Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

[SOLVED] Hostage malware attack

This is a discussion on [SOLVED] Hostage malware attack within the Inactive Malware Help Topics forums, part of the Tech Support Forum category.


 
 
Thread Tools Search this Thread
Old 11-04-2007, 04:01 PM   #1
Registered Member
 
Join Date: Nov 2007
Posts: 3
OS: Win XP



My computer has suddenly begun showing a ton of fake security warning messages... after searching around online, it's apparent that I've been attached by one of those hostage viruses trying to get me to buy the software... it's trying to send me to htepo.com.

My computer has shown security messages warning of:
SpyBoy@MXt trojan
PSW.x-Vir trojan
Trojan-Spy.win32@mx
Unhandled Exception: Invalid operation. The instruction at "0x66f7d450" referenced memory at "0x00000d0"
System Alert: Malware threats
Networm-i.Virus@fp
Spyware.CyberLog-X

Trend Micro identified it as a TSPY_AGENT.AAYO in realtime when it happened, but subsequent Trend Micro Office Scan manual scans failed to show anything. In addition, the registry entries referenced by Trend Micro's help site as something that should be deleted were not in my registry.

I have run AVG, AdAware, Spybot, Rogue Remover, SmitFraudFix, and smitRem without success.

DSS & Hijack This showed this log:

Deckard's System Scanner v20071014.68
Run by scrain on 2007-11-04 17:35:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2007-11-04 23:35:30 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Percentage of Memory in Use: 80% (more than 75%).
Total Physical Memory: 504 MiB (512 MiB recommended).


-- HijackThis (run as scrain.exe) ----------------------------------------------

Unable to find log (file not found); running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2007-11-04 17:37:55
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WLTRYSVC.EXE
C:\WINDOWS\system32\BCMWLTRY.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Raycom\VPN Client\cvpnd.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\TEMP\DWDB7D.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\WLTRAY.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
C:\WINDOWS\system32\DLA\tfswctrl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\scrain\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.100.254:3128
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Pilot Helper - {1731D684-A4A5-4DE9-B76A-066EF07AD089} - C:\Program Files\MSN Search Pilot\MsnSearchPilotHelper.dll
O2 - BHO: (no name) - {2A898674-5E64-458F-9162-7D6081F22710} - C:\WINDOWS\system32\awvtt.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\tfswshx.dll
O2 - BHO: {bb1bc798-67d5-d968-a764-ff25beb3f1a6} - {6a1f3beb-52ff-467a-869d-5d76897cb1bb} - C:\WINDOWS\system32\wilycbcm.dll
O2 - BHO: (no name) - {74EA1504-1DB4-4318-8B3E-E3028C18FFDD} - C:\Program Files\MSN Gaming Zone\vihyq4444.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04} - C:\WINDOWS\system32\urqqrqq.dll (file missing)
O2 - BHO: (no name) - {A32EBF78-B926-4B0A-8955-4FF8171C9F67} - C:\Program Files\MSN Gaming Zone\vihyq83122.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\azqgvbci.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar3.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\azqgvbci.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"
O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"
O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN
O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [34d83ac7] rundll32.exe "C:\WINDOWS\system32\uwfiidtx.dll",b
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\Communicator.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: ACTION NEWS 5 LIVE ONLINE.lnk = C:\Program Files\ACTION NEWS 5 LIVE ONLINE\liveonline_2496892.exe
O4 - Startup: HotSync Manager.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Webshots Photo Search - res://C:\Program Files\Webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.livemeeting.com (HKCU)
O15 - Trusted Zone: *.raycommedia.com (HKCU)
O15 - Trusted Zone: *.rtjgolf.com (HKCU)
O15 - Trusted Zone: *.wideorbit.com (HKCU)
O15 - Trusted Zone: *.worldnow.com (HKCU)
O15 - Trusted Zone: *.managewmctv.worldnow.com (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O15 - Trusted IP Range: http://216.236.239.195 (HKCU)
O15 - Trusted IP Range: https://216.236.239.195 (HKCU)
O15 - Trusted IP Range: http://216.236.239.193 (HKCU)
O15 - Trusted IP Range: https://216.236.239.193 (HKCU)
O16 - DPF: {03A13D5D-2C8E-4C1A-970D-D6D07A4FE3D0} (FileMgr Class) - https://atlas.atlassolutions.com/dl/AtlasCtrl.cab
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/downlo...OGAControl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanc...instmodule.exe
O16 - DPF: {245338C3-BCA3-4A2C-A7B7-53345999A8E8} (WSpell ActiveX Spelling Checker V5.15) - http://managewmctv.worldnow.com/cont...l/wspellam.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} () - http://download.microsoft.com/downlo...22/wmv9VCM.CAB
O16 - DPF: {5A9737D6-5DBD-486B-A831-84E4CA32017F} (PlayerManager Class) - http://wmc-volicon/observer.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1183485155600
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} () - http://a19.g.akamai.net/7/19/7125/14...2/cpbrkpie.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} (Office Update Installation Engine) - http://office.microsoft.com/officeup...tent/opuc4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} () - http://download.games.yahoo.com/game...ploader_v6.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://meetings.worldnow.com/dana-c...erSetupSP1.cab
O17 - HKLM\Software\..\Telephony: DomainName = raycommedia.com
O17 - HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: Domain = raycommedia.com
O17 - HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: Domain = raycommedia.com
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: Domain = raycommedia.com
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: azqgvbci - C:\WINDOWS\system32\azqgvbci.dll
O20 - Winlogon Notify: urqqrqq - C:\WINDOWS\system32\urqqrqq.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Raycom\VPN Client\cvpnd.exe
O23 - Service: Client Access Express Remote Command (Cwbrxd) - IBM Corporation - C:\WINDOWS\cwbrxd.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
O23 - Service: OfficeScanNT Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\TmPfw.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\system32\WLTRYSVC.EXE


--
End of file - 19007 bytes

-- HijackThis Fixed Entries (C:\DOCUME~1\scrain\Desktop\HIJACK~1\backups\) -----

backup-20071104-171409-547 O15 - Trusted Zone: *.onerateld.com
backup-20071104-171409-767 O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\azqgvbci.dll
backup-20071104-171409-850 O3 - Toolbar: (no name) - {C17590D2-ECB4-4b15-8820-F58798DCC118} - (no file)

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 f8308568-60ce-46d1-b195-1751950f30ad - c:\windows\iprot\f8308568-60ce-46d1-b195-1751950f30ad\physmem.sys <Not Verified; Systems Internals; Filemon for Windows NT>
R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 ATNT40K (ActiveTouch NT Appsharing Driver) - c:\windows\system32\drivers\atnt40k.sys
R2 DLPortIO (DriverLINX Port I/O Driver) - c:\windows\system32\drivers\dlportio.sys

S3 PCTINDIS5 (PCTINDIS5 NDIS Protocol Driver) - c:\windows\system32\pctindis5.sys (file missing)
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 TnIDriver - c:\docume~1\scrain\locals~1\temp\tni78.tmp (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AdobeActiveFileMonitor (Adobe Active File Monitor) - c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe
R2 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
R2 FirebirdGuardianDefaultInstance (Firebird Guardian - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbguard.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>
R2 PhotoshopElementsDeviceConnect (Photoshop Elements Device Connect) - c:\program files\adobe\photoshop elements 3.0\photoshopelementsdeviceconnect.exe
R3 FirebirdServerDefaultInstance (Firebird Server - DefaultInstance) - c:\program files\firebird\firebird_1_5\bin\fbserver.exe -s <Not Verified; The Firebird Project; Firebird SQL Server>

S3 Cwbrxd (Client Access Express Remote Command) - c:\windows\cwbrxd.exe <Not Verified; IBM Corporation; IBM(R) AS/400(R) Client Access Express for Windows(R)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco Systems VPN Adapter
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter
PNP Device ID: ROOT\NET\0000
Service: CVirtA


-- Scheduled Tasks -------------------------------------------------------------

2007-11-04 17:34:39 424 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1DB5D357-BC32-4265-A61A-B0B0EE83E795}.job
2007-10-29 07:48:16 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-04 and 2007-11-04 -----------------------------

