-Offline Object recognized!
    Type : File
    Data : a0014623.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 73 KB
    FileVersion : 1, 0, 0, 53
    ProductVersion : 1, 0, 0, 53
    Copyright : Copyright 2001
    FileDescription : DialerOffline Module
    InternalName : DialerOffline
    OriginalFilename : DialerOffline.DLL
    ProductName : DialerOffline Module
    Created on : 7/24/2003 4:02:51 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 7/24/2003 4:02:52 PM



    Dialer-Offline Object recognized!
    Type : File
    Data : a0014626.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 35 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright 2001
    FileDescription : GirlControlCom Module
    InternalName : GirlControlCom
    OriginalFilename : GirlControlCom.DLL
    ProductName : GirlControlCom Module
    Created on : 7/24/2003 4:02:51 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 7/24/2003 4:02:52 PM



    VX2.BetterInternet Object recognized!
    Type : File
    Data : a0014629.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 524 KB
    Created on : 6/30/2003 8:10:02 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/30/2003 8:10:02 PM



    WildTangent Object recognized!
    Type : File
    Data : a0014632.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 100 KB
    FileVersion : 1.0.0.28
    ProductVersion : 1.0.0.28
    Copyright : Copyright (C) 2003
    CompanyName : Wild Tangent
    FileDescription : AIM WD installer
    InternalName : 1.0.0.28
    OriginalFilename : 1.0.0.28
    ProductName : 1.0.0.28
    Created on : 2/16/2004 10:35:59 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 1/12/2004 7:29:28 PM



    WildTangent Object recognized!
    Type : File
    Data : a0014635.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 100 KB
    FileVersion : 1.0.0.28
    ProductVersion : 1.0.0.28
    Copyright : Copyright (C) 2003
    CompanyName : Wild Tangent
    FileDescription : AIM WD installer
    InternalName : 1.0.0.28
    OriginalFilename : 1.0.0.28
    ProductName : 1.0.0.28
    Created on : 2/16/2004 10:35:52 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 1/12/2004 7:29:28 PM



    WildTangent Object recognized!
    Type : File
    Data : a0014638.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 24 KB
    FileVersion : 3.2.0.19
    ProductVersion : 3.2.0.19
    Copyright : All Rights Reserved
    CompanyName : WildTangent Inc
    FileDescription : Java Native Interface layer for DRM3
    InternalName : Jni/Rni DRM3
    OriginalFilename : Jni/Rni DRM3
    ProductName : WildTangent Inc DRM3
    Created on : 2/16/2004 10:36:24 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 9/4/2003 10:13:58 PM



    WildTangent Object recognized!
    Type : File
    Data : a0014641.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 36 KB
    Created on : 2/16/2004 10:36:28 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 10/27/2003 3:42:46 PM



    WildTangent Object recognized!
    Type : File
    Data : a0014644.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 48 KB
    FileVersion : 3, 0, 2, 0
    ProductVersion : 3, 0, 2, 0
    Copyright : Copyright 2002
    FileDescription : wtdmmpv Module
    InternalName : wtdmmpv
    OriginalFilename : wtdmmpv.DLL
    ProductName : wtdmmpv Module
    Created on : 2/16/2004 10:36:29 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 11/10/2003 9:38:26 PM



    Lop.com Object recognized!
    Type : File
    Data : a0014647.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 192 KB
    Created on : 4/3/2004 2:57:44 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/3/2004 2:57:46 PM



    PeopleOnPage Object recognized!
    Type : File
    Data : a0014650.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 56 KB
    Created on : 4/3/2004 2:57:57 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/3/2004 2:57:58 PM



    Ebates MoneyMaker Object recognized!
    Type : File
    Data : a0014653.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 44 KB
    Created on : 9/15/2003 9:38:32 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 9/15/2003 9:38:32 PM



    TopMoxie Object recognized!
    Type : File
    Data : a0014656.cpy
    Object : C:\_RESTORE\TEMP\
    FileSize : 24 KB
    Created on : 4/3/2004 3:04:40 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/3/2004 3:04:42 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2004 11:11:32 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/4/2004 11:11:34 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2004 11:14:54 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/4/2004 11:14:56 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2004 11:32:31 PM
    Last accessed : 4/4/2004 4:00:00 AM
    Last modified : 4/4/2004 11:32:32 PM



    Disk scan result for C:\
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 16


    Scanning Hosts file(C:\WINDOWS\hosts)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Hosts file scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    0 entries scanned.
    New objects :0
    Objects found so far: 16




    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 16


    2:34:29 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:12:10:950
    Objects scanned :126980
    Objects identified :16
    Objects ignored :0
    New objects :16


    Here's the second Ad-aware log after using the Smart scan....


    Lavasoft Ad-aware Personal Build 6.181
    Logfile created on :Monday, April 05, 2004 2:39:30 PM
    Created with Ad-aware Personal, free for private use.
    Using reference-file :01R279 31.03.2004
    ______________________________________________________

    Ad-aware Settings
    =========================
    Set : Activate in-depth scan (Recommended)
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file


    4-5-2004 2:39:30 PM - Scan started. (Smart mode)

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [kernel32.dll]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4287585961
    Threads : 8
    Priority : High
    FileSize : 524 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1991-2000
    CompanyName : Microsoft Corporation
    FileDescription : Win32 Kernel core component
    InternalName : KERNEL32
    OriginalFilename : KERNEL32.DLL
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:2 [msgsrv32.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294911217
    Threads : 1
    Priority : Normal
    FileSize : 11 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1992-1998
    CompanyName : Microsoft Corporation
    FileDescription : Windows 32-bit VxD Message Server
    InternalName : MSGSRV32
    OriginalFilename : MSGSRV32.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:3 [mprexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294934885
    Threads : 2
    Priority : Normal
    FileSize : 28 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : WIN32 Network Interface Service Process
    InternalName : MPREXE
    OriginalFilename : MPREXE.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:4 [mmtask.tsk]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294947221
    Threads : 1
    Priority : Normal
    FileSize : 1 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Multimedia background task support module
    InternalName : mmtask.tsk
    OriginalFilename : mmtask.tsk
    ProductName : Microsoft Windows
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:5 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 4294713865
    Threads : 15
    Priority : Normal
    FileSize : 220 KB
    FileVersion : 5.50.4134.100
    ProductVersion : 5.50.4134.100
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft(R) Windows (R) 2000 Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:6 [systray.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294764953
    Threads : 2
    Priority : Normal
    FileSize : 36 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : System Tray Applet
    InternalName : SYSTRAY
    OriginalFilename : SYSTRAY.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:7 [vsstat.exe]
    FilePath : C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\
    ProcessID : 4294723493
    Threads : 1
    Priority : Normal
    FileSize : 240 KB
    FileVersion : 7.03.6000
    ProductVersion : 7.03.6000
    Copyright : Copyright
    CompanyName : Network Associates, Inc.
    FileDescription : VirusScan System Tray
    InternalName : VsStat
    OriginalFilename : VsStat.exe
    ProductName : VirusScan Home Edition
    Created on : 6/3/2003 11:03:00 AM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/3/2003 11:03:00 AM

    #:8 [bib does flaw.exe]
    FilePath : C:\PROGRAM FILES\FLAP TWO\
    ProcessID : 4294796469
    Threads : 1
    Priority : Normal
    FileSize : 234 KB
    Created on : 4/3/2004 2:57:42 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 4/3/2004 2:57:40 PM

    #:9 [wmiexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294822253
    Threads : 3
    Priority : Normal
    FileSize : 16 KB
    FileVersion : 4.90.2452.1
    ProductVersion : 4.90.2452.1
    Copyright : Copyright (C) Microsoft Corp. 1981-1999
    CompanyName : Microsoft Corporation
    FileDescription : WMI service exe housing
    InternalName : wmiexe
    OriginalFilename : wmiexe.exe
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 1/1/1601
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:10 [ad-aware.exe]
    FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
    ProcessID : 4294816769
    Threads : 2
    Priority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 7/29/2003 4:38:35 PM
    Last accessed : 4/5/2004 4:00:00 AM
    Last modified : 7/13/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Scanning Hosts file(C:\WINDOWS\hosts)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Hosts file scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    0 entries scanned.
    New objects :0
    Objects found so far: 0



    2:41:51 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:02:21:480
    Objects scanned :39649
    Objects identified :0
    Objects ignored :0
    New objects :0


    My second question for you after we get all this popup bar stuff cleaned out is....do you know of a free popup blocker I can download? If so, where can I get it? I haven't
    used the firewall because my kids play online games and have clans, and so on....if you
    have any ideas of what to use that won't interfere with my installed software, there gaming and will block popups....(freeware would be best) please tell me. That would be a wonderful thing, indeed.

    Thanks ever so much,
    Sky
     
  4. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
    I should think you would want to remove the objects that the custom Ad-Aware scan found ...

    The "smart scan" uses a pre-defined set of options that is adequate for routine cleaning, but the full custom scan does do a better job of examining the computer. I run the custom scan whenever a new reference file is released, and a smart scan in between.

    I have other security measures, but many people on this board use the Google toolbar with the pop-up blocking feature: http://toolbar.google.com/
     
  5. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hello Winchester,

    You wrote...>>I should think you would want to remove the objects that the custom Ad-Aware scan found ...<<

    My reply; :rolleyes:
    >>Well of course. And I did exactly that, immediately upon saving a copy of
    the scan log. As I said in my last thread...Ad-aware found 16 objects when I ran it in the customized mode, and nothing in the Smart system mode...<<

    You wrote...>>I have other security measures, but many people on this board use the Google toolbar with the pop-up blocking feature: http://toolbar.google.com/<<

    My reply; ;)
    >>I use the google search page as my IE browser start page. Alas, this poor amateur does not have the time to learn how to surf the internet and become better acquainted with "what is out there". Too many non-computing related "irons in the fire" to take the time. Thanks for the tip.
    Will get right on the job of setting that up.

    :( My original question was according to the HijackThis program. The tech's had told Dance Mom (her dad had the same issue) to send them a log of what the Hijack program had found so they could tell her which files should be cleaned/fixed and which ones to keep. That is what I did...I scanned with the Hijack program as well as all the others, and I am still waiting to hear back on that question, in my original post. I think I've been pretty clear in the information I've given so far.

    Thanks again.

    Sky :cool:
     
  6. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Okay, good that you fixed the items with Adaware, but I didnt see a new HJT log - I guess I forgot to mention for you to do so, I appologize. From your old log, I can tell you to remove this entry, and the others might've changed

    O8 - Extra context menu item: Coupons - file://C:\Program Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm
     
  7. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hi Nok,

    Oversight has been overlooked. :eek:D
    It's easy enough to do. Earlier today,
    I did install the google toolbar in
    order to use the popup blocker.
    Here's the HJT log...I just did it.
    Looking forward to hearing from
    you. Thanks for your reply.

    Later,
    Sky

    Logfile of HijackThis v1.97.7
    Scan saved at 10:22:18 PM, on 4/5/2004
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\PROGRAM FILES\FLAP TWO\BIB DOES FLAW.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://amazingautossearch.com/passthrough/index.html?http://www.google.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://amazingautossearch.com/searchbar.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://amazingautossearch.com/searchbar.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://amazingautossearch.com/searchbar.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSCSHELLEXTENSION.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [VirusScanMSC] "C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE" /EMBEDDING
    O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe
    O4 - HKLM\..\Run: [Link Ball] C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe
    O4 - HKLM\..\Run: [PopUpInspector] C:\PROGRAM FILES\GIANT COMPANY SOFTWARE INC\POPUP INSPECTOR\POPUPINSPECTOR.exe
    O8 - Extra context menu item: Coupons - file://C:\Program Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: AIM (HKLM)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} (cpbrkpie Control) - http://a19.g.akamai.net/7/19/7125/4019/ftp.coupons.com/v3123/cpbrkpie.cab
     
  8. winchester73

    winchester73

    Joined:
    Aug 18, 2003
    Messages:
    2,438
    Perhaps a fresh HJT log would be useful ...

    I should think this Alset Help Express item was removed already:

    O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe

    This item needs some looking into:

    O4 - HKLM\..\Run: [Link Ball] C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe
     
  9. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Remove these items from you HJT log:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://amazingautossearch.com/passt...www.google.com/

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://amazingautossearch.com/searchbar.html

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://amazingautossearch.com/searchbar.html

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://amazingautossearch.com/searchbar.html

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O8 - Extra context menu item: Coupons - file://C:\Program Files\couponsandoffers\System\Temp\couponsandoffers_script0.htm

    O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe

    O4 - HKLM\..\Run: [Link Ball] C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe


    Next, click on the following URL and upload the file below, then post results back here:
    C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe (the directory should be C:\Program Files\FLAPTW* where the * is any number/letter.)

    http://www.kaspersky.com/remoteviruschk.html

    Next, delete the following file in safe mode (hidden/system files may need to be on, instuctions for both bottom of post)
    C:\WINDOWS\emsw.exe

    show hidden and system files - http://www.xtra.co.nz/help/0,,4155-1916458,00.html
    Safe Mode - http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406

    After doing all of that, it's a good idea to post one more log.

    EDIT:
    The directory for the odd file is C:\Program Files\FLAP TWO
     
  10. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    Hi Winchester,
    My post at 10:48 (#7) was a fresh HJT log.
    Will take those files out...a.s.a.p.
    Thanks.
    sky

    You wrote;
    Perhaps a fresh HJT log would be useful ...

    I should think this Alset Help Express item was removed already:

    O4 - HKLM\..\Run: [emsw.exe] C:\WINDOWS\emsw.exe

    This item needs some looking into:

    O4 - HKLM\..\Run: [Link Ball] C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe
    ********************************************************

    Hi Nok1,
    Will get back to you soon.
    Thanks.
    sky
     
  11. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    winchester: different time zones:)

    In fact, I think it may be the east coast if I'm not mistakened ;)
     
  12. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
  13. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    You can if you'd like. Its not anything harmful. Oh, and the timezone thing, I was just proving to myself I was an arrogant self-proclaimed genius :). Don't mind me. Just post a log once done with the instructions i have posted.
     
  14. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    I'm sorry...please break this down...it's not making sense...which file below do I upload.
    be specific. Is the Bib does flaw. exe something to keep or get rid of? I thought it needed to be gotten rid of. Or is that the file to upload. I'm not sure what you are referencing. :eek:

    sky :cool:

    You wrote;
    Next, click on the following URL and upload the file below, then post results back here:
    C:\PROGRA~1\FLAPTW~1\Bib Does Flaw.exe (the directory should be C:\Program Files\FLAPTW* where the * is any number/letter.) Are you wanting me to get a file
    from (upload the file below) there or use their virus scan?

    http://www.kaspersky.com/remoteviruschk.html
     
  15. skydixon

    skydixon Thread Starter

    Joined:
    Apr 4, 2004
    Messages:
    29
    never mind....I figured it out. I'll get back to you
    soon with my findings log.

    sky
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/217162

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice