System Security Infection:

When posting your problem, do not run and post a ComboFix logs. ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computer. Any posts containing CF Logs will be ignored.

To receive help, you should instead provide a detailed description of your problem, detailed word-for-word error messages that you are receiving, screenshots of strange behaviour, and your operating system. This information is much more useful to our helpers than a ComboFix log.

System Security Infection:, have been following other similar topics, implementing

Options

superbeast View Member Profile	Jul 8 2009, 03:21 AM Post #1
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Hello BleepingComputer, Thank you for the brilliant site. I have been following several topics in the "Am I infected? What do I do?" forum to try and solve my problem. I've started the first few baby steps - trying not to overburden the moderators! and am now in a position where i need some personal assistance - no more steps until BC feels I should. I will try to simplify this rather long post - it is long! Thanks again, - mark _______________________________________________________________ COMPUTER: Sony VAIO PCG-R505ECP laptop, Pentium III 1.2GHz, Windows XP SP3 - 6 month old re-install, 512MB Ram Antivirus: AVG Free 8.5 Internet access: wireless only _______________________________________________________________ POSSIBLE INFECTION PROCESS: Adobe Acrobat Reader 6.0, Javascript was enabled. Saw the Acrobat window popup several times while browsing in Firefox 3.0.6 without clicking on any PDF links. (I have since disabled Javascript in Acrobat and the Firefox Acrobat actions by following the BC topic: http://www.bleepingcomputer.com/forums/topic205018.html My ignorance in not updating what I thought was a trivial extra program. grrr.) _______________________________________________________________ SYMPTOMS: Symptom 1: System Security 2009 keeps asking to install itself. Window pops up and starts scanning. Symptom 2: Wallpaper: "WARNING YOUR'RE IN DANGER! YOUR COMPUTER IS INFECTED WITH SPYWARE! ALL YOU DO WITH COMPUTER IS STORED FOREVER IN YOUR HARD DISK. WHEN YOU VISIT SITES, SEND E-MAILS... ALL YOUR ACTIONS ARE LOGGED. AND IT IS IMPOSSIBLE TO REMOVE THEM WITH STANDART TOOLS. YOUR DATA IS STILL AVAILABLE FOR FORENSICS. AND IN SOME CASES FOR YOUR BOSS, YOUR FRIENDS, YOUR WIFE, YOUR CHILDREN. Every sit you or somebody or even something, like spyware, opened in your browsers, with all images, and all downloaded and maybe later removed movies or mp3 songs - ARE STILL THERE and could break your life! SECURE YOURSELF RIGHT NOW! REMOVE ALL SPYWARE FROM YOUR PC!" Symptom 3: Firewall turned off automatically Symptom 4: Balloon says avgrsx.exe (i think) is infected. Symptom 5: Able to open My Computer window, but unable to see any additional windows due to the virus wallpaper - cannot see task manager - cannot see command window - cannot see uninstall programs, or any other programs Sympton 6: Switch off wireless (manual switch), System Security shows "cannot access internet" window _______________________________________________________________ FOLLOW TOPIC: http://www.bleepingcomputer.com/virus-remo...system-security - After the appearance of the virus, I went to the bleepingcomputer website on a second computer and started to follow several guides and topics. - The first was the "System Security" removal guide. - I could not follow this guide nor install Malwarebytes Anti-Malware because the wallpaper prevented me from seeing any installation windows. - Restart in Safe Mode (it works!) _______________________________________________________________ FOLLOW TOPIC: http://www.bleepingcomputer.com/forums/topic239401.html - Download Malwarebytes Anti-Malware but will not install. - disk cleanup, delete temp files - Download Dr.Web Cureit, run it. - Dr.Web Cureit is successful here is the log: DRWEB: hjgruixuhkmppj.sys;c:\windows\system32\drivers;BackDoor.Tdss.266;Deleted.; Dc13.exe;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004;Trojan.Cognac;Deleted.; Dc15.exe\wiawow32.sys;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004\Dc15.exe;Trojan.Click.26455;; Dc15.exe;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004;Archive contains infected objects;Moved.; Dc24.tmp;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004;Trojan.Alupko.origin;Incurable.Moved.; Dc25.tmp;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004;Trojan.Alupko.origin;Incurable.Moved.; Dc28.tmp;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004;Trojan.Alupko.origin;Incurable.Moved.; Dc31;C:\RECYCLER\S-1-5-21-439199626-951796526-1614765859-1004;Trojan.PWS.Wow.1368;Deleted.; hjgruidomyyuoc.dll;C:\WINDOWS\system32;BackDoor.Tdss.265;Deleted.; UACmojbgwobiqojcoo.dll;C:\WINDOWS\system32;BackDoor.Tdss.105;Deleted.; UACvtfconmayqhwcvl.dll;C:\WINDOWS\system32;Trojan.Packed.365;; wiawow32.sys;C:\WINDOWS\system32;Trojan.Click.26455;Incurable.Moved.; hjgruixuhkmppj.sys;C:\WINDOWS\system32\drivers;BackDoor.Tdss.266;Deleted.; hjgruirxnixgqxcr.tmp;C:\WINDOWS\Temp;BackDoor.Tdss.265;Deleted.; _______________________________________________________________ FOLLOW TOPIC (cont'): http://www.bleepingcomputer.com/forums/topic239401.html - Restart in Safe Mode - Install MBAM but had to rename the exe to do it. - Rename the malwarebytes program file to "winlogon.exe" in the Program Files directory. - Runs only in Safe Mode. - Run Quick Scan (can post results if needed) - reboot to Safe Mode - Run the Full Scan (can post results if needed) - reboot to Safe Mode - MBAM Full Scan results, second Full Scan: Malwarebytes' Anti-Malware 1.38 Database version: 2384 Windows 5.1.2600 Service Pack 3 7/7/2009 5:15:36 AM mbam-log-2009-07-07 (05-15-34).txt Scan type: Full Scan (C:\\|D:\\|) Objects scanned: 135689 Time elapsed: 16 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> No action taken. _______________________________________________________________ FOLLOW TOPIC (cont'): http://www.bleepingcomputer.com/forums/topic239401.html - Download AFT Cleaner and SUPERAntiSypware - In Safe Mode, run ATF-Cleaner. Successful - In Safe Mode, try to install SUPERAntiSypware, Windows Explorer crashes, no start - Reboot into Safe Mode, run MBAM Full Scan (results same as before - 2 infections). - Reboot into Safe Mode - Run AFT-Cleaner again - SuperAntiSypware will not install - Download alternate to SUPERAntiSypware called SAS_FREE.exe from website - http://www.superantispyware.com/supportfaq...lay.html?faq=71 - Installs fine - Start/Programs/SUPERAntiSpyware/ click SUPERAntiSpyware Free Edition - Program Crashes - Start/Programs/SUPERAntiSpyware/ click SUPERAntiSpyware Alternate Start - Loads Successfully - SUPERAntiSpyware Complete Scan results: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/07/2009 at 10:30 PM Application Version : 4.26.1006 Core Rules Database Version : 3975 Trace Rules Database Version: 1915 Scan type : Complete Scan Total Scan Time : 00:43:39 Memory items scanned : 407 Memory threats detected : 0 Registry items scanned : 4429 Registry threats detected : 0 File items scanned : 49907 File threats detected : 0 _______________________________________________________________ FOLLOW TOPIC (cont'): http://www.bleepingcomputer.com/forums/topic239401.html - Will try to run SUPERAntiSpyware and MBAM in FULL MODE for first time. - Reboot into Full Mode - Run SUPERAntiSpyware - Same results as before - no threats (can post results if needed) - Run MBAM Quick Scan: Malwarebytes' Anti-Malware 1.38 Database version: 2387 Windows 5.1.2600 Service Pack 3 7/7/2009 10:54:32 PM mbam-log-2009-07-07 (22-54-27).txt Scan type: Quick Scan Objects scanned: 88445 Time elapsed: 3 minute(s), 27 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> No action taken. _______________________________________________________________ FOLLOW TOPIC: http://www.bleepingcomputer.com/forums/topic235301.html - Topic is similar to the previous topic, but suggests the next two steps using RootRepeal.zip and SDFix _______________________________________________________________ FOLLOW TOPIC: http://www.bleepingcomputer.com/forums/topic239348.html - Root Repeal process start: Root Repeal: FILES Scan ROOTREPEAL © AD, 2007-2009 ================================================== Scan Time: 2009/07/07 23:37 Program Version: Version 1.3.0.0 Windows Version: Windows XP SP3 ================================================== Hidden/Locked Files ------------------- Path: C:\WINDOWS\Temp\UACe134.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\Temp\UACe835.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\Temp\UACf012.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\Temp\UACf47d.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\Temp\UACf871.tmp Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACaoejdhaskipxurq.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UAChypksjbsrficeiv.dat Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACmojbgwobiqojcoo.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACpppwbwmltywyute.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACrjkwpjkaqrqoeyc.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\uactmp.db Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\UACydehlkelivxxwuy.db Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\uacinit.dll Status: Invisible to the Windows API! Path: C:\WINDOWS\system32\drivers\UACxujduirjlqgkvxf.sys Status: Invisible to the Windows API! Path: C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcv0.dll Status: Invisible to the Windows API! Path: C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcv1.dll Status: Invisible to the Windows API! Path: C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcv2.dll Status: Invisible to the Windows API! Path: C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcvl.dll Status: Invisible to the Windows API! Path: C:\Documents and Settings\gullic\Local Settings\Temp\UAC60c9.tmp Status: Invisible to the Windows API! _______________________________________________________________ CURRENT STATUS: So far my computer is working fine. Two notes: - SUPERAntiSpyware needs to be started in the alternate method (as mentioned above) - SPYBOT Search & Destroy (installed right after the crash) will not launch in both Full and Safe modes That's as far as I'm willing to go, and hopefully I didn't proceed too far without any of BC's guidance. Thanks again BC. sincerely, mark