2007-11-04 17:15:30 1458 --a------ C:\smitfra.reg
2007-11-04 17:15:29 88524 --a------ C:\smitfrau.reg
2007-11-04 17:15:29 16824 --a------ C:\replace.cmd
2007-11-04 17:15:29 3451 --a------ C:\delfiles.cmd
2007-11-04 17:07:35 0 dr-h----- C:\Documents and Settings\scrain\Recent
2007-11-04 16:53:40 0 d-------- C:\Program Files\RogueRemover FREE
2007-11-04 15:01:05 0 dr-h----- C:\$VAULT$.AVG
2007-11-04 11:37:47 0 d-------- C:\Documents and Settings\scrain\Application Data\AVG7
2007-11-04 11:36:45 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2007-11-04 11:34:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-04 11:34:36 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2007-11-04 09:40:23 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-04 09:39:48 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-11-04 09:39:48 0 d-------- C:\Documents and Settings\scrain\Application Data\SUPERAntiSpyware.com
2007-11-04 09:26:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-04 08:57:04 3222 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-04 08:31:20 78912 --a------ C:\WINDOWS\system32\wilycbcm.dll
2007-11-04 08:25:36 86080 --a------ C:\WINDOWS\system32\uwfiidtx.dll
2007-11-04 08:20:25 340032 --a------ C:\WINDOWS\system32\azqgvbci.dll
2007-11-04 08:19:55 340032 --a------ C:\WINDOWS\system32\fbwvbmrb.dll
2007-11-04 08:19:46 378769 --ahs---- C:\WINDOWS\system32\ttvwa.bak2
2007-11-03 07:53:02 169147 --a------ C:\WINDOWS\TTC-4444.exe
2007-11-03 07:41:35 6465 --ahs---- C:\WINDOWS\system32\ttvwa.bak1
2007-11-03 07:36:02 35840 --a------ C:\WINDOWS\mrofinu1000106.exe
2007-11-03 07:35:32 0 d-------- C:\WINDOWS\system32\v8
2007-11-03 07:35:32 0 d-------- C:\WINDOWS\system32\r2
2007-11-03 07:35:32 0 d-------- C:\WINDOWS\system32\h1
2007-11-03 07:35:32 0 d-------- C:\WINDOWS\system32\g2
2007-11-03 07:35:32 0 d-------- C:\WINDOWS\system32\a1
2007-11-03 07:35:15 0 d-------- C:\WINDOWS\system32\Mz02r
2007-10-25 09:24:20 53760 --a------ C:\WINDOWS\b122.exe
2007-10-24 12:52:15 0 d-------- C:\Program Files\Windows Desktop Search
2007-10-19 07:21:36 0 d-------- C:\Documents and Settings\scrain\Application Data\OfficeUpdate12
2007-10-12 20:50:44 0 d-------- C:\Documents and Settings\scrain\Application Data\Snapfish
2007-10-05 15:37:33 0 d-------- C:\Documents and Settings\scrain\Application Data\Media Player Classic
2007-10-05 15:34:19 163840 --a------ C:\WINDOWS\system32\unrar.dll
2007-10-05 15:34:10 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2007-10-05 15:34:03 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-10-05 15:34:03 740442 --a------ C:\WINDOWS\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-05 15:34:01 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-10-05 15:27:31 0 d-------- C:\Program Files\QuickTime Alternative
2007-10-05 14:48:52 0 d-------- C:\Program Files\Common Files\SWF Studio
2007-10-05 14:48:18 0 d-------- C:\Program Files\Riva


-- Find3M Report ---------------------------------------------------------------

2007-11-03 07:53:13 0 d-------- C:\Program Files\MSN Gaming Zone
2007-10-26 08:39:07 0 d-------- C:\Documents and Settings\scrain\Application Data\Canon
2007-10-19 11:36:03 0 d-------- C:\Program Files\CyberLink
2007-10-19 11:36:02 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-19 08:30:26 0 d-------- C:\Program Files\Microsoft Works
2007-10-19 08:29:17 0 d-------- C:\Program Files\MSBuild
2007-10-19 08:28:14 0 d-------- C:\Program Files\Common Files
2007-10-18 10:04:20 159 --a------ C:\Documents and Settings\scrain\Application Data\ntl.ini
2007-10-18 09:55:01 1869 --a------ C:\Documents and Settings\scrain\Application Data\ntl.nws
2007-10-12 20:50:41 17411 --a----c- C:\WINDOWS\mozver.dat
2007-10-08 09:07:25 0 d-------- C:\Program Files\Java
2007-10-05 15:33:17 0 d-------- C:\Program Files\ffdshow
2007-10-05 15:32:43 0 d-------- C:\Program Files\DivX
2007-10-05 15:27:31 0 d-------- C:\Documents and Settings\scrain\Application Data\Apple Computer
2007-10-04 07:57:44 0 d-------- C:\Documents and Settings\scrain\Application Data\Juniper Networks
2007-10-03 09:51:22 0 d-------- C:\Documents and Settings\scrain\Application Data\WebTrends
2007-09-19 13:04:20 0 d-------- C:\Program Files\Apple Software Update
2007-09-17 16:40:56 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>
2007-09-07 15:27:36 0 d-------- C:\Program Files\XML Notepad 2007
2007-09-02 10:50:30 59700 --ah----- C:\WINDOWS\system32\mlfcache.dat
2007-08-14 10:57:22 186443 --a------ C:\WINDOWS\system32\atasnt40.dll <Not Verified; WebEx Communications, Inc; WebEx Application Sharing>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1731D684-A4A5-4DE9-B76A-066EF07AD089}]
03/20/2007 06:40 AM 132464 --a------ C:\Program Files\MSN Search Pilot\MsnSearchPilotHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2A898674-5E64-458F-9162-7D6081F22710}]
C:\WINDOWS\system32\awvtt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6a1f3beb-52ff-467a-869d-5d76897cb1bb}]
11/04/2007 08:31 AM 78912 --a------ C:\WINDOWS\system32\wilycbcm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74EA1504-1DB4-4318-8B3E-E3028C18FFDD}]
08/02/2007 07:43 AM 282624 --a------ C:\Program Files\MSN Gaming Zone\vihyq4444.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04}]
C:\WINDOWS\system32\urqqrqq.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A32EBF78-B926-4B0A-8955-4FF8171C9F67}]
08/02/2007 07:43 AM 282624 --a------ C:\Program Files\MSN Gaming Zone\vihyq83122.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
11/04/2007 08:20 AM 340032 --a------ C:\WINDOWS\system32\azqgvbci.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\azqgvbci.dll [11/04/2007 08:20 AM 340032]

[-HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 10:35 AM]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 10:32 AM]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 10:36 AM]
"OfficeScanNT Monitor"="C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" [05/07/2007 11:43 PM]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [12/19/2005 09:08 AM]
"Client Access Service"="C:\Program Files\IBM\Client Access\cwbsvstr.exe" [11/28/2000 04:10 AM]
"Client Access Help Update"="C:\Program Files\IBM\Client Access\cwbinhlp.exe" [11/28/2000 04:10 AM]
"Client Access Check Version"="C:\Program Files\IBM\Client Access\cwbckver.exe" [11/28/2000 04:10 AM]
"Client Access Express Welcome"="C:\Program Files\IBM\Client Access\cwbwlwiz.exe" [11/28/2000 04:10 AM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 03:50 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 03:50 PM]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [05/31/2005 04:33 AM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [08/08/2007 08:03 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 12:11 AM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [07/14/2007 10:19 PM]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [07/15/2005 03:48 PM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [04/06/2006 09:51 AM]
"34d83ac7"="C:\WINDOWS\system32\uwfiidtx.dll" [11/04/2007 08:25 AM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [11/04/2007 11:34 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [01/01/2007 03:22 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 10:24 AM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [06/27/2007 01:14 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"TSClientMSIUninstaller"=cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Communicator"="C:\Program Files\Microsoft Office Communicator\Communicator.exe"

C:\Documents and Settings\scrain\Start Menu\Programs\Startup\
ACTION NEWS 5 LIVE ONLINE.lnk - C:\Program Files\ACTION NEWS 5 LIVE ONLINE\liveonline_2496892.exe [11/27/2006 11:47:03 AM]
HotSync Manager.lnk - C:\Program Files\palmOne\HOTSYNC.EXE [3/4/2004 4:23:44 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [10/4/2004 1:12:18 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 10:05:26 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"NoDispAppearancePage"=0 (0x0)
"NoColorChoice"=0 (0x0)
"NoSizeChoice"=0 (0x0)
"NoDispBackgroundPage"=0 (0x0)
"NoDispScrSavPage"=0 (0x0)
"NoDispCPL"=0 (0x0)
"NoVisualStyleChoice"=0 (0x0)
"NoDispSettingsPage"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktopChanges"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=0 (0x0)
"NoSaveSettings"=0 (0x0)
"NoThemesTab"=0 (0x0)
"ForceActiveDesktopOn"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{820A2C8D-DFC0-4A9F-B3CA-4410CA4F7C04}"= C:\WINDOWS\system32\urqqrqq.dll [ ]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\azqgvbci]
azqgvbci.dll 11/04/2007 08:20 AM 340032 C:\WINDOWS\system32\azqgvbci.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqqrqq]
urqqrqq.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\awvtt.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\##wmc-server#office2k3]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd8b7c2e-1c0b-11db-b791-0014a40a8fda}]




-- End of Deckard's System Scanner: finished at 2007-11-04 17:56:21 ------------

Thank you!
Attached Files
File Type: txt extra.txt (29.4 KB, 1 views)

__________________
scrain is offline  
Old 11-07-2007, 07:07 PM   #2
Management Team, Security Center & TSF Academy
Expert Analyst, Moderator, Security Team
Rangemaster, Moderator, TSF Academy
 
tetonbob's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 49,930
OS: XP Pro; XP Home; Win7 x86 & x64



Hello, scrain.

I see you've marked this as Solved. Just making sure that was not in error, and that you don't require assistance for this issue still.
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of UNITE since 2006

tetonbob is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 04:41 PM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts