1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

msn virus- need help

Discussion in 'Virus & Other Malware Removal' started by BlackHawk54321, Jan 29, 2007.

Thread Status:
Not open for further replies.
Advertisement
  1. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    K well 2 days ago i was given a link on msn. Saying the same thing as fordette did.
    It said, "i hope this isnt you" then a link and at end of link it showed my msn email.

    Well i have norton internet security 2007, S&D, Ad-Aware. I scanned it all and only some things came up.


    I will post most of the details that the other post wanted. So if any one can help please help me.
     
  2. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    Here is my panda scan results:


    Incident Status Location

    Adware:adware/whenusearch Not disinfected c:\program files\common files\WhenU
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.atdmt.com/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.fastclick.net/]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.advertising.com/]
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.tribalfusion.com/]
    Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[hc2.humanclick.com/]
    Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[hc2.humanclick.com/hc/49044919]
    Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[hc2.humanclick.com/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.2o7.net/]
    Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.112.2o7.net/]
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.mediaplex.com/]
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.doubleclick.net/]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.as-us.falkag.net/]
    Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[ad.yieldmanager.com/]
    Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.as-us.falkag.net/]
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.zedo.com/]
    Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.trafficmp.com/]
    Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.adrevolver.com/]
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.hitbox.com/]
    Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.casalemedia.com/]
    Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.burstnet.com/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[statse.webtrendslive.com/]
    Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.ads.addynamix.com/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[statse.webtrendslive.com/S005-01-8-15-233860-97119]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[statse.webtrendslive.com/S113288]
    Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.tradedoubler.com/]
    Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.com.com/]
    Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.clickbank.net/]
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.questionmarket.com/]
    Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.ads.pointroll.com/]
    Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.bfast.com/]
    Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.tickle.com/]
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.statcounter.com/]
    Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.go.com/]
    Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.ehg-dig.hitbox.com/]
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.overture.com/]
    Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[www.burstbeacon.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[.bs.serving-sys.com/]
    Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Andrew Moreno\Application Data\Mozilla\Firefox\Profiles\hi0xworf.default\cookies.txt[statse.webtrendslive.com/S006-01-1-31-220998-50369]
    Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
     
  3. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    Here is my hijack this scan results:

    Logfile of HijackThis v1.99.1
    Scan saved at 5:20:54 PM, on 1/29/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
    D:\Program Files\VentSrv\ventrilo_svc.exe
    C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
    C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
    D:\Program Files\VentSrv\ventrilo_srv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Logitech\G-series Software\LGDCore.exe
    C:\Program Files\Logitech\G-series Software\LCDMon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gow-df.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    F3 - REG:win.ini: load=C:\WINDOWS\system32\xvymynxawy\winlogon.exe
    F3 - REG:win.ini: run=C:\WINDOWS\system32\xvymynxawy\winlogon.exe
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: winlogon.lnk = ?
    O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: http://*.blueskygfx.com
    O15 - Trusted Zone: http://www.gow-df.net
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167282361750
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: Ventrilo - Unknown owner - D:\Program Files\VentSrv\ventrilo_svc.exe
    O23 - Service: WMP54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe" "WMP54GSv1_1.exe (file missing)
     
  4. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Click here to download HJTsetup.exe:

    http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item5
    Scroll down to the download section

    Save HJTsetup.exe to your desktop.

    Double click on the HJTsetup.exe icon on your desktop.
    By default it will install to C:\Program Files\Hijack This.
    Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
    Put a check by Create a desktop icon then click Next again.
    Continue to follow the rest of the prompts from there.
    At the final dialogue box click Finish and it will launch Hijack This.
    Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
    Click Save to save the log file and then the log will open in notepad.
    Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    Come back here to this thread and Paste the log in your next reply.
    DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
     
  5. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Please Download MsnVirRem.exe to your desktop from one of the following sites.
    http://downloads.malwareremoval.com/MsnVirRem.exe
    http://www.thespykiller.co.uk/forum/index.php?action=tpmod;dl=item9
    http://www.greyknight17.com/spy/MsnVirRem.exe

    · First close any other programs you have running as this will require a reboot
    · Double click MsnVirRem.exe to run it
    · Once open, click the button labelled "Search and Destroy"
    <<Your computer will now be scanned for Infected Files>>
    · When scanning is finished you will be prompted to reboot only if infected, Click OK
    · Now click the "REBOOT" Button.
    · After the Reboot, you WILL receive file not found errors (usually 4) please acknowledge them and continue.
    · A Message should popup from MsnVirRem if not, double click the program again and it will finish
    * Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present:

    F3 - REG:win.ini: load=C:\WINDOWS\system32\xvymynxawy\winlogon.exe
    F3 - REG:win.ini: run=C:\WINDOWS\system32\xvymynxawy\winlogon.exe
    O4 - Startup: winlogon.lnk = ?

    * Click on Fix Checked when finished and exit HijackThis.
    Make sure your Internet Explorer is closed when you click Fix Checked!

    Please Post the contents of C:\msnvirrem.log along with a fresh HijackThis log
     
  6. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    K i did that msnvirrem. And 2 things came up as an infection. I rebooted my computer. And a message came up saying that it was fixed. And said i should reinstall my anti-virus because the virus might of disabled it. Should i reinstall it? But then i did the hijack this scan w/ log file. and those files in the hijack this werent their. So i closed the program.

