1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

MORZE5.lnk

Discussion in 'Virus & Other Malware Removal' started by schony, Apr 2, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. schony

    schony Thread Starter

    Joined:
    Jan 16, 2004
    Messages:
    19
    I am having trouble with constant pop ups on my machine. I ran hijack this. Attached is the log. Please help!
     

    Attached Files:

  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    I'm pasting you log in the thread.

    Logfile of HijackThis v1.97.7
    Scan saved at 4:50:30 PM, on 4/2/2004
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\WINDOWS\SYSTEM\LEXBCES.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\PCTVOICE.EXE
    C:\WINDOWS\SYSTEM\HIDSERV.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\COMPAQ\CPQINET\CPQINET.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
    C:\PROGRAM FILES\COMPAQ\DIGITAL DASHBOARD\DEVGULP.EXE
    C:\CPQS\BWTOOLS\SCCENTER.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
    C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\AVCONSOL.EXE
    C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE\OPWARE32.EXE
    C:\WINDOWS\WINDOWSUPD1.EXE
    C:\PROGRAM FILES\DOWNLOADWARE\DW.EXE
    C:\WINDOWS\9XOY4A6V.EXE
    C:\WINDOWS\SYSTEM\OLDERF.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\57CL6KSX\HIJACKTHIS[1].EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bunyanfamilybooks.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=0409
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.searchenhancement.com/searchbar/iev1.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.searchenhancement.com/nph-enhanced.cgi?affid=sesm&sstring=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\PROGRAM FILES\SCBAR\V2\SCBAR.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\TWAINTEC.DLL
    O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
    O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - C:\PROGRAM FILES\SCBAR\V2\SCBAR.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {0019C3E2-DD48-4A6D-ABCD-8D32436323D9} - C:\WINDOWS\BXXS5.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
    O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
    O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
    O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
    O4 - HKLM\..\Run: [Digital Dashboard] C:\Program Files\Compaq\Digital Dashboard\DevGulp.exe
    O4 - HKLM\..\Run: [Service Connection] c:\cpqs\bwtools\sccenter.exe
    O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
    O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
    O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\Network Associates\McAfee VirusScan\avconsol.exe /minimize
    O4 - HKLM\..\Run: [VsecomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSEcomR.EXE
    O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSSTAT.EXE /SHOWWARNING
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [WindowsUpd] C:\WINDOWS\WINDOWSUPD1.EXE
    O4 - HKLM\..\Run: [bxxs5] RunDLL32.EXE C:\WINDOWS\BXXS5.DLL,DllRun
    O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
    O4 - HKLM\..\Run: [SearchEnhancement] "C:\PROGRAM FILES\SCBAR\V2\SCBAR.EXE" /U
    O4 - HKLM\..\Run: [olderf] C:\WINDOWS\SYSTEM\olderf.exe
    O4 - HKLM\..\Run: [9XOY4A6V.EXE] C:\WINDOWS\9XOY4A6V.EXE /dk
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [RealUpdater] C:\WINDOWS\SYSTEM\realupd.exe
    O4 - HKCU\..\Run: [9XOY4A6V.EXE] C:\WINDOWS\9XOY4A6V.EXE /dk
