There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
Malware Removal & HijackThis Logs
Tag Cloud
backup bios boot bsod computer connection crash dell driver drivers email error excel firefox freeze hard disk hard drive hardware hijackthis internet kb977165 keyboard laptop linksys macro malware network outlook outlook 2003 outlook 2007 password problem recovery redirect server slow sound toshiba trojan usb video virus vista vpn windows windows 7 windows vista windows xp wireless youtube
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Malware Removal & HijackThis Logs >
Solved: Windows cannot findC:\Documents and Settings\Administrator\feivjo.exe

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

Closed Thread
Page 1 of 2 1 2
 
Thread Tools
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
17-Nov-2009, 11:50 PM #1
Thumbs up Windows cannot findC:\Documents and Settings\Administrator\feivjo.exe
Whenever i Start my computer!!!!!!I get this message-Windows cannot find
C:\Documents and Settings\Administrator\feivjo.exe......What should i do to prevent this message.
Register for free to hide this ad!
rebelmusic's Avatar
Senior Member with 253 posts.
  
Join Date: Feb 2005
Location: Cork, Ireland
Experience: bsc comp science
18-Nov-2009, 02:54 AM #2
Your computer is attempting to run that exe on startup. Try this

1: Click the start menu and click run
2: Type msconfig and press enter
3: On the top select the 'startup' tab
4: You'll see a long list. One of the headings is 'command'. Expand that to the right and you should see a long list of paths eg "C:/Windows" etc.
5: Look for the line 'C:\Documents and Settings\Administrator\feivjo.exe'
6: If you find it, untick the box to the left of it, click apply and restart your computer
7: Come back and tell me if it worked xD
__________________
"It was the best of times....its was the BLURST of times!! You Stupid Monkey!"
techkid's Avatar
Computer Specs
Distinguished Member with 2,216 posts.
  
Join Date: Sep 2004
Location: Sydney, Australia
Experience: Fix it until it's broken
18-Nov-2009, 06:18 AM #3
I can't say that I know what the program is or was supposed to be, but to me it sounds suspect.

To assist in your problem, we need you to download HijackThis (http://www.trendsecure.com/portal/en...HJTInstall.exe). Install the program (it will save to C:\Program Files\Trend Micro\HijackThis), run it, and select 'Scan'. Do not fix anything yet, just select 'Save log', and copy the contents of the log to your next post. A security expert will be along to check the log. Please be patient.

If, after 48 hours, you have not received a response, click on the 'Report' button at the bottom of your post, and ask politely to have the post moved to the Malware Removal forum.
__________________
Like anime? Join the TSG Anime Fan Club
Most computer problems are found between the chair and the keyboard.
SUPERAntiSpyware, AVG Antivirus, ZoneAlarm Firewall, Spybot S&D, MBAM, HijackThis
MrLOL2341's Avatar
Computer Specs
Junior Member with 20 posts.
  
Join Date: Nov 2009
Location: Ellenbrook, Perth WA Australia
Experience: lot's of annoying laptops
18-Nov-2009, 07:13 AM #4
Windows cannot find
C:\Documents and Settings\Administrator\feivjo.exe

Ok did this say when it was in bios because you can use a windows xp cd to repair your pc.
if you dont have a cd then you can always get one from many it stores or even on the internet if you can access it

i got a question! is feivjo.exe a part of windows start up
Last edited by MrLOL2341 : 18-Nov-2009 07:20 AM.
flavallee's Avatar
Computer Specs
Trusted Advisor with 25,613 posts.
  
Join Date: May 2002
Location: Hillsborough county, Florida
Experience: Advanced
18-Nov-2009, 08:01 AM #5
ajayrocketstar89:

Go here and click the green icon to download and save HijackThis 2.0.2.

Close all open windows, then install it in its default location: C:\Program Files\Trend Micro\HijackThis.

Run a scan with it - which will take 30 seconds or less.

Save the resulting log in Notepad.

Return here, then copy-and-paste the entire log here.

-------------------------------------------------------------
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
19-Nov-2009, 07:27 AM #6
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:29 PM, on 11/19/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\V0230Mon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\GADDAM\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
Phantom010's Avatar
Computer Specs
Distinguished Member with 11,579 posts.
  
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
19-Nov-2009, 07:31 AM #7
Your computer is infected. Please click on the Report button and kindly ask to be moved to the Malware Removal forum.
dvk01's Avatar
Moderator with 29,064 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
19-Nov-2009, 08:15 AM #8
Please download Malwarebytes' Anti-Malware to your desktop
from HERE or HERE

Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following:

Update Malwarebytes' Anti-Malware. Launch Malwarebytes' Anti-Malware. Then click Finish.

