Author Topic: Got a graphics problem... (Read 526 times)

teinte411 · « **on:** October 21, 2005, 07:32:27 PM »

Ok this started a few days ago, I don't recall doing anything to trigger this behavior. I'm hoping somebody can help because I'm at my wits end lol.

Here's the symptoms, I'm seeing a light blue shadow over some of the text on the desktop and programs like IE and Word, there's also a blue line of the same color blue by icons and on my mouse cursor. Another graphics issue is in games I'm seeing little blinking or flickering squares during gameplay. I did reinstall Windows XP and it didn't solve the graphics problem. I've updated all my graphics drivers and it still didn't repair the graphics, I've also dusted the inside of my PC and still nothing.

However I did do a virus scan with Ad-Aware and it said I had the Worm.Alcan.A virus, eventually it said it was removed after a few tries, but I doubt it. It didn't show up with Norton or Microsoft's anti-virus software though, just Lavasofts.

My question is does anyone know if this Worm effects your graphics card or do you think my graphics card is going? I don't think it is though because I just bought this PC about 6 months ago and graphics cards usually never go. The only other thing I didn't try is actually unplugging my card and plugging it back in but I don't think that wouldn't do anything.

If someone could help me out I'd greatly appreciate it. Just wondering if anybody else with this worm has graphic issues as well? Like I said I don't recall doing anything to trigger this, I may have accidentally downloaded the AlcanA Worm through Limewire though which I was using a few days ago. Thanks. Sorry for posting in the other guy's topic before.

guestolo · « **Reply #1 on:** October 21, 2005, 07:49:01 PM »

I can't see Alcan causing graphics problems, but let's see if we can discover anything

==Download and save WinPFind.zip
UNZIP the contents to your desktop
Don't run it yet

RESTART your Computer in SAFE MODE
You can do this by tapping the F8 key as the system is restarting, just before Windows loads, or use the link
I supplied for a more detailed explanation

Open the WinPFind folder you extracted to desktop
Double click on WinPFind.exe
Click START SCAN
This could take some time as it will scan your drive
Close out after

Restart back to Normal mode
Post the results of the WindPFind.txt located in the WinPFind folder

Also, from my signature below, download and save hijackthis 1.99.1 to a permanent folder on your drive
Do a System scan and save log file
A text file will open, copy and paste the whole log back here

teinte411 · « **Reply #2 on:** October 21, 2005, 08:16:25 PM »

Ok, here is the WinPFind log done in safe mode and the HJT log done in normal mode...

WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

»»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
Internet Explorer Version: 6.0.2900.2180

»»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

Checking %SystemDrive% folder...

Checking %ProgramFilesDir% folder...

Checking %WinDir% folder...

Checking %System% folder...
PEC2 8/12/2004 9:56:50 AM 41397 C:\WINDOWS\SYSTEM32\dfrg.msc
PEC2 6/9/2005 4:32:28 PM 692736 C:\WINDOWS\SYSTEM32\DivX.dll
PECompact2 6/9/2005 4:32:28 PM 692736 C:\WINDOWS\SYSTEM32\DivX.dll
PTech 8/29/2005 1:27:12 PM 520968 C:\WINDOWS\SYSTEM32\LegitCheckControl.DLL
PECompact2 10/4/2005 10:09:08 PM 2293088 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 10/4/2005 10:09:08 PM 2293088 C:\WINDOWS\SYSTEM32\MRT.exe
aspack 8/12/2004 10:02:34 AM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor 8/12/2004 10:04:02 AM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync 8/12/2004 10:08:50 AM 1309184 C:\WINDOWS\SYSTEM32\wbdbase.deu

Checking %System%\Drivers folder and sub-folders...