    O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Startup: Compaq Knowledge Center.lnk = C:\Program Files\Compaq Knowledge Center\bin\silent.exe
    O4 - Startup: P0WXP04X.lnk = C:\WINDOWS\p0wxp04x.exe
    O4 - Startup: V31M7IJN.lnk = C:\WINDOWS\v31m7ijn.exe
    O4 - Startup: N4UY5KIT.lnk = C:\WINDOWS\n4uy5kit.exe
    O4 - Startup: F7G0YCHT.lnk = C:\WINDOWS\f7g0ycht.exe
    O4 - Startup: 2UGN248C.lnk = C:\WINDOWS\2ugn248c.exe
    O4 - Startup: IL50LUG0.lnk = C:\WINDOWS\il50lug0.exe
    O4 - Startup: UQ024J30.lnk = C:\WINDOWS\uq024j30.exe
    O4 - Startup: 47RM0KAT.lnk = C:\WINDOWS\47rm0kat.exe
    O4 - Startup: 9GIV090P.lnk = C:\WINDOWS\9giv090p.exe
    O4 - Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
    O4 - Startup: AN4771VU.lnk = C:\WINDOWS\an4771vu.exe
    O4 - Startup: 44X1JGAB.lnk = C:\WINDOWS\44x1jgab.exe
    O4 - Startup: ZWI07IZA.lnk = C:\WINDOWS\zwi07iza.exe
    O4 - Startup: TJQZ6IGU.lnk = C:\WINDOWS\tjqz6igu.exe
    O4 - Startup: 21VMRB0E.lnk = C:\WINDOWS\21vmrb0e.exe
    O4 - Startup: RWNDT289.lnk = C:\WINDOWS\rwndt289.exe
    O4 - Startup: V4DJYWG0.lnk = C:\WINDOWS\v4djywg0.exe
    O4 - Startup: K00T6HO5.lnk = C:\WINDOWS\k00t6ho5.exe
    O4 - Startup: 09GMBWCT.lnk = C:\WINDOWS\09gmbwct.exe
    O4 - Startup: 07XIG0AP.lnk = C:\WINDOWS\07xig0ap.exe
    O4 - Startup: 2G88D1NV.lnk = C:\WINDOWS\2g88d1nv.exe
    O4 - Startup: 0FCCVJ1W.lnk = C:\WINDOWS\0fccvj1w.exe
    O4 - Startup: 2VMYUYM8.lnk = C:\WINDOWS\2vmyuym8.exe
    O4 - Startup: 33ZJJIXX.lnk = C:\WINDOWS\33zjjixx.exe
    O4 - Startup: 01RERI8F.lnk = C:\WINDOWS\01reri8f.exe
    O4 - Startup: I7ZKGKKN.lnk = C:\WINDOWS\i7zkgkkn.exe
    O4 - Startup: IBJ1NTRM.lnk = C:\WINDOWS\ibj1ntrm.exe
    O4 - Startup: YK0PUKKV.lnk = C:\WINDOWS\yk0pukkv.exe
    O4 - Startup: KY994XLA.lnk = C:\WINDOWS\ky994xla.exe
    O4 - Startup: GLAWAHKQ.lnk = C:\WINDOWS\glawahkq.exe
    O4 - Startup: NJ6QHWDU.lnk = C:\WINDOWS\nj6qhwdu.exe
    O4 - Startup: GW8WRK9C.lnk = C:\WINDOWS\gw8wrk9c.exe
    O4 - Startup: O43W4YP4.lnk = C:\WINDOWS\o43w4yp4.exe
    O4 - Startup: M5B1WOLT.lnk = C:\WINDOWS\m5b1wolt.exe
    O4 - Startup: MN061230.lnk = C:\WINDOWS\mn061230.exe
    O4 - Startup: P0WYR34I.lnk = C:\WINDOWS\p0wyr34i.exe
    O4 - Startup: GFVP66E3.lnk = C:\WINDOWS\gfvp66e3.exe
    O4 - Startup: IG8Q2TBM.lnk = C:\WINDOWS\ig8q2tbm.exe
    O4 - Startup: 5NIBXIRN.lnk = C:\WINDOWS\5nibxirn.exe
    O4 - Startup: YA74F0PL.lnk = C:\WINDOWS\ya74f0pl.exe
    O4 - Startup: EGL1790U.lnk = C:\WINDOWS\egl1790u.exe
    O4 - Startup: 9XOY4A6V.lnk = C:\WINDOWS\9xoy4a6v.exe
    O4 - Global Startup: 07XIG0AP.lnk = C:\WINDOWS\07xig0ap.exe
    O4 - Global Startup: P0WXP04X.lnk = C:\WINDOWS\p0wxp04x.exe
    O4 - Global Startup: YK0PUKKV.lnk = C:\WINDOWS\yk0pukkv.exe
    O4 - Global Startup: YA74F0PL.lnk = C:\WINDOWS\ya74f0pl.exe
    O4 - Global Startup: KY994XLA.lnk = C:\WINDOWS\ky994xla.exe
    O4 - Global Startup: EGL1790U.lnk = C:\WINDOWS\egl1790u.exe
    O4 - Global Startup: 9XOY4A6V.lnk = C:\WINDOWS\9xoy4a6v.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Translate (HKLM)
    O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)
    O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)
    O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)
    O9 - Extra 'Tools' menuitem: AV Live (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38076.2988425926
    O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
    O16 - DPF: {91602283-B7B5-11D3-A32A-005004B0E00E} (DiscoverWhy Class) - http://216.132.173.29/CabFiles/dwInfo.cab
     