If an update is found, it will download and install the latest version. Press Update to make sure the latest database is loaded.
Once the program has loaded, select Perform quick scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad.
Please include this log in your next reply.

It might ask you to reboot to finish cleaning. Please do so. ( Press YES on the alert)
If you receive an (Error Loading xxxxxxxxxx .dll) error on reboot please reboot a second time . It is normal for this error to occur once and does not need to be reported unless it continues on every boot
__________________
Derek Microsoft MVP/Windows - Security Thespykiller | Security & Privacy
I am helping you, please help me by donating to help keep the Hedgehog Rescue Centre running
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
19-Nov-2009, 08:54 AM #9
Malwarebytes' Anti-Malware 1.41
Database version: 3196
Windows 5.1.2600 Service Pack 2

11/19/2009 8:23:53 PM
Malware Report

Scan type: Quick Scan
Objects scanned: 99472
Time elapsed: 4 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9b71d88c-c598-4935-c5d1-43aa4db90836} (Trojan.Agent) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system\config.exe (Trojan.Agent) -> No action taken.
C:\RECYCLER\S-1-5-21-6714587152-7863725111-925996193-6357\sysdate.exe (Worm.Autorun.B) -> No action taken.
C:\WINDOWS\system32\Drivers\ndisvvan.sys (Rootkit.Agent) -> No action taken.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> No action taken.
dvk01's Avatar
Moderator with 29,064 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
19-Nov-2009, 08:57 AM #10
now read my last post and do as you were told

Quote:
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
when you have done that

Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefully

Download ComboFix from Here to your Desktop.

**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
  • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again after combofix has finished
--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
Double click on combofix.exe & follow the prompts.
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.
__________________
Derek Microsoft MVP/Windows - Security Thespykiller | Security & Privacy
I am helping you, please help me by donating to help keep the Hedgehog Rescue Centre running
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
19-Nov-2009, 10:34 AM #11
ComboFix 09-11-18.09 - GADDAM 11/19/2009 21:27.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2045.1448 [GMT 5.5:30]
Running from: c:\documents and settings\GADDAM\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091119-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\documents and settings\GADDAM\secupdat.dat
c:\documents and settings\GADDAM\Start Menu\Programs\AVI Codec Pack +
c:\documents and settings\GADDAM\Start Menu\Programs\AVI Codec Pack +\Check For Updates.lnk
c:\documents and settings\GADDAM\Start Menu\Programs\AVI Codec Pack +\Uninstall.lnk
c:\program files\AVI Codec Pack
c:\program files\AVI Codec Pack\AC3\ac3filter.ax
c:\program files\AVI Codec Pack\AC3\dialog_patch.exe
c:\program files\AVI Codec Pack\LAYER-3\L3CODECP.ACM
c:\program files\AVI Codec Pack\LAYER-3\RaMp3Cfg.exe
c:\program files\AVI Codec Pack\uninstall.exe
c:\recycler\S-1-5-21-0865919005-8809205835-881279360-8088
c:\recycler\S-1-5-21-1189811488-7035799306-625779348-5183
c:\recycler\S-1-5-21-1281269998-3219851495-391835808-2469
c:\recycler\S-1-5-21-1381698011-9492472693-914726603-2379
c:\recycler\S-1-5-21-2114683669-6371586426-874949913-9792
c:\recycler\S-1-5-21-2536840701-5917158291-267519509-3393
c:\recycler\S-1-5-21-3049416996-1012454851-948937126-6491
c:\recycler\S-1-5-21-3767419240-2868360176-353025766-8179
c:\recycler\S-1-5-21-3767419240-2868360176-353025766-8179\Desktop.ini
c:\recycler\S-1-5-21-3767419240-2868360176-353025766-8179\sysdate.exe
c:\recycler\S-1-5-21-4228030999-5387333135-540158990-9691
c:\recycler\S-1-5-21-6714587152-7863725111-925996193-6357
c:\recycler\S-1-5-21-6884359144-2870595174-496266936-0233
c:\recycler\S-1-5-21-776561741-2000478354-725345543-1003(2)
c:\recycler\S-1-5-21-8066681103-4737748988-589892971-2404
c:\windows\system32\secupdat.dat
D:\autorun.inf
D:\install.exe
E:\Autorun.inf
F:\autorun.inf
G:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-10-19 to 2009-11-19 )))))))))))))))))))))))))))))))
.

2009-11-19 16:02 . 2009-11-19 16:02 -------- d-----w- c:\windows\system32\Lang
2009-11-19 15:57 . 2004-08-03 17:29 95360 -c--a-w- c:\windows\system32\dllcache\atapi.sys
2009-11-19 15:57 . 2004-08-03 17:29 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-19 14:44 . 2009-11-19 14:44 4045528 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-11-19 14:43 . 2009-11-19 14:43 -------- d-----w- c:\program files\ESET
2009-11-19 14:43 . 2009-11-19 15:53 460 ---h--w- c:\windows\system\klog.dat
2009-11-19 14:34 . 2009-11-19 14:34 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Malwarebytes
2009-11-19 14:34 . 2009-09-10 09:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-19 14:34 . 2009-11-19 14:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-19 14:34 . 2009-11-19 14:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-19 14:34 . 2009-09-10 09:23 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-15 15:47 . 2009-11-15 15:47 40128 ----a-w- c:\windows\system32\drivers\amffyrvo.sys
2009-11-15 14:31 . 2009-11-15 14:31 30720 ----a-w- c:\documents and settings\GADDAM\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe
2009-11-15 14:31 . 2007-03-22 10:46 126976 ----a-w- c:\documents and settings\GADDAM\Application Data\GRETECH\GomPlayer\GrLauncher.exe
2009-11-15 09:52 . 2009-11-15 09:52 -------- d-----w- c:\program files\CCleaner
2009-11-07 10:21 . 2009-11-07 10:21 -------- d-s---w- c:\documents and settings\GADDAM\UserData
2009-11-06 04:37 . 2009-11-06 04:37 -------- d-----w- c:\documents and settings\GADDAM\Local Settings\Application Data\Cooliris
2009-11-06 04:37 . 2009-10-20 08:03 545280 ----a-w- c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\libs\PicLensHelper.exe
2009-11-06 04:37 . 2009-10-20 08:03 4716544 ----a-w- c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\components\cooliris.dll
2009-11-06 04:37 . 2009-10-20 08:03 103424 ----a-w- c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\libs\pixomatic.dll
2009-11-06 04:37 . 2009-10-20 08:03 344064 ----a-w- c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\libs\LaunchCooliris.exe
2009-11-06 04:37 . 2009-10-20 08:03 153600 ----a-w- c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\plugins\npcoolirisplugin.dll
2009-10-31 06:09 . 2009-10-31 06:09 -------- d-----w- c:\documents and settings\GADDAM\Application Data\GRETECH
2009-10-31 06:08 . 2009-10-31 06:08 -------- d-----w- c:\program files\GRETECH
2009-10-28 07:09 . 2004-08-03 19:26 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-10-28 07:09 . 2001-08-17 17:06 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-10-28 07:09 . 2004-08-03 17:28 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-10-28 07:09 . 2004-08-03 17:28 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-10-23 01:57 . 2009-10-23 01:57 -------- d-----w- c:\windows\system32\wbem\Repository
2009-10-23 01:56 . 2009-10-23 01:56 -------- d-----w- c:\program files\Ares
2009-10-23 01:56 . 2009-10-23 01:56 -------- d-----w- c:\program files\iPod
2009-10-23 01:56 . 2009-10-23 01:56 -------- d-----w- c:\program files\iTunes
2009-10-23 01:56 . 2009-10-23 01:56 -------- d-----w- c:\program files\Monkey's Audio
2009-10-23 01:56 . 2009-10-23 01:56 -------- d-----w- c:\program files\Ultra Video Splitter
2009-10-23 01:51 . 2009-10-23 01:51 -------- d-----w- c:\program files\DIFX

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-19 16:03 . 2009-06-24 02:50 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-19 14:26 . 2009-06-24 02:46 -------- d-----w- c:\program files\Mozilla Firefox 3.5 Beta 4
2009-11-15 14:33 . 2009-07-25 15:27 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-15 14:33 . 2009-07-25 15:27 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-15 10:25 . 2009-06-23 17:56 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Winamp
2009-11-08 06:36 . 2009-06-24 02:58 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Skype
2009-11-08 06:34 . 2009-07-06 15:36 -------- d-----w- c:\documents and settings\GADDAM\Application Data\skypePM
2009-10-31 11:55 . 2009-08-20 06:52 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Any Video Converter
2009-10-31 11:35 . 2009-08-20 06:52 -------- d-----w- c:\program files\Any Video Converter
2009-10-23 01:56 . 2009-09-23 11:33 -------- d-----w- c:\program files\Notepad++
2009-10-23 01:50 . 2009-10-03 13:52 -------- d-----w- c:\program files\Nokia
2009-10-09 15:55 . 2009-06-29 11:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-10-06 10:35 . 2009-10-06 10:03 -------- d-----w- c:\documents and settings\GADDAM\Application Data\GetRightToGo
2009-10-03 15:56 . 2009-10-03 15:56 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Nokia
2009-09-29 05:20 . 2009-09-29 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrium
2009-09-28 13:03 . 2009-09-28 13:03 -------- d-----w- c:\documents and settings\All Users\Application Data\agi
2009-09-24 01:55 . 2009-06-23 16:53 70024 ----a-w- c:\documents and settings\GADDAM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-23 11:33 . 2009-09-23 11:33 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Notepad++
2009-09-22 10:40 . 2009-09-22 08:11 -------- d-----w- c:\documents and settings\GADDAM\Application Data\Uniblue
2009-09-22 10:21 . 2009-09-22 10:21 -------- d-----w- c:\program files\Uniblue
2009-09-22 08:49 . 2009-09-22 08:49 -------- d-----w- c:\program files\Trend Micro
2009-09-10 03:45 . 2009-07-06 15:31 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-03 13:02 . 2009-06-24 03:27 83456 ----a-w- c:\documents and settings\All Users\Application Data\SpeedBit\DAP\SDCondition.dll
2009-09-03 09:00 . 2009-09-03 08:38 354744 ----a-w- c:\documents and settings\GADDAM\Application Data\SanDisk\Sansa Updater\SansaUpdaterInstall.exe
2009-09-03 08:59 . 2009-09-03 08:38 541696 ----a-w- c:\documents and settings\GADDAM\Application Data\SanDisk\Sansa Updater\SansaUpdater.exe
2009-08-25 13:59 . 2004-07-17 06:06 163644 ----a-w- c:\windows\system32\drivers\secdrv.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2009-06-24 3114496]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 143360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2007-12-22 221056]
"ares"="c:\program files\Ares\Ares.exe" [2008-12-13 882176]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2003-06-25 184320]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-11-02 267048]
"V0230Mon.exe"="c:\windows\system32\V0230Mon.exe" [2006-07-19 36961]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-05-25 16132608]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-25 1657376]

c:\documents and settings\GADDAM\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amffyr vo.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\iCall\\iCall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 amffyrvo;amffyrvo;c:\windows\system32\drivers\amffyrvo.sys [11/15/2009 9:17 PM 40128]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/6/2009 9:01 PM 716272]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/23/2009 10:56 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/23/2009 10:56 PM 20560]
R3 V0230Vfx;V0230Vfx;c:\windows\system32\drivers\V0230Vfx.sys [9/20/2009 11:01 AM 6272]
R3 V0230VID;Live! Cam Video IM Pro;c:\windows\system32\drivers\V0230VID.sys [9/20/2009 11:01 AM 498464]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - CLASSPNP_2
*Deregistered* - CLASSPNP_2
*Deregistered* - mbr
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\
FF - component: c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\components\cooliris.dll
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\Mozilla Firefox 3.5 Beta 4\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\documents and settings\GADDAM\Application Data\Mozilla\Firefox\Profiles\y3ylnxvn.default\extensions\piclens@cooliris. com\plugins\npcoolirisplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox 3.5 Beta 4\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe
HKLM-Run-HotKeysCmds - c:\windows\system32\hkcmd.exe
HKLM-Run-Persistence - c:\windows\system32\igfxpers.exe
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-AVI Codec Pack - c:\program files\AVI Codec Pack\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-19 21:33
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A63A1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecfc3
\Driver\ACPI -> ACPI.sys @ 0xb9e6acb8
\Driver\atapi -> 0x8a63a1f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058236c
ParseProcedure -> ntkrnlpa.exe @ 0x8058146a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058236c
ParseProcedure -> ntkrnlpa.exe @ 0x8058146a
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb9cf6ba0
PacketIndicateHandler -> NDIS.sys @ 0xb9d03b21
SendHandler -> NDIS.sys @ 0xb9ce187b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="REMOVED"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3536)
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Alwil Software\Avast4\setup\avast.setup
.
**************************************************************************
.
Completion time: 2009-11-19 21:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-19 16:06

Pre-Run: 7,956,307,968 bytes free
Post-Run: 7,933,554,688 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 98BB7AEB3ED74CF17CB0B5BB12B023E7
dvk01's Avatar
Moderator with 29,064 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
19-Nov-2009, 11:20 AM #12
Download the attached CFScript.txt and save it to your desktop ( click on the link underneath this post & if you are using internet explorer when the "File download" pop up comes press SAVE and choose desktop in the list of selections in that window & press save)
Disable any antivirus/antimalware/firewall realtime protection or script blocking in the same way you did previously before running combofix & remember to re-enable it when it has finished
Close any open browsers
Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.







This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply together with a new HijackThis log.


Note: these instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system and will not fix your problem. If you have a similar problem start your own topic in the malware fixing forum

This will create a zip file inside C:\QooBox\quarantine named something like [38]-Submit_2008-01-17@17.50.zip

at the end it will pop up an alert & open your browser and ask you to send the zip file

please follow those instructions. We need to see the zip file before we can carry on with the fix

If there is no pop up alert or open browser then

please go to http://www.thespykiller.co.uk/index.php?board=1.0 and upload these files so I can examine them and if needed distribute them to antivirus companies.
Just press new topic, fill in the needed details and just give a link to your post here & then press the browse button and then navigate to & select the files on your computer, If there is more than 1 file then press the more attachments button for each extra file and browse and select etc and then when all the files are listed in the windows press send to upload the files ( do not post HJT logs there as they will not get dealt with)

Files to submit:
the zip file inside C:\QooBox\quarantine created by combofix named something like [38]-Submit_2008-01-17@17.50.zip

or to
http://www.bleepingcomputer.com/subm...php?channel=38
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log.
__________________
Derek Microsoft MVP/Windows - Security Thespykiller | Security & Privacy
I am helping you, please help me by donating to help keep the Hedgehog Rescue Centre running
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
19-Nov-2009, 06:54 PM #13
this is the message that appears when i open the following link in Internet explorer..http://forums.techguy.org/malware-re...ml#post7043403


Download the attached CFScript.txt and save it to your desktop ( click on the link underneath this post & if you are using internet explorer when the "File download" pop up comes press SAVE and choose desktop in the list of selections in that window & press save)
Disable any antivirus/antimalware/firewall realtime protection or script blocking in the same way you did previously before running combofix & remember to re-enable it when it has finished
Close any open browsers
Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.







This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply together with a new HijackThis log.


Note: these instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system and will not fix your problem. If you have a similar problem start your own topic in the malware fixing forum

This will create a zip file inside C:\QooBox\quarantine named something like [38]-Submit_2008-01-17@17.50.zip

at the end it will pop up an alert & open your browser and ask you to send the zip file

please follow those instructions. We need to see the zip file before we can carry on with the fix

If there is no pop up alert or open browser then

please go to http://www.thespykiller.co.uk/index.php?board=1.0 and upload these files so I can examine them and if needed distribute them to antivirus companies.
Just press new topic, fill in the needed details and just give a link to your post here & then press the browse button and then navigate to & select the files on your computer, If there is more than 1 file then press the more attachments button for each extra file and browse and select etc and then when all the files are listed in the windows press send to upload the files ( do not post HJT logs there as they will not get dealt with)

Files to submit:
the zip file inside C:\QooBox\quarantine created by combofix named something like [38]-Submit_2008-01-17@17.50.zip

or to
http://www.bleepingcomputer.com/subm...php?channel=38
Attachment Blocked Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log.

__________________
Derek Microsoft MVP/Windows - Security Thespykiller | Security & Privacy
I am helping you, please help me by donating to help keep the Hedgehog Rescue Centre running
Last edited by ajayrockstar89 : 19-Nov-2009 10:17 PM.
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
19-Nov-2009, 06:55 PM #14
i am unable to download the file IE....the attachment is blocked
ajayrockstar89's Avatar
Member with 47 posts.
  
Join Date: Sep 2009
19-Nov-2009, 07:32 PM #15
i did not get a pop up when i opened the link In IE
Closed Thread Bookmark and Share   techguy.org/878291
Page 1 of 2 1 2

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Smart Search

Find your solution!


« Previous Thread | Malware Removal & HijackThis Logs | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


Twitter Twitter! | Podcast | Mobile | Advertise
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 02:32 AM.
Copyright © 1996 - 2010 TechGuy, Inc. All rights reserved.
 Powered by Cermak Technologies, Inc.