Hi pieter,
i searched agn for skymasters and i got the following results
Regards,
Jas.
C:\ffastun.ffl (640 KB, 5/27/05 3:45:50 PM)
1 N\PRServe[1].htmlư˜‚Ù ¼·aÅ NWINDOWS\Temporary Internet Files\Content.IE5\O5M7O1IJ\ads[4].htmlü¿˜‚Ú ·Ÿ‘·aÅ NWINDOWS\Temporary Internet Files\Content.IE5\O5M7O1IJ\ads[3].htmlü¿˜‚Û —\?³aÅ NWINDOWS\Temporary Internet Files\Content.IE5\LJVVL14E\ads[1].htmlü¿ †Ü Ø ÙVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\CA23MDGV.html÷¿€Iư †Ư Ü ÙVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\CA9WJ67V.html÷¿€Iư¸¢̃ G ¯ aÅ NWINDOWS\Temporary Internet Files\Content.IE5\MLLYJ2DK\trading_stock_quote[1].htmlJ…°œß l m Ä RProgram Files\Common Files\Symantec Shared\VirusDefs\20050525.018\TECHNOTE.TXT †à Ư ÖVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\login[7].html÷¿€Iư †á à ¬WÅ üWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\admsg[2].htmlg[2 â á ÚVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\screen2[1].htmlư ă â ÚVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\screen2[2].htmlư ä ă ØVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\search8[1].htmlư å ä ÙVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\search8[2].htmlư æ å ÙVÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\search8[3].htmlư¨”ç ]´ñŒbÅ NWINDOWS\Temporary Internet Files\Content.IE5\KPCF0V43\download3045[2].html¨è >z bÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\virusstats[2].htmlxxÁ¨”é .L˜ŒbÅ NWINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\spywareguard[1].html.html÷¿€Iưgns\RIBBONS.POT_Á 3 ˆê æ ×VÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\Static[1].html€Iư †ë ê ÚVÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\about[3].html÷¿€Iư †́ ë ĂVÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\admsg[5].html÷¿€Iư˜‚í K!D³aÅ NWINDOWS\Temporary Internet Files\Content.IE5\KPCF0V43\ads[2].htmlü¿˜‚î m¯·aÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\ads[4].htmlü¿˜‚ï C ·aÅ NWINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\ads[1].htmlü¿˜„đ `i°aÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\wiki[1].html˜‚ñ r<²aÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\ads[1].htmlü¿˜„̣ fc+°aÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNNRAKTX\wiki[1].html †ó ́ ÙVÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\CA6ZEXYH.html÷¿€Iư ˆô Æ̃ÜbÅ NWINDOWS\Temporary Internet Files\Content.IE5\TC83X1S5\kephyr[1].html€Iư †ơ 'k{›bÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\index[1].html÷¿€Iư¨ö VbÅ NWINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\skymasters[1].htmlxxÁ¨÷ p¡ ŒbÅ NWINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\sbdownload[1].htmlxxÁ Œø å4 –bÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNNRAKTX\findfast[1].html Œù 6ø ¡bÅ NWINDOWS\Temporary Internet Files\Content.IE5\4PUJSDAN\sbversion[1].txt ˆú ªCáÚaÅ NWINDOWS\Temporary Internet Files\Content.IE5\O5M7O1IJ\viewer[1].html€Iư †û ?¤‰ØaÅ NWINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\login[1].html÷¿€Iư ˆü @¹aÅ NWINDOWS\Temporary Internet Files\Content.IE5\UHNC5CBY\splash[1].html€Iư¨”ư &hŒbÅ NWINDOWS\Temporary Internet Files\Content.IE5\DS8391OD\download2859[1].html¨₫ ̃ëk›bÅ NWINDOWS\Temporary Internet Files\Content.IE5\CNZVA4H1\supportus[1].htmlxxÁ †ÿ ¶t`ºaÅ NWINDOWS\Temporary Internet Files\Content.IE5\UFYBITQB\login[1].html÷¿€Iư¨ƒ ŒbÅ NWINDOWS\Temporary Internet Files\Content.IE5\81Y7O9YB\google336[1].htmlxxÁ¸¢ơ£T‰bÅ NWINDOWS\Temporary Internet Files\Content.IE5\37XFNPWW\trading_stock_quote[1].html4…˜„– °aÅ NWINDOWS\Temporary Internet Files\Content.IE5\C5I3K1YR\wiki[1].html˜‚ö±…³aÅ NWINDOWS\Temporary Internet Files\Content.IE5\81Y7O9YB\ads[1].htmlü¿¨’véơbÅ NWINDOWS\Temporary Internet Files\Content.IE5\37XFNPWW\got-a-virus[1].htmlxÁ Œ§›”¹aÅ NWINDOWS\Temporary Internet Files\Content.IE5\UFYBITQB\comments[1].html ˆA ½aÅ NWINDOWS\Temporary Internet Files\Content.IE5\TZRR1TOE\notify[1].html€Iư †6̃ǹaÅ NWINDOWS\Temporary Internet Files\Content.IE5\TC83X1S5\index[2].html÷¿€Iư †ô ÚaÅ NWINDOWS\Temporary Internet Files\Content.IE5\DS8391OD\trans[1].html÷¿€Iư † 3ơª¸aÅ NWINDOWS\Temporary Internet Files\Content.IE5\GTMN8PQB\stats[2].html÷¿€Iư°œl m Ä RProgram Files\Common Files\Symantec Shared\VirusDefs\20050525.018\NCSACERT.TXT Œ¤ ÚºaÅ NWINDOWS\Temporary Internet Files\Content.IE5\GTMN8PQB\download[1].html˜€¼öđ aÅ NWINDOWS\Temporary Internet Files\Content.IE5\TZRR1TOE\03[1].html”ü¿˜€÷Nù aÅ NWINDOWS\Temporary Internet Files\Content.IE5\LJVVL14E\04[1].html”ü¿˜€Tmç aÅ NWINDOWS\Temporary Internet Files\Content.IE5\FUKB7HCH\02[1].html”ü¿˜€8 Ù aÅ NWINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\01[1].html”ü¿˜„î× aÅ NWINDOWS\Temporary Internet Files\Content.IE5\DS8391OD\0001[1].html˜€ aÅ NWINDOWS\Temporary Internet Files\Content.IE5\37XFNPWW\05[1].html”ü¿ ¯JĹaÅ NWINDOWS\Temporary Internet Files\Content.IE5\GTMN8PQB\default[1].htmlư †Ó 2ÚaÅ NWINDOWS\Temporary Internet Files\Content.IE5\DS8391OD\admsg[2].html÷¿€Iư †g}yºaÅ NWINDOWS\Temporary Internet Files\Content.IE5\DS8391OD\CAL8EPPZ.html÷¿€Iư¨”9u1èaÅ NWINDOWS\Temporary
C:\WINDOWS\USER.DAT (849 KB, 5/27/05 5:12:40 PM)
0 URL8 )2È(0îU My Yahoo!.urlMYYAHO~1.URL<-2vw2Ư+ Windows Media.urlWINDOW~2.URL<.2vv2§4 Windows Update.urlWINDOW~1.URL4&2qw2Ü+ Windows.urlWINDOWS.URL>02Ѳ0†2 Yahoo! Bookmarks.urlYAHOO!~1.URL:+2̀²0 W Yahoo! Mail.urlYAHOO!~2.URL2$2̀²0 W Yahoo!.urlYAHOO!.URL¡{¡User ÿÿÿ REGTYPE1 ÿÿÿÿ SALUTmr ÿÿÿÿ FNAMEsaj ÿÿÿÿ LNAMEa ÿÿÿÿ NAMEsaj a ÿÿÿÿ COMPANlid ÿÿÿÿ INDIV0t®tAdobe ÿÿÿÿ JOrder B6ûÿÿÿ'1‡2Ø1 Photoshop 6.0PHOTOS~1.0n¼B.current ÿÿÿÿC:\WINDOWS\media\start.wav ffma .savedC:\WINDOWS\media\start.wav‘ „ TypedURLs u url1http://www.geek.com url2http://mail.yahoo.com/ u url3mail.yahoo.como.com url25http://www.sikhnet.com/ url25http://www.sikhnet.com/n url25http://www.sikhnet.com/ n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/ url25http://www.sikhnet.com/ url25http://www.sikhnet.com/ url25http://www.sikhnet.com/.com n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/url25http://www.sikhnet.com/om n url25http://www.sikhnet.com/om n url25http://www.sikhnet.com/om n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/m n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/ n url25http://www.sikhnet.com/n url25http://www.sikhnet.com/n url25http://www.sikhnet.com///com/nard_martinez58tinez58z58//mmm.comotmail.comminijairajjj/minijairajjjmmr.commm/.com/itr.com//om//Screenshots.htmlenshots.htmllScreenshots.htmln/can/reso.aspso.aspmn url25http://www.google.comaspº)¦InstallLocationsMRU om aG:\win98\ ÿÿÿÿ MRUListacedb ÿ bf:\WIN98 ÿÿÿÿ cf:\WIN98\ ÿÿÿÿ dE:\win98\ s eG:\n98\ s eG:\÷pđ&{8646D2C0-9ACA-11D9-B59F-B69B83CCD371} ÿÿÿÿ UsernameMain Identity ÿÿÿÿ &User ID{8646D2C0-9ACA-11D9-B59F-B69B83CCD371} ÿÿÿÿ Directory NameÀ̉F† tp:/ Identity Ordinal u Attachment PathA:\Phadnisñ;¥General ÿÿÿÿ TileWallpaper0 ÿÿÿÿ WallpaperStyle0 ÿÿÿÿ Wallpaper ÿÿÿÿ BackupWallpaper ÿÿÿÿ WallpaperFileTimer ÿÿÿÿ WallpaperFileTimem ÿÿÿÿ WallpaperFileTimeUŸTURLSearchHooks ÿ&{CFBFAE00-17A6-11D0-99CB-00C04FD64497}}g†Settings ÿÿÿÿ OpenDirD:\Waqt - Part 1.avier.11.2003.XXX.DVDRip.DivX-xDMNx.avi€ ™Main ÿÿÿÿ Anchor Underlineyes ÿÿÿÿ Cache_Update_FrequencyOnce_Per_Session ÿÿÿÿ Display Inline Imagesyes ÿÿÿÿ Do404Search ÿÿÿÿ Local PageC:\WINDOWS\SYSTEM\blank.htm ÿÿÿÿ Save_Session_History_On_Exitno ÿÿÿÿ Show_FullURLno ÿÿÿÿ Show_StatusBaryes ÿÿÿÿ Show_ToolBaryes ÿÿÿÿ Show_URLinStatusBaryes ÿÿÿÿ Show_URLToolBaryes ÿÿÿÿ Start Pagewww.skymasters.biz?1462 ÿÿÿÿ Use_DlgBox_Colorsyes ÿÿÿÿ ;Search Pagehttp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch CU,A Show_ChannelBandno www. FullScreenno ÿÿÿÿ LastCheckedHiM_Å /www ,Window_Placement,¸ ¸ ÿÿÿÿÿÿÿÿ ú © "Error Dlg Displayed On Every Errorno ÿÿÿÿ Error Dlg Details Pane Openno rch Disable Script Debuggeryes CS Use FormSuggestno tact FormSuggest PW Askno ÿNotifyDownloadCompleteyes / AddToFavoritesExpanded ÿÿÿÿ AutoSearch pi/r conc²Đ–Br conc²Đ–B conce¦•BKFirst Home Pagehttp://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b12ÿÿÿÿH•searchhtg.com ÿÿÿÿ * 2ÿÿÿÿ²”searchinn.com ÿÿÿÿ * 2ÿÿÿÿä”sesupport.com ÿÿÿÿ * ¸ ÿÿÿÿÿÿÿÿDisplay Inline Imagesyes ÿÿÿÿ Do404Search ÿÿÿÿ Local PageC:\WINDOWS\SYSTEM\blank.htm ÿÿÿÿ Save_Session_History_On_Exitno ÿÿÿÿ Show_FullURLno ÿÿÿÿ Show_StatusBaryes ÿÿÿÿ Show_ToolBaryes ÿÿÿÿ Show_URLinStatusBaryes ÿÿÿÿ Show_URLToolBaryes ÿÿÿÿ Start Pageabout:blank ÿÿÿÿ Use_DlgBox_Colorsyes ÿÿÿÿ ;Search Pagehttp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch CU,A Show_ChannelBandno www. FullScreenno ÿÿÿÿ LastCheckedHiM_Å /www ,Window_Placement,¸ ¸ ÿÿÿÿÿÿÿÿä “ "Error Dlg Displayed On Every Errorno ÿÿÿÿ Error Dlg Details Pane Openno rch Disable Script Debuggeryes CS Use FormSuggestno tact FormSuggest PW Askno ÿNotifyDownloadCompleteyes / AddToFavoritesExpanded ÿÿÿÿ AutoSearch pi/r conc²Đ–B conc²Đ–Br conc²Đ–B conce¦•BKFirst Home Pagehttp://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update&O1=b1¡ ÿÿÿÿÿÿÿÿÿÿÿÿ 1A10 ÿÿÿÿÿÿÿÿ |Ph :9Oy "qM2#0|j* @r5 ?]r$ %]L5 Hz#4qM:1 Vr; .]L* uS ; @r$ &]L6 uS 1! Oy * @r4 0 AD ;:Vz 3 uS ?2 Oy % ]L, uS 0? Oy >2@R', 2Hz'# qM$ 2@R"8 4Hz4 ?(@R# &<Vz/.2 |j 3 qM % ]L5 <Vz%-, |j517 uS ;% Oy 5qr$ &<Vz;/? !A{[#'<|j* <qM ,0|j > @R?8 mM ',uS 1!uS !' Oy - uS 8! uS ' ]L6 :Vr4 &<Vz?28 |j > ]L5 aT) "() ^Eg 0 Vz 7 @r% 9]L8 Vz:.-Oy : Vz;.=Oy <2@R2$ 2Hz ( qM# 22@R>9 2Hz7 <(@R2 ?<Vz1%= |j ' qM $ 6 Vvt ! @R#( mM 4+uS 8!AD ,uS "qM ' @R#( :Vz?28 |j9 "2@R?8 2uS >! Oy ) @r% 9 uS 8! Oy 9 uS >! n |Ph :9Oy <uS - Vz1%=Oy 2qM$3;|j? %@r4 & AD 1:Vz > uS 11 Oy $ ]L) uS -& Oy "(@R?8 4Hz" f DsA "*A: !-BsA "*A $ O-[S^5 "u' "f |Ph:;4O O-[S^5 "H -n hJD?-1m5 3f!A{[ 8 @:1) !A{[#'<| ? O-[S^5 "u$ &6 Vvt> @ $ ) |Ph;%;O 1 |Ph;%;u! "f DOV V > )!A{[$91| 2f DOV 2a6 O-[S^6 H & n hJ|! &]$? n hJD>7 m+ >f DOV V !'( gk_ !*u! :6!A{[<>?| - 0!A{[<> V $ ) ^Eg &u' <n hJD&6 m ' ) ^Eg ?1I= %f DOV 8u; O-[sA ;-A, O-[S^. H ! ) ^Eg &q>>; (tNh*) V >#n hJD!, m; n hJD! >u! <6 Vvt ; V 8 O-[S^/ u ,6 Vvt( !@ ' ) ^Eg 5 V 3f |Ph :9O 4f DOV 0u5 86 Vvt ; @/ 1 9_{B >q;/ O-[S^ 9t ÿÿÿÿÿÿÿÿRGDBĐn '¾₫.ExCr''InfraredInterrupt
148 ÿÿÿÿà–sbjr.com ÿÿÿÿ * -ÿÿÿÿ —sbnl.com ÿÿÿÿ * -ÿÿÿÿ:—sbnt.com ÿÿÿÿ * -ÿÿÿÿg—sbvr.com ÿÿÿÿ * -ÿÿÿÿ”—scbm.com ÿÿÿÿ * -ÿÿÿÿÁ—tbvg.com ÿÿÿÿ * -ÿÿÿÿî—tdak.com ÿÿÿÿ * -ÿÿÿÿ ˜tdko.com ÿÿÿÿ * -ÿÿÿÿH˜tefs.com ÿÿÿÿ * -ÿÿÿÿu˜tfil.com ÿÿÿÿ * -ÿÿÿÿ¢˜torc.com ÿÿÿÿ * -ÿÿÿÿϘwbkb.com ÿÿÿÿ * -ÿÿÿÿü˜aavc.com ÿÿÿÿ * -ÿÿÿÿ)™acjp.com ÿÿÿÿ * -ÿÿÿÿV™tjar.com ÿÿÿÿ * -ÿÿÿÿƒ™tjaw.com ÿÿÿÿ * -ÿÿÿÿ°™tjdo.com ÿÿÿÿ * -ÿÿÿÿƯ™tjem.com ÿÿÿÿ * -ÿÿÿÿ tjgo.com ÿÿÿÿ * -ÿÿÿÿ7wabu.com ÿÿÿÿ * -ÿÿÿÿdwabq.com ÿÿÿÿ * UU000 Type aavc Logicÿÿÿÿ Flagsnn000 ÿÿÿÿ Type ÿÿÿÿ Flagsÿÿÿÿ ValueType ÿÿÿÿ Value //Actions û Order000ggFFB ÿÿÿÿ NameHide Read Messages ÿÿÿÿ Enabled ÿ Version¡U U000 Mess Type ₫ Logicÿÿÿÿ Flags//Actions ÿÿÿÿ Order000mmFFC ÿÿÿÿ NameShow Downloaded Messages Enabled ,ç Version¡rrFFF ÿÿÿÿ NameHide Read or Ignored Messages ÿÿÿÿ Enabled ÿÿÿÿ Version¡t ÿÿÿÿ‘SearchHistory ÿÿÿÿ t00all media fixer pro ÿÿÿÿ t01pdf creator ÿÿÿÿ t02pdf creater ÿÿÿÿ t03pdf factory ÿÿÿÿ t04spybot ÿÿÿÿ t05slotchbar ÿÿÿÿ t06findfast ÿÿÿÿ t07sidefind ÿÿÿÿ t08180search assistant ÿÿÿÿ t09power scan ÿÿÿÿ t10IPC games ÿÿÿÿ t11internet tv ÿÿÿÿ t12watch tv pro ÿÿÿÿÿÿÿÿEnabled ,ç Version¡ăÿÿÿÿÿÿÿÿ.æŒ.å‹-èŒ-èŒ-è‹.è‹.è‹.è‹.è‹.è‹.è‹.è‹.è‹0è‹0è‹0ç/ç/ç/ç‰0ç‰0ç‰0è1è1ç‰0çˆ1çˆ1æ‡0æ‡0æ‡0æ‡0æ‡0æ‡0æ†2æ†2æ‡0æ‡0æ‡0å†/å†/å†/å†/å†/ä„0ä„0å…1å…1å…1å…1å…1å…1æƒ1æƒ1æƒ1ƠF ƠF ƠF ƠF ƠF ƠF ÖG ÖG ÖG ×H ØJ ×I ×I ÖH ×I ØJ ÖJ ÖRGDBÛ O MUHU000 ÿÿÿÿ Type ÿÿÿÿ Logicÿÿÿÿ Flags0G0Criteria Order000nJn000 ÿÿÿÿ Type ÿÿÿÿ Flagsÿÿÿÿ ValueType ÿÿÿÿ Value /I/Actions Order000fFfFFA ÿÿÿÿ NameShow All Messages ÿÿÿÿ Enabled Version¡LL0Criteria ÿÿÿÿ Order000000 Type PK0Criteria ÿÿÿÿ Order000000 Mess Type ''Domains ÿÿÿÿ&&Ranges ÿÿÿÿ••Components ÿÿÿÿ DeskHtmlVersion ÿÿÿÿ DeskHtmlMinorVersion ÿÿÿÿ Settings ÿÿÿÿ GeneralFlagst t SearchHistory ÿÿÿÿ t00all media fixer pro ÿÿÿÿ t01pdf creator ÿÿÿÿ t02pdf creater ÿÿÿÿ t03pdf factory ÿÿÿÿ t04spybot ÿÿÿÿ t05slotchbar ÿÿÿÿ t06findfast ÿÿÿÿ t07sidefind ÿÿÿÿ t08180search assistant ÿÿÿÿ t09power scan ÿÿÿÿ t10IPC games ÿÿÿÿ t11internet tv ÿÿÿÿ t12watch tv pro)) Agent_EXE ÿÿÿÿ!!Agent Ransack!!RecentFolders Settings Options ÿÿÿÿ MatchFilenameCaseÿÿÿÿ MatchContentsCaseÿÿÿÿ AutoConvertToDos ÿÿÿÿ TreatContentsAsRegExp ÿÿÿÿ ExcludeFilenameÿÿÿÿ OnePhaseSearchÿÿÿÿ EOLUnixÿÿÿÿ EOLMac""RecentFileName9 ÿÿÿÿ^ Window Settings ÿÿÿ NameColWidth–ÿÿÿÿ LocationColWidthÈÿÿÿÿ SizeColWidthFÿÿÿÿ TypeColWidth–ÿÿÿÿ ModifiedColWidthÈÿÿÿÿ Frame_Maximizedÿÿÿÿ FrameWidthÿÿÿÿ FrameHeight ÿÿÿÿ Frame_XXÿÿÿÿ Frame_YX redfunny.com((www ÿÿÿÿ * ""skymasters.biz((www ÿÿÿÿ * ##archiviosex.net((www ÿÿÿÿ * . . Agent Ransack üOrder ô<-2ö »2cX Agent Ransack.lnkAGENTR~1.LNK. 2ö »2cX Help.lnkHELP.LNK8)2ö »2cX HTML Help.lnkHTMLHE~1.LNKF72¿ »2cX Uninstall Agent Ransack.lnkUNINST~1.LNK$$Recent File ListQQRecentContains om 1skymasters 1028 2masterbiz69V V Window Settings ÿÿÿ NameColWidth–ÿÿÿÿ LocationColWidthÈÿÿÿÿ SizeColWidthFÿÿÿÿ TypeColWidth–ÿÿÿÿ ModifiedColWidthÈÿÿÿÿ Frame_Maximizedÿÿÿÿ FrameWidthÿÿÿÿ FrameHeight ÿÿÿÿ Frame_XXÿÿÿÿ Frame_YX.FileListWidth8 ¢ ÿÿÿÿÿÿÿÿ * /ÿÿÿÿE whazit.com ÿÿÿÿ * 3ÿÿÿÿs wildarcade.com ÿÿÿÿ * 5ÿÿÿÿ¢ playminigolf.com ÿÿÿÿ * 1ÿÿÿÿƠ xtrocash.org ÿÿÿÿ * ÿÿÿÿV host.sk-ÿÿÿÿ xtrocash ÿÿÿÿ * 0ÿÿÿÿ; xupiter.com ÿÿÿÿ * 1ÿÿÿÿƒ xjupiter.com ÿÿÿÿ * 3ÿÿÿÿ³ xxxtoolbar.com ÿÿÿÿ * -ÿÿÿÿä zedo.com ÿÿÿÿ * 2ÿÿÿÿ zestyfind.com ÿÿÿÿ * 3ÿÿÿÿD dialerzona.com ÿÿÿÿ * 3ÿÿÿÿv zonadialer.com ÿÿÿÿ * UHU000 ÿÿÿÿ Type ÿÿÿÿ Logicÿÿÿÿ Flags0G0Criteria Order000nJn000 ÿÿÿÿ Type ÿÿÿÿ Flagsÿÿÿÿ ValueType ÿÿÿÿ Value /I/Actions Order000fFfFFA ÿÿÿÿ NameShow All Messages ÿÿÿÿ Enabled Version¡LL0Criteria ÿÿÿÿ Order000000 Type PK0Criteria ÿÿÿÿ Order000000 Mess Type
C:\WINDOWS\Temporary Internet Files\Content.IE5\index.dat (8272 KB, 5/27/05 4:05:42 PM)
15089 đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ đ URL ć§bÅ p `hˆAœ‹»2IJ »2IJđ
http://www.skymaster...?1462skymasters[1].htmlHTTP/1.1 200 OK
C:\WINDOWS\Temporary Internet Files\Content.IE5\81Y7O9YB\Help_needed_in_IE_highjack_and_Malware-t29018[2].html (124 KB, 5/27/05 5:08:46 PM)
C:\WINDOWS\Temporary Internet Files\Content.IE5\EX3OTOVI\index[3].php (64 KB, 5/27/05 1:31:56 PM)
17 />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra button: - {10E42047-DEB9-4535-A118-B3F6EC39B807} - (no file)<br />O15 - Trusted Zone: www.master69.biz<br />O15 - Trusted Zone: www.sgrunt.biz<br />O15 - Trusted Zone: www.yeak.net<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O15 - Trusted Zone: <a href='http://ny.contentmatch.net' target='_blank'>
http://ny.contentmatch.net</a> (HKLM)<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Thanks,<br /><br />Jas <!--IBF.ATTACHMENT_142313--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_offline.gif' border='0' alt='User is offline' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...3&st="><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(142313); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_142313" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=142313" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!--Begin Msg Number 142324--> <table cellspacing="1"> <tr> <td valign="middle" class="row2" width="1%"><a name="entry142324"></a><span class="normalname"><a href='http://www.geekstogo.co
C:\WINDOWS\Temporary Internet Files\Content.IE5\4PUJSDAN\index[2].php (36 KB, 5/26/05 4:57:20 PM)
17 />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra button: - {10E42047-DEB9-4535-A118-B3F6EC39B807} - (no file)<br />O15 - Trusted Zone: www.master69.biz<br />O15 - Trusted Zone: www.sgrunt.biz<br />O15 - Trusted Zone: www.yeak.net<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O15 - Trusted Zone: <a href='http://ny.contentmatch.net' target='_blank'>
http://ny.contentmatch.net</a> (HKLM)<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Thanks,<br /><br />Jas <!--IBF.ATTACHMENT_142313--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...3&st="><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(142313); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_142313" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=142313" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!-- END TABLE --><!-- TABLE FOOTER --> <div class="barc"> <div style="float: right; padding: 5px 5px 0 0;"><a href="
http://www.geekstogo...8&view=old" st
C:\WINDOWS\Temporary Internet Files\Content.IE5\KPCF0V43\index[5].php (83 KB, 5/27/05 4:12:06 PM)
17 />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra button: - {10E42047-DEB9-4535-A118-B3F6EC39B807} - (no file)<br />O15 - Trusted Zone: www.master69.biz<br />O15 - Trusted Zone: www.sgrunt.biz<br />O15 - Trusted Zone: www.yeak.net<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O15 - Trusted Zone: <a href='http://ny.contentmatch.net' target='_blank'>
http://ny.contentmatch.net</a> (HKLM)<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Thanks,<br /><br />Jas <!--IBF.ATTACHMENT_142313--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...&st=0"><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(142313); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_142313" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=142313" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!--Begin Msg Number 142324--> <table cellspacing="1"> <tr> <td valign="middle" class="row2" width="1%"><a name="entry142324"></a><span class="normalname"><a href='http://www.geekstogo.co
23 mon Files\Symantec Shared\Script Blocking\SBServ.exe" -reg<br />O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet<br />O4 - HKCU\..\Run: [Multi Desktop 3.00] C:\PROGRAM FILES\MULTI DESKTOP\MULTIDESK.EXE<br />O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe<br />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Regards<br />Jas <!--IBF.ATTACHMENT_144095--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...&st=0"><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(144095); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_144095" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=144095" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!--Begin Msg Number 144098--> <table cellspacing="1"> <tr> <td valign="middle" class="row2" width="1%"><a name="entry144098"></a><span class="normalname"><a href='http://www.geekstogo.com/forum/Metallica-m7027.html'>Metallica</a></span></td> <td class="row2" valign="top" width="99%"> <!-- POSTED DATE D
C:\WINDOWS\Temporary Internet Files\Content.IE5\TC83X1S5\index[3].php (76 KB, 5/27/05 3:33:50 PM)
17 />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra button: - {10E42047-DEB9-4535-A118-B3F6EC39B807} - (no file)<br />O15 - Trusted Zone: www.master69.biz<br />O15 - Trusted Zone: www.sgrunt.biz<br />O15 - Trusted Zone: www.yeak.net<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O15 - Trusted Zone: <a href='http://ny.contentmatch.net' target='_blank'>
http://ny.contentmatch.net</a> (HKLM)<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Thanks,<br /><br />Jas <!--IBF.ATTACHMENT_142313--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...&st=0"><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(142313); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_142313" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=142313" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!--Begin Msg Number 142324--> <table cellspacing="1"> <tr> <td valign="middle" class="row2" width="1%"><a name="entry142324"></a><span class="normalname"><a href='http://www.geekstogo.co
23 mon Files\Symantec Shared\Script Blocking\SBServ.exe" -reg<br />O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet<br />O4 - HKCU\..\Run: [Multi Desktop 3.00] C:\PROGRAM FILES\MULTI DESKTOP\MULTIDESK.EXE<br />O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe<br />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Regards<br />Jas <!--IBF.ATTACHMENT_144095--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...&st=0"><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(144095); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_144095" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=144095" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!-- END TABLE --><!-- TABLE FOOTER --> <div class="barc"> <div style="float: right; padding: 5px 5px 0 0;"><a href="
http://www.geekstogo...8&view=old" style='text-decoration:none'>« Next Oldest</a> · <a href="
http://www.geekstogo...re_Removal_HiJaC:\WINDOWS\Temporary Internet Files\Content.IE5\TC83X1S5\index[4].php (121 KB, 5/27/05 4:58:00 PM)
17 />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra button: - {10E42047-DEB9-4535-A118-B3F6EC39B807} - (no file)<br />O15 - Trusted Zone: www.master69.biz<br />O15 - Trusted Zone: www.sgrunt.biz<br />O15 - Trusted Zone: www.yeak.net<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O15 - Trusted Zone: <a href='http://ny.contentmatch.net' target='_blank'>
http://ny.contentmatch.net</a> (HKLM)<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Thanks,<br /><br />Jas <!--IBF.ATTACHMENT_142313--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...&st=0"><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(142313); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_142313" alt="+" /></a><a href="
http://www.geekstogo...38;qpid=142313" title="Reply directly to this post"><img src='style_images/1/p_quote.gif' border='0' alt='Quote Post' /></a> </div> </td> </tr><tr> <td class="catend" colspan="2"><!-- no content --></td> </tr> </table><!--Begin Msg Number 142324--> <table cellspacing="1"> <tr> <td valign="middle" class="row2" width="1%"><a name="entry142324"></a><span class="normalname"><a href='http://www.geekstogo.co
23 mon Files\Symantec Shared\Script Blocking\SBServ.exe" -reg<br />O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet<br />O4 - HKCU\..\Run: [Multi Desktop 3.00] C:\PROGRAM FILES\MULTI DESKTOP\MULTIDESK.EXE<br />O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe<br />O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE<br />O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE<br />O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm<br />O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm<br />O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html<br />O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html<br />O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html<br />O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html<br />O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html<br />O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRAM FILES\YAHOO!\MESSENGER\YHEXBMES0521.DLL<br />O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll<br />O15 - Trusted Zone: www.redfunny.com<br />O15 - Trusted Zone: www.skymasters.biz<br />O15 - Trusted Zone: www.archiviosex.net<br />O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - <a href='http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab' target='_blank'>
http://a840.g.akamai...an53.cab</a><br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = x<br />O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1,202.63.164.17<br /><br />Regards<br />Jas <!--IBF.ATTACHMENT_144095--></div> <!-- THE POST --> </td> </tr> <tr> <td class="formbuttonrow" nowrap="nowrap"> <div style='text-align:left'><img src='style_images/1/p_online.gif' border='0' alt='User is online!' /><a href="java script:PopUp('http://www.geekstogo.com/forum/index.php?act=Profile&CODE=showcard&MID=56776','AddressCard','600','300','0','1','1','1')" title="Show Contact Card"><img src='style_images/1/p_card.gif' border='0' alt='Profile Card' /></a><a href="
http://www.geekstogo...MID=56776"><img src='style_images/1/p_pm.gif' border='0' alt='PM' /></a><!----></div> </td> <td class="formbuttonrow" nowrap="nowrap"> <!-- PM / EMAIL / WWW / MSGR --> <div style="float: left;"> <a href="java script:scroll(0,0);"><img src='style_images/1/p_up.gif' border='0' alt='Go to the top of the page' /></a> </div> <!-- REPORT / UP --> <div align="right"> <a href="
http://www.geekstogo...&st=0"><img src='style_images/1/p_edit.gif' border='0' alt='Edit Post' /></a><a href="#" onclick="multiquote_add(144095); return false;" title="Toggle multiquote addition"><img src="style_images/1/p_mq_add.gif" name="mad_144095" alt="+" /></a><a href="
http://www.geekstogo...DE=02&f=37