    Here is the hijack this scan results:

    Logfile of HijackThis v1.99.1
    Scan saved at 5:47:45 PM, on 1/29/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    D:\Program Files\VentSrv\ventrilo_svc.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
    C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
    D:\Program Files\VentSrv\ventrilo_srv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Logitech\G-series Software\LGDCore.exe
    C:\Program Files\Logitech\G-series Software\LCDMon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/firefox
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: winlogon.lnk = ?
    O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O4 - Global Startup: MsnVirRem.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: http://*.blueskygfx.com
    O15 - Trusted Zone: http://www.gow-df.net
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167282361750
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: Ventrilo - Unknown owner - D:\Program Files\VentSrv\ventrilo_svc.exe
    O23 - Service: WMP54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe" "WMP54GSv1_1.exe (file missing)
     
  7. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    I went to my computer and found a text file saying msnvirrem.log so i opened it and here is what the text file says:

    MsnVirRem Log by Skate_Punk_21

    Fix running from: C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Desktop\My Computer Protection Programs
    1/29/2007
    5:37:38 PM

    ---Infection Files Found---
    C:\WINDOWS\system32\taskkill.com
    C:\WINDOWS\system32\netstat.com

    Rebooting...
    Fixing Registry Permissions...
    Editing Registry...
    Fixing Host File...
    **Fix Complete!**
     
  8. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Try here as I posted - C:\msnvirrem.log


    Download Superantispyware

    http://www.superantispyware.com/superantispywarefreevspro.html

    Install it and double-click the icon on your desktop to run it.
    · It will ask if you want to update the program definitions, click Yes.
    · Under Configuration and Preferences, click the Preferences button.
    · Click the Scanning Control tab.
    · Under Scanner Options make sure the following are checked:
    o Close browsers before scanning
    o Scan for tracking cookies
    o Terminate memory threats before quarantining.
    o Please leave the others unchecked.
    o Click the Close button to leave the control center screen.
    · On the main screen, under Scan for Harmful Software click Scan your computer.
    · On the left check C:\Fixed Drive.
    · On the right, under Complete Scan, choose Perform Complete Scan.
    · Click Next to start the scan. Please be patient while it scans your computer.
    · After the scan is complete a summary box will appear. Click OK.
    · Make sure everything in the white box has a check next to it, then click Next.
    · It will quarantine what it found and if it asks if you want to reboot, click Yes.
    · To retrieve the removal information for me please do the following:
    o After reboot, double-click the SUPERAntispyware icon on your desktop.
    o Click Preferences. Click the Statistics/Logs tab.
    o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    o It will open in your default text editor (such as Notepad/Wordpad).
    o Please highlight everything in the notepad, then right-click and choose copy.
    · Click close and close again to exit the program.
    · Please paste that information here for me with a new HijackThis log.
     
  9. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    Heres the SUPERanit-spyware scan results:

    SUPERAntiSpyware Scan Log
    Generated 01/29/2007 at 07:27 PM

    Application Version : 3.5.1016

    Core Rules Database Version : 3175
    Trace Rules Database Version: 1185

    Scan type : Complete Scan
    Total Scan Time : 01:09:27

    Memory items scanned : 488
    Memory threats detected : 0
    Registry items scanned : 5112
    Registry threats detected : 0
    File items scanned : 102784
    File threats detected : 28

    Adware.Tracking Cookie
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][2].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][1].txt
    C:\Documents and Settings\Andrew Moreno.ANDREWMORENO\Cookies\[email protected][3].txt

    Adware.WhenU
    C:\Program Files\Common Files\WhenU\DTPlugin.dll
    C:\Program Files\Common Files\WhenU
     
  10. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    Heres a recent hijack this scan results:

    Logfile of HijackThis v1.99.1
    Scan saved at 7:42:01 PM, on 1/29/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    D:\Program Files\VentSrv\ventrilo_svc.exe
    C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
    C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
    C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe
    D:\Program Files\VentSrv\ventrilo_srv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    D:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\Program Files\Logitech\G-series Software\LGDCore.exe
    C:\Program Files\Logitech\G-series Software\LCDMon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
    C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gow-df.net/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: winlogon.lnk = ?
    O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
    O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: http://*.blueskygfx.com
    O15 - Trusted Zone: http://www.gow-df.net
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167282361750
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\PROGRA~1\NVIDIA~1\NETWOR~1\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\PROGRA~1\NVIDIA~1\NETWOR~1\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
    O23 - Service: Ventrilo - Unknown owner - D:\Program Files\VentSrv\ventrilo_svc.exe
    O23 - Service: WMP54GSSVC - Unknown owner - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe" "WMP54GSv1_1.exe (file missing)
     
  11. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Fix this with hijack

    O4 - Startup: winlogon.lnk = ?

    Delete this file

    C:\Documents and Settings\your username\Start Menu\Programs\Startup\winlogon.lnk



    How are things
     
  12. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    It says some error, then when i close it says, unable to delete the file because it may be in use. Then it says go to task manager and exit it. Then scan again. SHould i do this.
     
  13. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    Also i went to find that file you want me to delete and theirs nuthing their. Just some adobe reader file.
     
  14. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    "It says some error"

    Sorry that is too vague to understand - be more specific

    Run hijack again - is that entry there?
     
  15. BlackHawk54321

    BlackHawk54321 Thread Starter

    Joined:
    Jan 29, 2007
    Messages:
    33
    yes the entrys their, but when i fix it. It says a error of some bad file name. Then it also says that it cant be fixed due to it is running. It tells me to go to task manager and exit the program.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/539474

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice