Uh Oh ! Hellppp !!!

[skoolgirl]

Hi All !

I'd like to say this up front: I'm sorry if this runs long, but i've seen other postings that didn't have enough information, and i wanted to include everything the first time. Thanks in advance for your patience  .

I am running WinXP Home SP1 on a Dell 4300; 1.6 GB, 256 MB.

Here's the problem (and yes, it's my fault, OK  )...
I've been using Avast ! 4.6 for close to six months, and i absolutely love it ! Because of the P2P shield, i started using a P2P platform again. However, I think i've gotten something via downloading, and this is why.

I have both Avast ! and AVG installed, but AVG does not run on startup; it only runs when i prompt it to, even though it will update on it's own. Avast ! is my primary, and AVG is my secondary. I also have MSN's Webroot Spy Sweeper (which is my primary spyware program) as well as Ad-Aware SE Personal (my secondary; does not startup or update on it's own) installed.

Starting on the 21st of April, i have not been able to update Avast !, AVG, OR Spysweeper. The reasons are always listed as an inability to connect to the servers. The possible reasons are always listed as the firewall (WinXP basic firewall is what i have), but that's never, ever been a problem before; or that i need to adjust the port settings. I have contacted both Microsoft and MSN, and neither of them want to seem to discuss port settings for various reasons.

I went back and deleted the files i downloaded since 4/19, and nothing has changed. I also did a System Restore to the 19th, and nothing has changed. I've checked the system startup; there's nothing new listed. I've checked the services, and nothing unusual is there that i could see.

I've done several scans; nothing is being picked up. Neither Avast ! nor AVG finds anything, obviously because they haven't been updated. The Avast ! Virus Cleaner didn't find anything. HouseCall didn't find anything; Ad-Aware (which, oddly enough DID update !) didn't find anything out of the ordinary.

Windows Live Safety Center didn't find any viruses or open ports, but it did find a lot of registry errors. I clicked to have all of them repaired, but nothing changed. It also said i needed to do a defrag because 14 % of my files are fragmented, but i'm scared to do it under the circumstances.

Of course, the geniuses at MSN and Microsoft swear me up and down that it's a conflict between the antivirus programs, but it's never happened before now. Just to be sure, i uninstalled AVG and tried to update Avast ! to no avail..just as i knew it wouldn't be. It also didn't seem to be unusual to them to have two different antivirus programs AND an antispyware program from 3 different companies to have the same problem at the same time 

Not only that..when i started my PC today, i heard my processor make a grinding sound for about 5 minutes. After that, when i went to my MSN mail account, i was prompted to download something called mail.mailhost, which has never happened before. Of course, i hit cancel.

So..that's the story. I'd hate to have to do another OS uninstall and reinstall (i've done 3 of them in the past 18 months due to viruses; yes, i had protection with all of them, namely Trend Micro Internet Security, which i don't understand why everyone hypes because it's nothing but garbage on a disk (their Level 3 Tech Suport people had no clue how to fix it, or why a 2 year old virus was even able to penetrate despite regular updating) ; and Norton, which is garbage in a download).

Does anyone have any idea what this is and how to get rid of it ? If not, is there any damage i can do to my hard drive or my PC period if i uninstall and reinstall the OS again ? I know a little about the registry, but not enough to go in and do changes without adult supervision  (i'm 40, BTW).

I thank any and everybody who contributes to this thread in advance.
--Skoolgirl

[ardvark]

Hi skoolgirl...

Hmmm....although I could be wrong, your problem certainly has all the symptoms and traits of a virus infection.

Try downloading and running this program...

http://www.f-secure.com/blacklight/try.shtml

Click on "I accept" and then when the next page loads up, click on "Download."

I don't think it will be an immediate cure but it might help in narrowing down where the problem lies.

Best Regards...

[skoolgirl]

Thank you, ardvark. I will do that right now. I talked to MSN, so we got the mail.mailhost situation straight. Apparantly, whatever this is corrupted my MSN mail, but now it's back to normal.

Here's the bad news: I went to freebyte.com to peruse the free firewalls again. I've had both Zone Alarm and SensiveGuard, and wasn't pleased with either one in the past because they seemed to allow some programs to begin running before i approved it. I've tried Sunbelt Kerio (it never ran right after 2 installations), and Sygate appears not to be free anymore...

but i digress..

When i go to freebyte.com, i get redirected to something called sitelutions.com..which means there's a redirector in here, right ? I even tried to access the site from my history (cause i went there earlier today) by using a link to the antivirus section. When i click that link, it tells me "The page cannot be found".

See..this isn't cute..it's getting worse and worse.

I will download the F-Secure and run it, but all other suggestions are welcome !

Thanks again, ardvark.
--Skoolgirl

[galooma]

first can you try a repair of avast to confirm its all correct (via add/remove programs with an open internet connection) then once its finished go here http://spyros.atspace.com/ and d/l a little utility called hyjack this.
It will generate a log file which you can post back here and gain advice on what might be upsetting you system
good luck

PS there`s also lots of other good free utilities available here you might like 

[skoolgirl]

1) F-Secure didn't find anything.

2) Tried the repair yesterday (sorry, i left that out). It tells me 'Error Processing Packages. Please Use Full Update'.

Which, of course, i can't  :'(

Question: should i download hyjack this despite the inablility to repair Avast ?

Thanks, Cloussau.

[ardvark]

Hi skoolgirl...

I've had good luck with Kerio 4.1 (Before Sunbelt took it over,)
it too is free although I don't think installing any firewall will matter at this point until whatever you possibly have is taken care of as it might disable/mess with that as well.

Also here is a firewall review site, if it will be of any help.

http://www.firewallguide.com/software.htm  

Yes, you should download HJT as soon as possible and submit a log.

Best Regards...

[skoolgirl]

Thanks !

OK..here's the logfile from HijackThis ! : *NOTE* Nothing is checked off to fix !

Logfile of HijackThis v1.99.1
Scan saved at 8:48:03 PM, on 4/23/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\AWS\WeatherBug\Weather.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\logonmgr.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Skoolgirl\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpoofStick BHO - {CBA74CDA-DF78-4AD9-954E-3B15D0A993DE} - C:\Program Files\CoreStreet\SpoofStick\SpoofStickBHO.dll
O3 - Toolbar: SpoofStick - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - C:\Program Files\CoreStreet\SpoofStick\SpoofStick.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Update Page Content - C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\refreshpage.htm
O8 - Extra context menu item: View All Originals On Page - C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\getoriginal.htm
O8 - Extra context menu item: View Original Image - C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\getoriginal.htm
O9 - Extra button: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - {2FDEF853-0759-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - {5DA9DE80-097A-11D4-A92E-006097DBED37} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab40641.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://wdownload.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (ZoneBuddy Class) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/en-us/wlscbase7617.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136057227684
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab43895.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8259362C-40DA-4523-8356-C66E06308461}: NameServer = 205.171.3.65 205.171.2.65
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Any help, as usual, is appreciated.
--Skoolgirl

[skoolgirl]

Hmm..

As i look more closely at the list, can anyone tell me what this might be:

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

I don't even have the 'radio' icon on my MSN Explorer toolbar.

Any ideas ?

--Skoolgirl

[galooma]

These are my preferences and feel free to disregard if you like
remove in add/ remove WEATHERBUG and AVG and SPOOFSTICK toolbar
as you can see from this line O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
avg is running from startup rather than just as backup and therfore likely conflict.
spysweeper has a good detection rate so it should be enough behind avast.
there are others that may be found with a little research but i dont have the time
 was there a reason you couldnt download a fresh copy of AVAST?

The grinding noise is probably just a fan getting old and shouldnt be a problem unless it stops altogether.
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

This is a nessesary item and i suggest if you delete it you might lose your clock on the toolbar maybe.

Tutorial on how to remove weatherbug if you have problems http://www.pchell.com/support/weatherbug.shtml

If you are still having troubles after fixing all that then i suggest you run your defrag, then invesatigate a little closer  all the 09 extra tools entries as im suspicious of those.

[timcan]

http://www.kaspersky.com/virusscanner
Hi skoolgirl, kaspersky has probably the  best detection  rates if you want to try their online scanner.

[skoolgirl]

Hi Cloussau.

Thank you for your input; it is appreciated. Your suggestions sound good. I have a few questions and quick notes   :

1) Thank you for pointing out that AVG is running on startup. While i disabled some AVG components from starting, it appears that i missed that one. I have since gone in and changed it.

2) I checked out the Radio thingy before i came back here and figured it was needed; thank you for confirming that.

3) I didn't download a fresh copy of Avast for a reason. I uninstalled and reinstalled AVG first. While i was able to get a fresh copy of AVG, i was unable to update it due to the server issue. Therefore, i was nervous to do the same with Avast, figuring that i have a more updated utility with the one i have than i would with a fresh copy that i would have to do an update on..and i can't do the update.

4) Re: Weatherbug, Spoofstick, etc.. i'm curious to know why it would be a good idea to uninstall these programs when they ran without fail before all of this happened. As a matter of fact, the spoofstick is still running well. When i was redirected, the spoofstick reflected that. Is it that whatever this is may attach itself to these things and spread faster ?

5) Spysweeper is a great utility, but it isn't updating either.

As usual, your help is appreciated, Cloussau !
--Skoolgirl

[skoolgirl]

http://www.kaspersky.com/virusscanner
Hi skoolgirl, kaspersky has probably the  best detection  rates if you want to try their online scanner.

Thanks, Timcan ! I'll go there right now...
--skoolgirl

[Lisandro]

1) Thank you for pointing out that AVG is running on startup. While i disabled some AVG components from starting, it appears that i missed that one. I have since gone in and changed it.

Sorry to jump here... but the last AVG version 7 IS NOT fully compatible with avast EVEN if you disable the startup entries and services.
You must DO NOT INSTALL the resident, the mail plugin, the Outlook plugin, etc.
Just the on-demmand scanner (and updator) features. 

[galooma]

As previously stated the final decision on which programs you run is up to you but what you call a server issue is more than likely a result of the conflict between your AV programs, if AVG is your preference then remove Avast.
Until you resolve this then i suggest nothing else is going to be resolved.


On 2nd read of your HJT I think your problem is here C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  You have zone alarm firewall or part of it at least which is stopping your programs from updating.
 Probably what stopped Kerio from installing as well. You might need to re-install ZA for its uninstaller to work properly.
Having done that you should be able to progress.

[skoolgirl]

Thanks for all of the info !!

Timcan suggested that i go to Kaspersky and do their online scan. I'm glad i did, because Kaspersky found at least part of what the problem is.

IT IS A WORM !!!

Kaspersky calls it Trojan-Downloader.BAT.Ftp.ab. They didn't seem to have too much info, though. It appears to be a downloaded script that allows the W32/Sdbot worm or the Rhbot worm to run and do what it's going to do.

BitDefender calls it Backdoor.BotGet.FtpB.Gen. Here's the link to the info:
http://www.bitdefender.com/VIRUS-43596-en--Backdoor.BotGet.FtpB.Gen.html

Panda calls it W32/Sdbot.ftp. Here's the link to the info:
http://enterprises.pandasoftware.com/virus_info/encyclopedia/overview.aspx?lst=vis&idvirus=56244

McAfee calls it W32/Sdbot.worm. Here's the link to the info:
http://vil.nai.com/vil/content/v_100454.htm

So....

Kaspersky doesn't appear to be able to clean this out, but Panda says their free scanner will. I'm going to their site after this to use their scanner and see what shakes out. I'm also going to flip between the three links listed above and see what, if anything, i can figure out in terms of getting this mess out of the registry, and out of my PC.

I appreciate the help of everyone who pitched in here thus far. While i could see why some people may have thought it was a conflict between the antivirus softwares, i just didn't think so for a few reasons:

1) This all started happening on the same day.
2) Spysweeper was also affected on the same day, and that's antispyware. I just don't believe in coincidence.
3) Both A-V programs have been in my PC for well over 6 months. I would think that any conflict between the two would have happened well before now, and
4) The only thing i was doing differently on my PC around this time was downloading.

I'm guessing that whatever worm is doing it's thing in here has somehow messed with my ports so that the A-V's and Spysweeper can't connect to the servers to update.

BTW..the error messages and logs from AVG and Avast both referenced problems with the server..that's where i got that from. Otherwise, i wouldn't have had any idea why the programs were not updating  .

Thanks to everyone who helped out; i really appreciate it. Hey..if you want to hang out and help me try to weed through all of this stuff (because i am not too proud to admit that i am almost completely without a clue here  :'( ), i'd be more than appreciative. Of course, i'm aware that you all have lives, so i won't be mad if you choose not to hang out  . I'm just hoping that the Panda freescan can do what i need done.

Either way..thanks to all who helped me out on this, and to anyone who wants to continue to help me out. It's greatly appreciated !

--skoolgirl