  3. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    You have been infected by the adtomi parasite.

    This is the script put together by Mosaic1 to remove adtomi.

    Click here to download 9xAdtomi Cleanup.zip.

    Unzip the files to a folder of your choice.

    Open the folder and Double Click Cleanup.bat

    NOTE: Do not Touch the VBS files. The bat file will run the scripts all by itself.

    It will:

    - remove the Adtomi Spyware files from the Windows Folder
    - Clean the Startup Folders
    - Create Backups of the Adtomi exe files it deletes and save them in this folder
    - Create a list of all oddly named files deleted from the Windows Folder
    - Uninstall the Browserhelper.dll browser plugin
    - Start HijackThis and give you directions on what to remove.


    When you have finished please restart the computer.

    Come back here and post another Hijack This log.
     
  4. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Before you post the next log please do the following also:

    Go here and download Adaware 6 Build 181

    Install the program and launch it.

    First in the main window look in the bottom right corner and click on Check for updates now and download the latest referencefiles.

    Make sure the following settings are made and on -------ON=GREEN

    From main window :Click Start then Activate in-depth scan (recommended)

    Click Use custom scanning options then click Customize and have these options selected: Under Drives and Folders put a check by Scan within archives and below that under Memory and Registry put a check by all the options there.

    Now click on the Tweak button in that same window. Under Scanning engine select Unload recognized processes during scanning and under Cleaning Engine select Let windows remove files in use at next reboot

    Click proceed to save your settings.

    Now to scan just click the Next button.

    When the scan is finished mark everything for removal and get rid of it.(Right-click the window and choose select all from the drop down menu and click Next)

    Restart your computer.


    Then go here and download Spybot Search & Destroy.

    Install the program and launch it.

    Before scanning press Online and Search for Updates .

    Put a check mark at and install all updates.

    Click Check for Problems and when the scan is finished let Spybot fix/remove all it finds marked in RED.

    Restart your computer.

    Come back here and post another Hijack This log and we'll get rid of what's left.
     
  5. schony

    schony Thread Starter

    Joined:
    Jan 16, 2004
    Messages:
    19
    Here is the new log
    thanks!
    schony
     

    Attached Files:

  6. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Logfile of HijackThis v1.97.7
    Scan saved at 6:06:18 PM, on 4/2/2004
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\SYSTEM\HIDSERV.EXE
    C:\WINDOWS\PCTVOICE.EXE
    C:\WINDOWS\SYSTEM\LEXBCES.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\COMPAQ\CPQINET\CPQINET.EXE
    C:\PROGRAM FILES\COMPAQ\DIGITAL DASHBOARD\DEVGULP.EXE
    C:\CPQS\BWTOOLS\SCCENTER.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
    C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\AVCONSOL.EXE
    C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE\OPWARE32.EXE
    C:\WINDOWS\WINDOWSUPD1.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
    C:\WINDOWS\TEMP\TD_0005.DIR\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bunyanfamilybooks.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=0409
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
    O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
    O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
    O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
    O4 - HKLM\..\Run: [Digital Dashboard] C:\Program Files\Compaq\Digital Dashboard\DevGulp.exe
    O4 - HKLM\..\Run: [Service Connection] c:\cpqs\bwtools\sccenter.exe
    O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
    O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
    O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\Network Associates\McAfee VirusScan\avconsol.exe /minimize
    O4 - HKLM\..\Run: [VsecomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSEcomR.EXE
    O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSSTAT.EXE /SHOWWARNING
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [WindowsUpd] C:\WINDOWS\WINDOWSUPD1.EXE
    O4 - HKLM\..\Run: [LKAGD9TE.EXE] C:\WINDOWS\LKAGD9TE.EXE /dk
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [RealUpdater] C:\WINDOWS\SYSTEM\realupd.exe
    O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Startup: Compaq Knowledge Center.lnk = C:\Program Files\Compaq Knowledge Center\bin\silent.exe
    O4 - Startup: LKAGD9TE.lnk = C:\WINDOWS\lkagd9te.exe
    O4 - Startup: 9GIV090P.lnk = C:\WINDOWS\9giv090p.exe
    O4 - Startup: GFVP66E3.lnk = C:\WINDOWS\gfvp66e3.exe
    O4 - Startup: 9XOY4A6V.lnk = C:\WINDOWS\9xoy4a6v.exe
    O4 - Global Startup: LKAGD9TE.lnk = C:\WINDOWS\lkagd9te.exe
    O4 - Global Startup: 9XOY4A6V.lnk = C:\WINDOWS\9xoy4a6v.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Translate (HKLM)
    O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)
    O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)
    O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)
    O9 - Extra 'Tools' menuitem: AV Live (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38076.2988425926
    O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
    O16 - DPF: {91602283-B7B5-11D3-A32A-005004B0E00E} (DiscoverWhy Class) - http://216.132.173.29/CabFiles/dwInfo.cab
     
  7. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Run the cleanup script again and restart your computer.
     
  8. schony

    schony Thread Starter

    Joined:
    Jan 16, 2004
    Messages:
    19
    Ok I ran the cleanup utility. Here is the new log
    Thanks!
    schony
     

    Attached Files:

  9. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Logfile of HijackThis v1.97.7
    Scan saved at 6:29:12 PM, on 4/2/2004
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSSTAT.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\SYSTEM\HIDSERV.EXE
    C:\WINDOWS\PCTVOICE.EXE
    C:\WINDOWS\SYSTEM\LEXBCES.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\COMPAQ\CPQINET\CPQINET.EXE
    C:\PROGRAM FILES\COMPAQ\DIGITAL DASHBOARD\DEVGULP.EXE
    C:\CPQS\BWTOOLS\SCCENTER.EXE
    C:\PROGRAM FILES\MOTIVE\MOTMON.EXE
    C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\AVCONSOL.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
    C:\PROGRAM FILES\SCANSOFT\OMNIPAGESE\OPWARE32.EXE
    C:\WINDOWS\WINDOWSUPD1.EXE
    C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
    C:\WINDOWS\UT3Y6FH4.EXE
    C:\WINDOWS\TEMP\TD_0005.DIR\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bunyanfamilybooks.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://desktop.presario.net/scripts/redirectors/presario/deskredir.dll?c=3c00&s=consumer&LC=0409
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
    O4 - HKLM\..\Run: [PCTVOICE] pctvoice.exe
    O4 - HKLM\..\Run: [LexStart] Lexstart.exe
    O4 - HKLM\..\Run: [LexmarkPrinTray] PrinTray.exe
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
    O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
    O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
    O4 - HKLM\..\Run: [Digital Dashboard] C:\Program Files\Compaq\Digital Dashboard\DevGulp.exe
    O4 - HKLM\..\Run: [Service Connection] c:\cpqs\bwtools\sccenter.exe
    O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
    O4 - HKLM\..\Run: [MotiveMonitor] C:\Program Files\Motive\motmon.exe
    O4 - HKLM\..\Run: [AvconsoleEXE] C:\Program Files\Network Associates\McAfee VirusScan\avconsol.exe /minimize
    O4 - HKLM\..\Run: [VsecomrEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSEcomR.EXE
    O4 - HKLM\..\Run: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\Run: [VsStatEXE] C:\Program Files\Network Associates\McAfee VirusScan\VSSTAT.EXE /SHOWWARNING
    O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
    O4 - HKLM\..\Run: [WindowsUpd] C:\WINDOWS\WINDOWSUPD1.EXE
    O4 - HKLM\..\Run: [UT3Y6FH4.EXE] C:\WINDOWS\UT3Y6FH4.EXE /dk
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [Vshwin32EXE] C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\VSHWIN32.EXE
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
    O4 - HKCU\..\Run: [RealUpdater] C:\WINDOWS\SYSTEM\realupd.exe
    O4 - HKCU\..\Run: [UT3Y6FH4.EXE] C:\WINDOWS\UT3Y6FH4.EXE /dk
    O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    O4 - Startup: Compaq Knowledge Center.lnk = C:\Program Files\Compaq Knowledge Center\bin\silent.exe
    O4 - Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
    O4 - Startup: HHCC8W23.lnk = C:\WINDOWS\hhcc8w23.exe
    O4 - Startup: 0Z0QTPGD.lnk = C:\WINDOWS\0z0qtpgd.exe
    O4 - Startup: UT3Y6FH4.lnk = C:\WINDOWS\ut3y6fh4.exe
    O4 - Startup: GFVP66E3.lnk = C:\WINDOWS\gfvp66e3.exe
    O4 - Global Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe
    O4 - Global Startup: 0Z0QTPGD.lnk = C:\WINDOWS\0z0qtpgd.exe
    O4 - Global Startup: HHCC8W23.lnk = C:\WINDOWS\hhcc8w23.exe
    O4 - Global Startup: UT3Y6FH4.lnk = C:\WINDOWS\ut3y6fh4.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Translate (HKLM)
    O9 - Extra 'Tools' menuitem: AV &Translate (HKLM)
    O9 - Extra 'Tools' menuitem: &Find Pages Linking to this URL (HKLM)
    O9 - Extra 'Tools' menuitem: Find Other Pages on this &Host (HKLM)
    O9 - Extra 'Tools' menuitem: AV Live (HKLM)
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.bulletinboards.com/CFIDE/classes/CFJava.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38076.2988425926
    O16 - DPF: {4C226336-4032-489F-9674-67E74225979B} (OTXMovie Class) - http://www.otxresearch.com/OTXMedia/OTXMedia.dll
    O16 - DPF: {91602283-B7B5-11D3-A32A-005004B0E00E} (DiscoverWhy Class) - http://216.132.173.29/CabFiles/dwInfo.cab
     
  10. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
    Run Hijack This again and put a check by these. Close all windows except HijackThis and click "Fix checked"

    R3 - Default URLSearchHook is missing

    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\PROGRA~1\LYCOS\IEAGENT\CSIE.DLL

    O2 - BHO: (no name) - {B549456D-F5D0-4641-BCED-8648A0C13D83} - C:\WINDOWS\BrowserHelper.dll

    O4 - HKLM\..\Run: [WindowsUpd] C:\WINDOWS\WINDOWSUPD1.EXE

    O4 - HKLM\..\Run: [UT3Y6FH4.EXE] C:\WINDOWS\UT3Y6FH4.EXE /dk

    O4 - HKCU\..\Run: [RealUpdater] C:\WINDOWS\SYSTEM\realupd.exe

    O4 - HKCU\..\Run: [UT3Y6FH4.EXE] C:\WINDOWS\UT3Y6FH4.EXE /dk

    O4 - Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe

    O4 - Startup: HHCC8W23.lnk = C:\WINDOWS\hhcc8w23.exe

    O4 - Startup: 0Z0QTPGD.lnk = C:\WINDOWS\0z0qtpgd.exe

    O4 - Startup: UT3Y6FH4.lnk = C:\WINDOWS\ut3y6fh4.exe

    O4 - Startup: GFVP66E3.lnk = C:\WINDOWS\gfvp66e3.exe

    O4 - Global Startup: MORZE1.lnk = C:\WINDOWS\morze1.exe

    O4 - Global Startup: 0Z0QTPGD.lnk = C:\WINDOWS\0z0qtpgd.exe

    O4 - Global Startup: HHCC8W23.lnk = C:\WINDOWS\hhcc8w23.exe

    O4 - Global Startup: UT3Y6FH4.lnk = C:\WINDOWS\ut3y6fh4.exe

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present


    Restart to safe mode.

    How to start your computer in safe mode

    First in safe mode Click on My Computer.
    Select the Tools menu and click Folder Options.
    Select the View Tab.
    Under the Hidden files and folders heading select Show hidden files and folders.
    Uncheck the Hide protected operating system files (recommended) option.
    Click Apply then OK. Click Yes to confirm.

    Now navigate to the C:\Windows folder and delte these files:

    BrowserHelper.dll
    WINDOWSUPD1.EXE
    UT3Y6FH4.EXE
    morze1.exe
    hhcc8w23.exe
    0z0qtpgd.exe
    ut3y6fh4.exe
    gfvp66e3.exe



    Next go to the C:\Windows\System folder and delete this file:

    realupd.exe
     
  11. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    before you run the clean up script, you MUST stop the loader file runnin g first,

    These are the full instructions

    First If you have a Script Blocking Program enabled, disable it so the scripts will run.

    Unzip it to C:\Windows

    See if there is an Adtomi or yahoo stocks icon in your system tray , it might be a red ?? and if so right click and select remove , you must be online for this part
    --A web page from Adtomi would appear "-uninstall was succesful!"
    then go off line
    (note not all infections have this icon, so if it isn't there then don't worry, just continue to the next step)

    next press ctrl+ ALT+DEL once to bring up task manager, look in applications for the funny named file with 8 assorted letters & numbers, that will be listed towards the bottom of the running process list in your hijackthis log, If it isn't listed in the applications, then look in processes tab.

    In your case the file/ process to stop is : C:\WINDOWS\UT3Y6FH4.EXE
    then press end task or end process and make sure that entry has disapeared from the list.
    if you can't stop it running, then DO NOT CONTINUE, please ask for more help first and there might also be morze1 running, if so end that process as well.

    Now locate and Double Click Cleanup.bat that is in the folder you unzipped ( C:\Windows\Adtomi Cleanup )

    ***Do not Touch the VBS files. The bat file will run the scripts.

    Make sure all Browser and folder windows are closed and it will do everything automatically for you.

    It will remove the Adtomi Spyware files from the Windows Folder
    Clean the Startup Folders
    Create Backups of the Adtomi exe files it deletes and save them in this folder
    Create a list of all oddly named files deleted from the Windows Folder
    Uninstall the BHO
    Start HijackThis and give you directions on what to remove.

    When you have finished please restart the computer.

    Run HijackThis again and post the contents of your new log and the contents of Adtomi.txt in your next reply in your Forum Topic.
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/216939

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice