Live Chat & Podcast at 1:00PM Eastern on Sunday!
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
Tag Cloud
access acer asus bios bsod computer crash desktop driver drivers error ethernet excel freeze gaming hard drive hardware hdmi internet laptop malware memory modem monitor motherboard network printer problem ram registry router security slow software sound toshiba trojan ubuntu 11.10 uninstall usb video virus vista wifi windows windows 7 windows 7 32 bit windows 7 64 bit windows xp wireless
Search
Search for:
Tech Support Guy Forums > Security & Malware Removal > Virus & Other Malware Removal >
Congratulations, you have been selected to receive a Nintendo Wii (New)

Reply  
Thread Tools
caseysousa's Avatar
Junior Member with 2 posts.
  
Join Date: Nov 2008
03-Nov-2008, 09:48 PM #1
Congratulations, you have been selected to receive a Nintendo Wii
It all started when I attempted to install Nero (from a friend). Right when I started the install process, AVG8 detected a threat, and I canceled the installation and clicked the "Heal" button on the AVG8 warning dialog. Now, approximately every 30 minutes, sometimes every 10 minutes, a female voice says, "Congratulations, you have been selected to receive a Nintendo Wii. All you have to do is click on the..." It usually has two female voices overlapping while saying it, but neither one finishes completely. I once heard a male voice saying something about an iPod, but usually it's the female voice with the Wii.

I've scanned with AVG8, Spybot S&D, Ad-Aware, Malwarebytes' Anti-Malware, and SUPERAntiSpyware (in that order) and each one has found and removed something. Now when I scan with AVG8 and SUPERAntiSpyware, they don't find anything, but the voice is still there.

I have my task manager open with the processes tab showing and I noticed that iexplorer.exe appears in the list just before the voice starts, and then disappears just after the voice gets cut off. I use Firefox, so I would guess that the culprit is using IE to access the sound file somewhere. Don't know if that's helpful, but just trying to give you as much info as I can.

I've been trying to get rid of this for two days by reading what has worked for others and trying it myself, but I can't seem to get rid of it! Any help you can offer is greatly appreciated!

Update:
It looks like I found what was causing the annoying voice.

O4 - HKCU\..\Run: [VnrPack16] "C:\Program Files\VnrPack\VnrPack16.exe"

This was identified by AVG8 as a "Trojan horse DNSChanger.AH" and was in the Virus Vault, so I'm not sure how it was still being executed at startup.

I checked MSCONFIG, and I noticed that there was a blank entry in the startup items. I removed it and emptied the Virus Vault, and the issue appears to be gone. I'll wait a few days to make sure she doesn't show up again, but hopefully my experiences will help someone else who stumbles upon this thread.

Update:
The issue is NOT gone. Not sure what else to try now. Please someone help!

--------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:41:53 PM, on 11/3/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Hot Corners\HotC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ppcbooster\ppcb_32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Hot Corners] "C:\Program Files\Hot Corners\HotC.exe"
O4 - HKCU\..\Run: [VnrPack16] "C:\Program Files\VnrPack\VnrPack16.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{29815D7F-40BC-41E7-9D73-3D782494B6BE}: NameServer = 208.57.0.19,208.57.0.9
O17 - HKLM\System\CS1\Services\Tcpip\..\{29815D7F-40BC-41E7-9D73-3D782494B6BE}: NameServer = 208.57.0.19,208.57.0.9
O20 - AppInit_DLLs: prio.dll,avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 7366 bytes
Last edited by caseysousa; 04-Nov-2008 at 06:58 PM.. Reason: New information discovered.
caseysousa's Avatar
Junior Member with 2 posts.
  
Join Date: Nov 2008
15-Nov-2008, 07:30 PM #2
Updated HijackThis Log
I've ran a few other removal programs, but the voiceup is still there. Here's an updated HijackThis log and also below a ComboFix log. It appears that ppcbooster is a trojan, but I didn't find anything about it on the net previously.

PLEASE HELP ME!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:22:35 PM, on 11/15/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\stsystra.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\BOINC\boinctray.exe
C:\Program Files\Hot Corners\HotC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BOINC\boincmgr.exe
C:\Program Files\ppcbooster\ppcb_32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - MRI_DISABLED - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [boinctray] "C:\Program Files\BOINC\boinctray.exe"
O4 - HKCU\..\Run: [Hot Corners] "C:\Program Files\Hot Corners\HotC.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1935655697-1326574676-1177238915-1003\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'boinc_master')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Startup: ppcb_32.lnk = C:\Program Files\ppcbooster\ppcb_32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{29815D7F-40BC-41E7-9D73-3D782494B6BE}: NameServer = 208.57.0.19,208.57.0.9
O17 - HKLM\System\CS1\Services\Tcpip\..\{29815D7F-40BC-41E7-9D73-3D782494B6BE}: NameServer = 208.57.0.19,208.57.0.9
O20 - AppInit_DLLs: prio.dll,avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BOINC - Space Sciences Laboratory - C:\Program Files\BOINC\boinc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6102 bytes

--------------------------


ComboFix 08-11-13.02 - Administrator 2008-11-15 15:49:42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2642 [GMT -8:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Application Data\inst.exe
c:\documents and settings\Administrator\Start Menu\Programs\Startup\ppcb_32.lnk
c:\program files\ppcbooster
c:\program files\ppcbooster\ppcb_32.exe
c:\program files\ppcbooster\ppcbu_32.exe

.
((((((((((((((((((((((((( Files Created from 2008-10-15 to 2008-11-15 )))))))))))))))))))))))))))))))
.

2008-11-13 15:19 . 2008-09-04 09:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 15:18 . 2008-10-24 03:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-10 20:40 . 2008-11-15 15:19 <DIR> d-------- c:\program files\Avast4
2008-11-10 20:27 . 2008-11-10 20:27 <DIR> d-------- C:\fsaua.data
2008-11-09 11:25 . 2008-11-09 11:25 <DIR> d-------- c:\documents and settings\boinc_master
2008-11-09 11:23 . 2008-11-09 11:25 <DIR> d-------- c:\program files\BOINC
2008-11-09 11:23 . 2008-11-15 15:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\BOINC
2008-11-09 11:18 . 2008-11-09 11:18 <DIR> d-------- c:\windows\Downloaded Installations
2008-11-04 18:24 . 2008-11-04 18:24 <DIR> d-------- C:\MRI_Updates
2008-11-04 17:53 . 2008-11-04 17:53 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-11-04 12:28 . 2008-11-04 12:28 43 --a------ C:\GSMRIDevice.tag
2008-11-04 12:25 . 2008-11-04 12:25 <DIR> d-------- c:\documents and settings\All Users\Application Data\Geek Squad
2008-11-03 20:33 . 2008-11-13 17:58 <DIR> d-------- c:\program files\Handbrake
2008-11-03 16:05 . 2008-11-03 16:05 <DIR> d-------- c:\program files\Trend Micro
2008-11-03 16:03 . 2008-11-03 16:03 <DIR> d-------- C:\_OTMoveIt
2008-11-02 11:13 . 2008-11-15 15:16 <DIR> d-------- c:\program files\SUPERAntiSpyware
2008-11-02 11:13 . 2008-11-02 11:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-11-02 11:13 . 2008-11-02 11:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-02 11:13 . 2008-11-13 15:18 <DIR> d-------- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-11-02 11:13 . 2008-11-02 11:13 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes
2008-11-02 09:36 . 2008-11-02 09:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-02 08:52 . 2008-11-02 08:49 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys
2008-11-02 08:49 . 2008-11-10 20:48 <DIR> d-------- c:\documents and settings\Administrator\.housecall6.6
2008-11-02 08:45 . 2008-11-02 08:45 <DIR> d-------- c:\windows\Sun
2008-11-02 08:44 . 2008-11-02 08:44 <DIR> d-------- c:\program files\Java
2008-11-02 08:44 . 2008-11-02 08:44 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-02 08:44 . 2008-11-02 08:44 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-02 08:32 . 2008-11-02 08:35 <DIR> d-------- c:\documents and settings\Administrator\Application Data\ImgBurn
2008-11-02 08:25 . 2008-11-02 08:25 <DIR> d-------- c:\program files\ImgBurn
2008-11-01 19:17 . 2008-11-01 19:17 273 --a------ c:\windows\wininit.ini
2008-11-01 18:27 . 2008-11-02 09:34 <DIR> d--h----- C:\$AVG8.VAULT$
2008-11-01 18:27 . 2008-11-01 18:27 71,135 --a------ c:\windows\pptb1948.exe
2008-11-01 18:27 . 2008-11-01 18:27 16,384 --a------ c:\windows\lpib7535.exe
2008-11-01 18:27 . 2008-11-01 18:27 16,384 --a------ c:\windows\ldoie0293.exe
2008-11-01 18:27 . 2008-11-01 18:27 16,384 --a------ c:\windows\kdiue021.exe
2008-11-01 18:27 . 2008-11-01 18:27 16,384 --a------ c:\windows\jutb6721.exe
2008-11-01 18:27 . 2008-11-01 18:27 16,384 --a------ c:\windows\aldie20938.exe
2008-11-01 18:27 . 2008-11-01 18:27 16,384 --a------ c:\windows\akcfdj29387.exe
2008-11-01 18:00 . 2008-11-01 18:00 <DIR> d-------- c:\program files\IsoBuster
2008-11-01 17:24 . 2008-11-02 12:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-11-01 17:07 . 2008-04-07 04:38 45,392 -ra------ c:\windows\system32\AdobePDF.dll
2008-11-01 17:07 . 2008-04-07 04:38 22,872 -ra------ c:\windows\system32\AdobePDFUI.dll
2008-11-01 17:01 . 2008-11-01 17:01 <DIR> d-------- c:\program files\Common Files\Adobe AIR
2008-11-01 16:58 . 2008-11-01 16:58 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-11-01 15:40 . 2008-11-01 15:40 <DIR> d-------- c:\program files\DVDFab 5
2008-11-01 15:40 . 2008-11-04 15:39 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Vso
2008-11-01 15:40 . 2008-11-01 15:40 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2008-11-01 15:40 . 2008-11-01 15:40 47,360 --a------ c:\documents and settings\Administrator\Application Data\pcouffin.sys
2008-11-01 15:37 . 2008-11-01 15:37 <DIR> d-------- c:\program files\uTorrent
2008-11-01 15:37 . 2008-11-01 18:29 <DIR> d-------- c:\documents and settings\Administrator\Application Data\uTorrent
2008-10-30 20:11 . 2008-10-30 20:11 <DIR> d-------- c:\program files\Notepad++
2008-10-30 20:11 . 2008-10-30 20:12 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Notepad++
2008-10-30 19:34 . 2008-10-30 19:34 <DIR> d-------- c:\program files\PDFCreator
2008-10-30 19:34 . 2004-03-09 00:00 662,288 --a------ c:\windows\system32\MSCOMCT2.OCX
2008-10-30 19:34 . 1998-06-24 00:00 137,000 --a------ c:\windows\system32\MSMAPI32.OCX
2008-10-30 19:34 . 2001-10-28 16:42 116,224 --a------ c:\windows\system32\pdfcmnnt.dll
2008-10-30 19:34 . 1998-07-06 00:00 23,552 --a------ c:\windows\system32\MSMPIDE.DLL
2008-10-30 18:46 . 2008-11-01 17:40 <DIR> d-------- c:\program files\Common Files\Adobe
2008-10-30 18:42 . 2008-11-01 15:40 <DIR> d-------- c:\program files\NOS
2008-10-30 18:42 . 2008-11-01 15:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\NOS
2008-10-30 15:34 . 2008-10-30 15:34 <DIR> d-------- c:\program files\Hot Corners
2008-10-30 02:01 . 2008-08-14 02:11 2,189,184 --------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-30 02:01 . 2008-08-14 02:09 2,145,280 --------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-30 02:01 . 2008-08-14 01:33 2,066,048 --------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-30 02:01 . 2008-08-14 01:33 2,023,936 --------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-30 02:01 . 2008-09-15 04:12 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys
2008-10-30 02:01 . 2008-09-08 02:41 333,824 --------- c:\windows\system32\dllcache\srv.sys
2008-10-30 02:01 . 2008-06-13 03:05 272,128 --------- c:\windows\system32\dllcache\bthport.sys
2008-10-30 02:01 . 2008-08-14 02:04 138,496 --------- c:\windows\system32\dllcache\afd.sys
2008-10-30 02:00 . 2008-04-11 11:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll
2008-10-30 02:00 . 2008-10-15 08:34 337,408 --------- c:\windows\system32\dllcache\netapi32.dll
2008-10-30 02:00 . 2008-05-01 06:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-10-30 02:00 . 2008-05-08 06:02 203,136 --------- c:\windows\system32\dllcache\rmcast.sys
2008-10-30 01:56 . 2008-10-30 01:56 <DIR> d-------- c:\windows\system32\xircom
2008-10-30 01:56 . 2008-10-30 01:56 <DIR> d-------- c:\program files\microsoft frontpage
2008-10-30 01:53 . 2008-10-30 01:53 <DIR> d-------- c:\windows\system32\bits
2008-10-30 01:50 . 2008-10-30 01:50 <DIR> d-------- c:\windows\ServicePackFiles
2008-10-30 01:45 . 2008-10-30 01:45 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Apple Computer
2008-10-30 01:45 . 2008-03-20 19:14 1,041,536 --------- c:\windows\system32\drivers\hsfdpsp2.sys
2008-10-30 01:44 . 2008-10-30 01:44 <DIR> d-------- c:\program files\QuickTime
2008-10-30 01:44 . 2008-10-30 01:44 <DIR> d-------- c:\program files\iTunes
2008-10-30 01:44 . 2008-10-30 01:44 <DIR> d-------- c:\program files\iPod
2008-10-30 01:44 . 2008-10-30 01:44 <DIR> d-------- c:\program files\Bonjour
2008-10-30 01:44 . 2008-10-30 01:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-30 01:43 . 2008-10-30 01:45 <DIR> d----c--- c:\windows\system32\DRVSTORE
2008-10-30 01:43 . 2008-10-30 01:43 <DIR> d-------- c:\program files\Common Files\Apple
2008-10-30 01:43 . 2008-10-30 01:43 <DIR> d-------- c:\program files\Apple Software Update
2008-10-30 01:43 . 2008-10-30 01:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-30 01:43 . 2008-10-30 01:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2008-10-30 00:36 . 2008-10-30 00:36 376 --a------ c:\windows\ODBC.INI
2008-10-30 00:35 . 2008-10-30 00:35 <DIR> d-------- c:\windows\SHELLNEW
2008-10-30 00:35 . 2008-10-30 00:35 <DIR> d-------- c:\program files\Microsoft.NET
2008-10-30 00:35 . 2008-10-30 00:35 <DIR> d-------- c:\program files\Microsoft ActiveSync
2008-10-30 00:35 . 2003-06-18 09:31 17,920 --a------ c:\windows\system32\mdimon.dll
2008-10-30 00:33 . 2008-10-30 00:33 <DIR> dr-h----- C:\MSOCache
2008-10-30 00:23 . 2008-10-30 00:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI
2008-10-30 00:23 . 2008-10-30 00:23 <DIR> d-------- c:\documents and settings\Administrator\Application Data\ATI
2008-10-30 00:22 . 2008-10-30 00:22 0 --a------ c:\windows\ativpsrm.bin
2008-10-30 00:17 . 2008-11-15 15:21 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-10-30 00:17 . 2008-10-30 00:17 <DIR> d-------- c:\program files\AVG
2008-10-30 00:17 . 2008-10-30 00:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2008-10-30 00:17 . 2008-10-30 00:17 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-10-30 00:17 . 2008-10-30 00:17 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-10-30 00:13 . 2008-11-07 03:00 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-10-30 00:13 . 2008-10-30 00:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-30 00:09 . 2008-10-30 00:09 <DIR> d-------- c:\program files\SigmaTel
2008-10-30 00:09 . 2005-03-22 09:20 339,968 --a------ c:\windows\stsystra.exe
2008-10-30 00:09 . 2005-11-16 07:35 172,032 --a------ c:\windows\system32\stacapi.dll
2008-10-30 00:09 . 2005-11-16 07:35 159,825 --a------ c:\windows\system32\stac97.cpl
2008-10-30 00:09 . 2008-10-30 00:09 0 --a------ c:\windows\nsreg.dat
2008-10-30 00:05 . 2008-10-30 00:05 <DIR> d-------- c:\program files\IDT

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-08 23:29 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-30 08:05 304 ----a-w c:\windows\system32\drivers\sthdae.log
2008-10-30 00:58 --------- d-----w c:\program files\Common Files\InstallShield
2008-10-30 00:55 --------- d-----w c:\program files\ATI Technologies
2008-10-30 00:45 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-30 00:42 62,633 ----a-w c:\windows\prio197uninstall.exe
2008-10-30 00:41 --------- d-----w c:\program files\Opera
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-03 17:41 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
2008-09-19 20:44 824,064 ----a-w c:\windows\boinc.scr
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\dllcache\msxml6.dll
2008-09-06 06:30 241,704 ------w c:\windows\system32\dllcache\wgaLogon.dll
2008-09-06 06:29 917,032 ------w c:\windows\system32\dllcache\WgaTray.exe
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-29 18:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 17:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-27 08:24 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-08-25 08:38 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-08-25 08:37 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-08-23 05:56 635,848 ------w c:\windows\system32\dllcache\iexplore.exe
2008-08-23 05:54 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2001-12-19 11:45 23,552 ----a-w c:\program files\VCdControlTool.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Hot Corners"="c:\program files\Hot Corners\HotC.exe" [2008-10-30 135168]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-10-30 1234712]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2008-09-19 58112]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-08-25 c:\windows\system32\advpack.dll]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
BOINC Manager.lnk - c:\program files\BOINC\boincmgr.exe [2008-09-19 4190976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\syste m]
"DisableCAD"= 1 (0x1)
"DisableStatusMessages"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explo rer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"StartMenuFavorites"= 0 (0x0)
"Start_ShowMyComputer"= 1 (0x1)
"Start_ShowMyDocs"= 1 (0x1)
"Start_ShowMyMusic"= 0 (0x0)
"Start_ShowRun"= 1 (0x1)
"Start_ShowSearch"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explor er]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\expl orer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=prio.dll,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 21:43 640376 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 01:25 37232 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 06:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"iPod Service"=3 (0x3)
"Apple Mobile Device"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Auth orizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\program files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe"= c:\program files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe:66.49.206.57/255.255.255.255:Enabled:Adobe Dreamweaver CS4

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-10-30 97928]
R1 vcdrom;Virtual CD-ROM Device Driver;\??\c:\windows\system32\drivers\VCdRom.sys [2001-12-19 8576]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-10-30 231704]
R2 BOINC;BOINC;"c:\program files\BOINC\boinc.exe" -daemon [2008-09-19 721664]
S2 adfs;adfs; []
S3 RTL8187B;TRENDnet TEW-424UB 54M USB Dongle;c:\windows\system32\DRIVERS\RTL8187B.sys []

*Newly Created Service* - PROCEXP90
*Newly Created Service* - SR
*Newly Created Service* - SRSERVICE
.
Contents of the 'Scheduled Tasks' folder

2008-11-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2008-11-15 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-07 01:42]

2008-11-15 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2008-07-07 01:42]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\bsoyjjy7.default\
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\np_gp.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-15 15:51:34
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-15 15:52:41
ComboFix-quarantined-files.txt 2008-11-15 23:52:28

Pre-Run: 45,583,572,992 bytes free
Post-Run: 45,574,553,600 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

275 --- E O F --- 2008-11-15 23:18:52
Last edited by caseysousa; 15-Nov-2008 at 08:03 PM..
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply

Tags
adware, congratulations, spyware, virus, wii

THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.
Thread Tools



Facebook Facebook Twitter Twitter TechGuy.tv TechGuy.tv Mobile TSG Mobile
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -4. The time now is 10:26 PM.
Copyright © 1996 - 2011 TechGuy, Inc. All rights reserved.

 Powered by Cermak Technologies, Inc.