Items found in C:\WINDOWS\SYSTEM32\drivers\ETC\hosts

Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
10/21/2005 8:53:08 PM S 2048 C:\WINDOWS\BOOTSTAT.DAT
10/18/2005 4:48:42 PM H 54156 C:\WINDOWS\QTFont.qfn
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\WindowsShell.Manifest
10/21/2005 6:42:00 PM H 65 C:\WINDOWS\Downloaded Program Files\DESKTOP.INI
10/21/2005 6:42:30 PM HS 67 C:\WINDOWS\Fonts\DESKTOP.INI
9/28/2005 5:13:32 PM H 0 C:\WINDOWS\INF\oem22.inf
10/21/2005 6:42:00 PM H 65 C:\WINDOWS\occache\desktop.ini
10/21/2005 6:42:00 PM H 65 C:\WINDOWS\Offline Web Pages\DESKTOP.INI
10/21/2005 6:43:22 PM H 262144 C:\WINDOWS\REPAIR\NTUSER.DAT
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\cdplayer.exe.manifest
9/3/2005 10:07:46 PM HS 178718 C:\WINDOWS\SYSTEM32\gfhkj.bak1
9/30/2005 8:38:06 PM HS 428451 C:\WINDOWS\SYSTEM32\gfhkj.bak2
9/30/2005 9:22:30 PM HS 426867 C:\WINDOWS\SYSTEM32\gfhkj.ini
10/21/2005 6:41:58 PM RH 488 C:\WINDOWS\SYSTEM32\logonui.exe.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\nwc.cpl.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
10/21/2005 6:41:58 PM RH 488 C:\WINDOWS\SYSTEM32\WindowsLogon.manifest
10/21/2005 6:41:52 PM RH 749 C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
8/25/2005 11:35:48 AM H 4212 C:\WINDOWS\SYSTEM32\zllictbl.dat
10/6/2005 8:31:08 PM S 77924 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem23.CAT
10/21/2005 8:53:00 PM H 8192 C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG
10/21/2005 2:28:24 PM H 0 C:\WINDOWS\SYSTEM32\CONFIG\default.tmp.LOG
10/21/2005 8:53:20 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG
10/21/2005 8:53:12 PM H 16384 C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG
10/21/2005 8:53:16 PM H 49152 C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG
10/21/2005 2:28:24 PM H 0 C:\WINDOWS\SYSTEM32\CONFIG\software.tmp.LOG
10/21/2005 8:53:16 PM H 921600 C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG
10/21/2005 2:27:52 PM H 0 C:\WINDOWS\SYSTEM32\CONFIG\system.tmp.LOG
10/21/2005 2:27:42 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\TempKey.LOG
10/21/2005 2:28:24 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\USERDIFF.LOG
10/21/2005 6:43:24 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\userdifr.LOG
10/11/2005 1:56:02 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
8/24/2005 3:48:52 PM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\cc1237e7-a29f-423f-a3e1-b2f4db56f999
8/24/2005 3:48:52 PM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred
10/6/2005 8:31:08 PM S 77924 C:\WINDOWS\SYSTEM32\ReinstallBackups\0018\DriverFiles\CX_27256.CAT
10/6/2005 8:31:08 PM S 77924 C:\WINDOWS\SYSTEM32\ReinstallBackups\0019\DriverFiles\CX_27256.CAT
10/21/2005 8:52:18 PM H 6 C:\WINDOWS\Tasks\SA.DAT
9/30/2005 9:16:20 PM H 23820 C:\WINDOWS\Temp\CS0039AB0A-AC81-48E0-81C4-62E899BEAC29.tmp
9/30/2005 9:16:20 PM H 240 C:\WINDOWS\Temp\CS07F96DA7-5559-4FE3-8E11-5E9BEC8785E0.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS099640D4-3162-4BA2-A43A-6E8DA83F7615.tmp
9/30/2005 9:16:20 PM H 42114 C:\WINDOWS\Temp\CS0C4CE6CB-D618-45FA-A63A-8A1126ACF258.tmp
9/30/2005 9:17:06 PM H 102 C:\WINDOWS\Temp\CS0FC93956-7E39-4D53-8FE7-4EAE4FA40842.tmp
9/30/2005 9:16:20 PM H 160 C:\WINDOWS\Temp\CS11872E4A-2773-4FCA-AE11-D8621E6886E9.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS1A9F09F1-697C-4A50-916A-7DC4F4548460.tmp
9/30/2005 9:17:12 PM H 366528 C:\WINDOWS\Temp\CS1AF674D3-3882-4C45-82DA-C3EAD3F478B1.tmp
9/30/2005 9:17:06 PM H 48 C:\WINDOWS\Temp\CS1BFACBA4-DA59-4982-801E-7D7E8C961937.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS1F4EEA50-B2F7-4457-8CA0-6944A59A145B.tmp
9/30/2005 9:16:20 PM H 5464 C:\WINDOWS\Temp\CS205A0B22-6A98-494B-A43B-826830D826B1.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS245573E6-5890-4342-AFEB-C729D6D0D298.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS24836318-DD67-4025-B5D0-B73F435AE554.tmp
9/30/2005 9:17:06 PM H 406 C:\WINDOWS\Temp\CS251CEC17-F5CA-4BAE-9AEC-A062973D0D37.tmp
9/30/2005 9:16:20 PM H 1323504 C:\WINDOWS\Temp\CS2BA0AABC-D175-4ED6-AF0B-BB5601CA8328.tmp
9/30/2005 9:17:06 PM H 310 C:\WINDOWS\Temp\CS3634AE52-E145-4BEC-864C-585716C8AB96.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS3878B89F-685C-4263-9BDF-6A6D2F384FE2.tmp
9/30/2005 9:17:06 PM H 196 C:\WINDOWS\Temp\CS38BDA2F3-8AC5-44AC-98EA-D813E075BF0C.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CS392E6C5B-4CE0-4130-9317-61AEECE7D6CE.tmp
9/30/2005 9:17:06 PM H 124 C:\WINDOWS\Temp\CS3F860BDC-FBE8-42D7-A74F-BD67B764A6E6.tmp
9/30/2005 9:16:20 PM H 929272 C:\WINDOWS\Temp\CS432099B4-BFC6-4114-B1F9-7A725EDC1A26.tmp
9/30/2005 9:17:06 PM H 50 C:\WINDOWS\Temp\CS49031064-44A0-45D7-B397-095F5061C58A.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS49BD8868-CE64-495E-99BC-FF0F3B30FBA2.tmp
9/30/2005 9:17:06 PM H 48 C:\WINDOWS\Temp\CS515B3A0B-B701-4EE5-A937-202F0321F024.tmp
9/30/2005 9:16:20 PM H 71162 C:\WINDOWS\Temp\CS525F5F8E-1FF3-4FEA-B4C1-874BE47D4F21.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS53B2A55B-FC37-468C-910E-0DB47F1E6DF1.tmp
9/30/2005 9:17:06 PM H 412 C:\WINDOWS\Temp\CS540DEF26-BB6E-443A-A455-8169340AFA05.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS57FF4DCD-8955-4E4E-8C56-6799C53DA1B2.tmp
9/30/2005 9:17:12 PM H 1796504 C:\WINDOWS\Temp\CS58A4AAD2-4A97-43B8-939B-06FD7A808677.tmp
9/30/2005 9:16:20 PM H 1890 C:\WINDOWS\Temp\CS59790216-5342-456E-8DBF-E57169E30D1B.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS59C813C5-591B-4418-BE7C-8368E93CB927.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS5A89585C-615B-4EB3-838C-3F04D44100EE.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS5B58CE28-1B4E-4D11-AC09-AE92001E710F.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS5FDD3EE7-605F-4637-A911-5387CE36FC43.tmp
9/30/2005 9:18:06 PM H 548 C:\WINDOWS\Temp\CS61B9F7DB-5273-4DB0-9C81-286823C8497B.tmp
9/30/2005 9:16:20 PM H 2016 C:\WINDOWS\Temp\CS63552240-DB92-4A8D-9109-2C65F843042C.tmp
9/30/2005 9:16:20 PM H 0 C:\WINDOWS\Temp\CS680EAE5E-EA77-45A7-809F-03702E7BD489.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS68129BA1-8EB1-4B1D-A278-D7BA39123394.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CS68841650-84F6-45DA-BDB3-44EF2126C8B6.tmp
9/30/2005 9:17:06 PM H 114 C:\WINDOWS\Temp\CS68A72714-E9ED-4991-A141-7EEC95F1ED1E.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS6DE23B5F-5155-4C6B-A73F-F2C91B16A385.tmp
9/30/2005 9:17:06 PM H 502 C:\WINDOWS\Temp\CS73DA8CC7-1594-4228-99C7-16F77F103A63.tmp
9/30/2005 9:16:20 PM H 108598 C:\WINDOWS\Temp\CS73FF47FE-6E2B-43ED-AEA9-7CF56CCB9E56.tmp
9/30/2005 9:16:20 PM H 32 C:\WINDOWS\Temp\CS79BB9307-73E8-4E23-B43C-EC2E59A9DA6E.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS7D9821D7-9BA9-42A9-9921-45C2EBF959DD.tmp
9/30/2005 9:17:06 PM H 598 C:\WINDOWS\Temp\CS7E187B75-51E2-412A-AF1C-D4C8917FDE49.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS8038A68D-46D3-441E-A669-44591604B9F6.tmp
9/30/2005 9:17:06 PM H 662 C:\WINDOWS\Temp\CS81BE186E-A5B6-44C0-99DF-F55735A20549.tmp
9/30/2005 9:17:06 PM H 120 C:\WINDOWS\Temp\CS829040E6-4642-4419-92D5-EAB003066612.tmp
9/30/2005 9:16:20 PM H 7166 C:\WINDOWS\Temp\CS8326B57A-DD06-4871-B53F-D7F3402FB606.tmp
9/30/2005 9:17:06 PM H 566 C:\WINDOWS\Temp\CS8490A86F-5385-43BB-BF8F-6C0C6BCEABCD.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS866EEE3D-F60E-44F7-B22C-234077EBC64D.tmp
9/30/2005 9:16:20 PM H 1503408 C:\WINDOWS\Temp\CS8B771174-72B6-40C9-87BE-10C2E1B3D1A5.tmp
9/30/2005 9:17:06 PM H 502 C:\WINDOWS\Temp\CS8D05915F-E86D-404F-8600-A64118BEE466.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CS91CC0B82-656B-454E-BF84-2F6B07803CDF.tmp
9/30/2005 9:17:06 PM H 30 C:\WINDOWS\Temp\CS92AC968A-0B84-411D-88F4-5370A864AC30.tmp
9/30/2005 9:17:06 PM H 478 C:\WINDOWS\Temp\CS9362355A-092C-4AEB-A408-BFFB1D6A753A.tmp
9/30/2005 9:17:06 PM H 526 C:\WINDOWS\Temp\CS9583180F-D739-42CF-93C7-C2283604D14E.tmp
9/30/2005 9:17:10 PM H 1468862 C:\WINDOWS\Temp\CS998B4117-EEFB-4710-8CF3-416AFC45F463.tmp
9/30/2005 9:16:20 PM H 3429 C:\WINDOWS\Temp\CS9A736D53-78C3-43EE-9AE7-DFD04155DF92.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CS9B02D53F-F2E4-4359-AC7E-33E36E41AA86.tmp
9/30/2005 9:17:12 PM H 81280 C:\WINDOWS\Temp\CS9B1E1F7E-C028-49EE-BA64-1C9BED003D51.tmp
9/30/2005 9:17:06 PM H 30 C:\WINDOWS\Temp\CS9B6432DA-7503-484D-8E34-73F7AF80844F.tmp
9/30/2005 9:16:20 PM H 38434 C:\WINDOWS\Temp\CS9C5BEC10-FAD7-450E-BC12-F8839DE3E464.tmp
9/30/2005 9:16:20 PM H 0 C:\WINDOWS\Temp\CS9F296CE1-6BB8-4F5E-8FC5-0249E4857049.tmp
9/30/2005 9:16:20 PM H 140 C:\WINDOWS\Temp\CSA0976592-6D3E-4359-B4F7-D89C86E1F0A0.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSA3C09B5E-534B-4E85-8F50-E2F3F1AF555B.tmp
9/30/2005 9:16:20 PM H 2323146 C:\WINDOWS\Temp\CSA7E9B231-A77D-49A3-A4AB-D0F8877963D8.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSA9D2FE2F-0C0B-46C3-81BC-2D4DB708EE84.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSAB368C57-67B4-4FD0-83C5-2EDAE9C185C1.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSAF38DFE5-AE60-453D-B2DA-38A782DDFFF4.tmp
9/30/2005 9:16:20 PM H 204 C:\WINDOWS\Temp\CSB299B554-B7CD-49C6-A1DB-0AAA51B0125F.tmp
9/30/2005 9:17:06 PM H 48 C:\WINDOWS\Temp\CSB44B4B2A-7339-44D2-8A49-A2B29374314A.tmp
9/30/2005 9:17:06 PM H 120 C:\WINDOWS\Temp\CSB5EE15C5-E1A6-4B4E-B62F-40E3F660BBDC.tmp
9/30/2005 9:17:06 PM H 162 C:\WINDOWS\Temp\CSB9BD4CDD-A600-4423-8528-81D252342A27.tmp
9/30/2005 9:16:20 PM H 1105702 C:\WINDOWS\Temp\CSBE1904BB-0551-40D3-8F22-A506B5880C44.tmp
9/30/2005 9:17:06 PM H 68 C:\WINDOWS\Temp\CSBE87930B-4A12-4250-AB1E-9FCB63A78C24.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSC4CE90E1-83F3-4730-83E7-32BBA47567FF.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSC72DF72B-B4C8-4F21-9D7B-2F59022E2431.tmp
9/30/2005 9:20:08 PM H 74264 C:\WINDOWS\Temp\CSC8C6EA88-4A3C-4653-B482-8DEBAFCF3FEF.tmp
9/30/2005 9:17:06 PM H 14 C:\WINDOWS\Temp\CSC8D70AC1-3596-4F1E-849E-364AE7AEF56D.tmp
9/30/2005 9:17:06 PM H 136 C:\WINDOWS\Temp\CSC99B1FF8-3105-4815-BBA2-9050C2BBFAED.tmp
9/30/2005 9:16:20 PM H 569404 C:\WINDOWS\Temp\CSD1F1D7D5-7A61-458A-9116-3CE6806D0FB4.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSD4A3E722-C3C3-4DC9-9A63-1EBF16760DBD.tmp
9/30/2005 9:17:06 PM H 322 C:\WINDOWS\Temp\CSD5652D2D-2B90-4B58-AD18-14FC3DF912DA.tmp
9/30/2005 9:16:20 PM H 30 C:\WINDOWS\Temp\CSD6BC78F3-36BA-4005-B2A7-BC3147BA46E3.tmp
9/30/2005 9:17:06 PM H 310 C:\WINDOWS\Temp\CSD7A3AA1B-647C-4EF1-B60E-400E042ABD3E.tmp
9/30/2005 9:17:06 PM H 340 C:\WINDOWS\Temp\CSD7CC76DF-A9A3-43A5-AF31-610B6042817A.tmp
9/30/2005 9:17:06 PM H 42 C:\WINDOWS\Temp\CSD8FDD305-0CBD-4AC0-B793-4D44DED8E747.tmp
9/30/2005 9:17:06 PM H 42 C:\WINDOWS\Temp\CSD939CE2E-C247-4E02-9DFD-69367DC9DFF9.tmp
9/30/2005 9:16:20 PM H 369 C:\WINDOWS\Temp\CSDA955B8B-79BC-4005-971E-A1AE7697EA80.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSDD8DCBC3-11BB-4B26-864D-25CC57FA689C.tmp
9/30/2005 9:17:06 PM H 426 C:\WINDOWS\Temp\CSE05BEEE9-D880-4F34-9FE9-ACD208B1D161.tmp
9/30/2005 9:17:06 PM H 118 C:\WINDOWS\Temp\CSE18733BD-BD94-406B-8BF2-586DEAFE63AE.tmp
9/30/2005 9:16:20 PM H 748 C:\WINDOWS\Temp\CSE4FAB894-5485-4D07-B790-EE1309DAEBDD.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSEC7C103F-C573-4422-80AC-AD7835E66A91.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSEEF83116-BB68-4F90-B726-1DC18C6B7E1F.tmp
9/30/2005 9:17:06 PM H 100 C:\WINDOWS\Temp\CSF6AD2FF5-7AD0-41EC-A8AB-115163194013.tmp
9/30/2005 9:17:06 PM H 96 C:\WINDOWS\Temp\CSF76F4739-59E4-4840-83EF-4DABC2A5B945.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSF9E915D9-1FDA-4FA4-A3E1-822AA199A632.tmp
9/30/2005 9:17:06 PM H 10 C:\WINDOWS\Temp\CSFDA1160D-8A42-4935-8DDD-84704A6472B8.tmp

Checking for CPL files...
Microsoft Corporation 8/4/2004 7:00:00 AM 68608 C:\WINDOWS\SYSTEM32\ACCESS.CPL
Microsoft Corporation 8/12/2004 9:55:48 AM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation 8/12/2004 9:55:58 AM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
9/18/2003 5:18:00 AM R 24576 C:\WINDOWS\SYSTEM32\cpl_moh.cpl
Microsoft Corporation 8/12/2004 9:56:50 AM 135168 C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation 8/12/2004 9:57:24 AM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation 8/12/2004 9:57:42 AM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Microsoft Corporation 8/12/2004 9:58:04 AM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation 8/12/2004 9:58:08 AM 129536 C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation 8/12/2004 9:58:16 AM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl
Microsoft Corporation 8/12/2004 9:58:22 AM 68608 C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems 11/19/2003 7:48:12 PM 61555 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation 8/12/2004 9:59:12 AM 187904 C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation 8/12/2004 9:59:56 AM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation 8/12/2004 10:01:36 AM 35840 C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation 8/12/2004 10:02:08 AM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation 8/12/2004 10:02:44 AM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation 8/12/2004 10:02:52 AM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation 8/12/2004 10:03:40 AM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl
Intel® Corporation 3/2/2004 1:39:06 PM 77824 C:\WINDOWS\SYSTEM32\PRApplet.cpl
RealNetworks, Inc. 2/23/2005 2:18:00 AM 24576 C:\WINDOWS\SYSTEM32\prefscpl.cpl
Apple Computer, Inc. 1/6/2004 6:02:36 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation 8/12/2004 10:06:56 AM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation 8/12/2004 10:07:14 AM 28160 C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation 8/12/2004 10:07:18 AM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
Creative Technology Ltd. 2/18/2004 11:52:50 AM 176128 C:\WINDOWS\SYSTEM32\USBAudio.cpl
Microsoft Corporation 8/12/2004 10:10:30 AM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation 8/12/2004 10:10:42 AM 162304 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation 8/4/2004 7:00:00 AM 68608 C:\WINDOWS\SYSTEM32\DLLCACHE\access.cpl
Microsoft Corporation 8/12/2004 9:55:48 AM 549888 C:\WINDOWS\SYSTEM32\DLLCACHE\appwiz.cpl
Microsoft Corporation 8/12/2004 9:56:50 AM 135168 C:\WINDOWS\SYSTEM32\DLLCACHE\desk.cpl
Microsoft Corporation 8/12/2004 9:57:24 AM 80384 C:\WINDOWS\SYSTEM32\DLLCACHE\firewall.cpl
Microsoft Corporation 8/12/2004 9:57:42 AM 155136 C:\WINDOWS\SYSTEM32\DLLCACHE\hdwwiz.cpl
Microsoft Corporation 8/12/2004 9:58:04 AM 358400 C:\WINDOWS\SYSTEM32\DLLCACHE\inetcpl.cpl
Microsoft Corporation 8/12/2004 9:58:08 AM 129536 C:\WINDOWS\SYSTEM32\DLLCACHE\intl.cpl
Microsoft Corporation 8/12/2004 9:58:22 AM 68608 C:\WINDOWS\SYSTEM32\DLLCACHE\joy.cpl
Microsoft Corporation 8/12/2004 9:59:12 AM 187904 C:\WINDOWS\SYSTEM32\DLLCACHE\main.cpl
Microsoft Corporation 8/12/2004 9:59:56 AM 618496 C:\WINDOWS\SYSTEM32\DLLCACHE\mmsys.cpl
Microsoft Corporation 8/12/2004 10:01:36 AM 35840 C:\WINDOWS\SYSTEM32\DLLCACHE\ncpa.cpl
Microsoft Corporation 8/12/2004 10:02:08 AM 25600 C:\WINDOWS\SYSTEM32\DLLCACHE\netsetup.cpl
Microsoft Corporation 8/12/2004 10:02:44 AM 257024 C:\WINDOWS\SYSTEM32\DLLCACHE\nusrmgr.cpl
Microsoft Corporation 8/12/2004 10:02:52 AM 32768 C:\WINDOWS\SYSTEM32\DLLCACHE\odbccp32.cpl
Microsoft Corporation 8/12/2004 10:03:40 AM 114688 C:\WINDOWS\SYSTEM32\DLLCACHE\powercfg.cpl
Microsoft Corporation 8/4/2004 7:00:00 AM 155648 C:\WINDOWS\SYSTEM32\DLLCACHE\sapi.cpl
Microsoft Corporation 8/12/2004 10:06:56 AM 298496 C:\WINDOWS\SYSTEM32\DLLCACHE\sysdm.cpl
Microsoft Corporation 8/12/2004 10:07:14 AM 28160 C:\WINDOWS\SYSTEM32\DLLCACHE\telephon.cpl
Microsoft Corporation 8/12/2004 10:07:18 AM 94208 C:\WINDOWS\SYSTEM32\DLLCACHE\timedate.cpl
Microsoft Corporation 8/12/2004 10:10:30 AM 148480 C:\WINDOWS\SYSTEM32\DLLCACHE\wscui.cpl
Microsoft Corporation 8/12/2004 10:10:42 AM 162304 C:\WINDOWS\SYSTEM32\DLLCACHE\wuaucpl.cpl

»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

Checking files in %ALLUSERSPROFILE%\Startup folder...
10/19/2005 4:30:58 PM 1851 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ATI CATALYST System Tray.lnk
10/21/2005 6:43:18 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI
2/23/2005 2:08:12 AM 1730 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
10/13/2005 10:50:02 AM 2169 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk

Checking files in %ALLUSERSPROFILE%\Application Data folder...
10/21/2005 6:29:56 PM HS 62 C:\Documents and Settings\All Users\Application Data\DESKTOP.INI

Checking files in %USERPROFILE%\Startup folder...
8/10/2004 3:04:12 PM HS 84 C:\Documents and Settings\Timothy\Start Menu\Programs\Startup\DESKTOP.INI

Checking files in %USERPROFILE%\Application Data folder...
8/10/2004 2:57:42 PM HS 62 C:\Documents and Settings\Timothy\Application Data\DESKTOP.INI
10/3/2005 12:48:42 PM 57656 C:\Documents and Settings\Timothy\Application Data\GDIPFONTCACHEV1.DAT
10/18/2005 12:22:20 AM 2926 C:\Documents and Settings\Timothy\Application Data\wklnhst.dat

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
   SV1    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
   {09799AFB-AD67-11d1-ABCD-00C04FC30936}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
   {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}    = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
   Start Menu Pin    = %SystemRoot%\system32\SHELL32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\MP3ToWave
   {DC6FA7E0-6666-11D5-8CE2-444553540000}    =
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
   {5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}    = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
   {A470F8CF-A1E8-4f65-8335-227475AA5C46}    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
   {750fdf0e-2a26-11d1-a3ea-080036587f03}    = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
   {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}    = ntshrui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinRAR
   {B41DB860-8EE4-11D2-9906-E49FADC173CA}    = C:\Program Files\WinRAR\rarext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
   AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
   MSN Search Toolbar Helper = C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}
   CNavExtBho Class = C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
    =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
   &Tip of the Day = %SystemRoot%\system32\shdocvw.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
   Real.com = C:\WINDOWS\system32\Shdocvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
   {BA52B914-B692-46c4-B683-905236F6F655}    =    :
   {40D41A8B-D79B-43d7-99A7-9EE0F344C385}    = AIM Search   : C:\Program Files\AIM Toolbar\AIMBar.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}    = MSN Search Toolbar   : C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}    = Norton AntiVirus   : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
   MenuText    = Sun Java Console   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
   ButtonText    = AIM   : C:\Program Files\AIM\aim.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
   ButtonText    = PartyPoker.com   : C:\Program Files\PartyPoker\PartyPoker.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
   ButtonText    = Real.com   :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
   ButtonText    = Messenger   : C:\Program Files\Messenger\msmsgs.exe

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
   {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} = Norton AntiVirus   : C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN Search Toolbar   : C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
   {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address   : %SystemRoot%\system32\browseui.dll
   {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links   : %SystemRoot%\system32\SHELL32.dll
   {40D41A8B-D79B-43D7-99A7-9EE0F344C385} = AIM Search   : C:\Program Files\AIM Toolbar\AIMBar.dll
   {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} = MSN Search Toolbar   : C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   IntelMeM   C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
   CTSysVol   C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
   P17Helper   Rundll32 P17.dll,P17Helper
   UpdReg   C:\WINDOWS\UpdReg.EXE
   Drag'n'Drop_Autolaunch   "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
   QuickTime Task   "C:\Program Files\QuickTime\qttask.exe" -atboottime
   gcasServ   "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
   ATICCC   "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
   ccApp   "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
   Symantec NetDriver Monitor   C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
   IMAIL   Installed = 1
   MAPI   Installed = 1
   MSFS   Installed = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
   MSMSGS   "C:\Program Files\Messenger\msmsgs.exe" /background
   Norton SystemWorks   "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk
   path   C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
   backup   C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup
   location   Common Startup
   command   C:\PROGRA~1\AMERIC~1.0\aoltray.exe -check
   item   America Online 9.0 Tray Icon

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AIM
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   aim
   hkey   HKCU
   command   C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   aim
   hkey   HKCU
   command   C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSupport
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   DSAgnt
   hkey   HKCU
   command   "C:\Program Files\Dell Support\DSAgnt.exe" /startup
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   DSAgnt
   hkey   HKCU
   command   "C:\Program Files\Dell Support\DSAgnt.exe" /startup
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCAgentExe
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcagent
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\agent\mcagent.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcagent
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\agent\mcagent.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MCUpdateExe
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcupdate
   hkey   HKLM
   command   C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcupdate
   hkey   HKLM
   command   C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MPFExe
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   MpfTray
   hkey   HKLM
   command   C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   MpfTray
   hkey   HKLM
   command   C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   msmsgs
   hkey   HKCU
   command   "C:\Program Files\Messenger\msmsgs.exe" /background
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   msmsgs
   hkey   HKCU
   command   "C:\Program Files\Messenger\msmsgs.exe" /background
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VirusScan Online
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcvsshld
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcvsshld
   hkey   HKLM
   command   c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VSOCheckTask
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcmnhdlr
   hkey   HKLM
   command   "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
   inimapping   0
   key   SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   item   mcmnhdlr
   hkey   HKLM
   command   "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
   inimapping   0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
   system.ini   0
   win.ini   0
   bootini   0
   services   0
   startup   2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
   {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
   {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
   {0DF44EAA-FF21-4412-828E-260A8728E7F1} =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
   dontdisplaylastusername   0
   legalnoticecaption
   legalnoticetext
   shutdownwithoutlogon   1
   undockwithoutlogon   1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
   NoDriveTypeAutoRun   145

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
   PostBootReminder    {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
   CDBurn    {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
   WebCheck    {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
   SysTray     {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
   UserInit   = C:\WINDOWS\system32\userinit.exe,
   Shell      = Explorer.exe
   System      =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
   Debugger = ntsd -d

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
   AppInit_DLLs

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1   - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 10/21/2005 9:09:34 PM

Logfile of HijackThis v1.99.1
Scan saved at 9:13:51 PM, on 10/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Timothy\Desktop\Hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nascar.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?3abffb653bff43bbbc72c0abf1a46ad0
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?3abffb653bff43bbbc72c0abf1a46ad0
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {18CD2FD8-81CE-44C3-99E1-0822E1C7116C} (EARTPatch8X Class) - http://files.ea.com/downloads/rtpatch/v4/EARTP8X.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127859030000
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

guestolo · « **Reply #3 on:** October 21, 2005, 08:48:20 PM »

Let's ensure there is nothing still left over from Alcan
Download Brute force uninstaller
Unzip it to a folder of it’s own (c:\BFU).

Start the Brute Force Uninstaller by doubleclicking BFU.exe

Next to the 'scriptfile to execute'
Click the Globe icon = (Open script URL)
When you click that icon, a little window will open that says: 'Please enter the full URL to the sript you want to execute'
In the field, copy and paste next URL:

http://metallica.geekstogo.com/p2pnetwork.bfu

Click Ok
Then click Execute in Brute Force Uninstaller.

Wait for the complete script execution box to popup and press OK.
Press exit to terminate the BFU program.

Restart your computer

Where did you get your updated drivers for your video card at?
From the manufacturer? or Windows updates

Can you also right click the desktop and left click properties
Click the Desktop tab>>Customize desktop>>Web tab
Uncheck "Lock desktop items" if checked
OK it and then click Apply

Also, can you run this file thru
Jotti's Online Malware scan
Give this site time to load if busy

Use the browse button and navigate to this file on your hard drive
C:\WINDOWS\SYSTEM32\gfhkj.ini <-this file
Right click on it and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here please

teinte411 · « **Reply #4 on:** October 21, 2005, 09:58:25 PM »

I tried everything, but still getting the same symptoms.

I got the driver directly from the ATI website, ATI is the company that makes the Radeon X300 graphics card that I have. I updated all the drivers after these things started happening though.

I'm really stumped about this, I've had bugs and adware before, but nothing ever like this, nothing I wasn't able to fix. I'm kinda thinking it's the hardware but the computer isn't that old, and I never had any problems with my old Dell, which is still running great after 7 years lol.

Here's the results from Jotti's site, didn't find anything:

Service load: 0% 100%

File: gfhkj.ini
Status: OK
MD5 2c18e64770fd8fd1f09efe7df40738d1
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

teinte411 · « **Reply #5 on:** October 21, 2005, 10:20:22 PM »

I just tried something, I kept right clicking on the desktop and now in IE and almost everytime where the left side off the popup box was it left a light blue line, like the ones I've been seeing. Then when I minimize or maximize the IE window the lines disappear. I was thinking that might be a sign the memory is messed up or damaged. I dunno doesn't look good.

TheTechGuide Forum

News:

Author Topic: Got a graphics problem... (Read 526 times)

teinte411

Got a graphics problem...

guestolo

Got a graphics problem...

teinte411

Got a graphics problem...

guestolo

Got a graphics problem...

teinte411

Got a graphics problem...

teinte411

Got a graphics problem...