Computer Pro View Member Profile	Jul 8 2009, 10:23 AM Post #2
Forum Addict Group: Members Posts: 2,442 Joined: 26-June 09 Member No.: 345,812	First off, the reason that you keep having to rerun Malwarebytes and the same things are showing up is you are not selecting to remove them. Please rescan, then make sure this time to remove the threats. -------------------- Computer Pro

boopme View Member Profile	Jul 8 2009, 10:54 AM Post #3
To INSANITY and BEYOND !! Group: Moderator Posts: 24,473 Joined: 10-September 04 From: NJ USA Member No.: 2,608	Now the next step... Rerun Rootrepeal. After the scan completes, go to the files tab and find these files: C:\WINDOWS\system32\UACaoejdhaskipxurq.dll C:\WINDOWS\system32\UACmojbgwobiqojcoo.dll C:\WINDOWS\system32\UACpppwbwmltywyute.dll C:\WINDOWS\system32\UACrjkwpjkaqrqoeyc.dll C:\WINDOWS\system32\uactmp.db C:\WINDOWS\system32\UACydehlkelivxxwuy.db C:\WINDOWS\system32\uacinit.dll C:\WINDOWS\system32\drivers\UACxujduirjlqgkvxf.sys C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcv0.dll C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcv1.dll C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcv2.dll C:\Documents and Settings\gullic\DoctorWeb\Quarantine\UACvtfconmayqhwcvl.dll Then use your mouse to highlight it in the Rootrepeal window. Next right mouse click on it and select *wipe file* option only. Then immediately reboot the computer. Rerun MBAM like this: Open MBAM in normal mode and click Update tab, select Check for Updates,when done click Scanner tab,select Quick scan and scan. After scan click Remove Selected, Post new scan log and Reboot into normal mode. -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info.. ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... Become a BleepingComputer fan: Facebook

superbeast View Member Profile	Jul 8 2009, 12:54 PM Post #4
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Hey Computer Pro, Thanks for the reply. i could have sworn Malwarebytes was saying "Quarantined and deleted successfully" and "Delete on reboot" for those two files right after I did a File scan. so i double checked and what i found out was that if I immediately save the log file to the desktop, it says as i posted: "No action taken". But the log file under the "log" tab in Malwarebytes does indeed say "Quarantined and deleted successfully" and "Delete on reboot". Thanks for the catch - i have been posting the wrong log file. Now performing Boopme's advice, RootRepeal and MBAM....... thanks again, brilliant site!

superbeast View Member Profile	Jul 8 2009, 01:05 PM Post #5
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Hi Boopme, Thanks for the help. - Reran Rootrepeal - wipe file performed on your highlighted files - Reboot - MBAM update - MBAM Quick Scan - removed selected - Reboot - below is the logfile: Malwarebytes' Anti-Malware 1.38 Database version: 2394 Windows 5.1.2600 Service Pack 3 7/8/2009 10:54:22 AM mbam-log-2009-07-08 (10-54-22).txt Scan type: Quick Scan Objects scanned: 89351 Time elapsed: 3 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\UACaoejdhaskipxurq.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\UACmojbgwobiqojcoo.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\UACpppwbwmltywyute.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\UACrjkwpjkaqrqoeyc.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\drivers\UACxujduirjlqgkvxf.sys (Trojan.Agent) -> Quarantined and deleted successfully.

boopme View Member Profile	Jul 8 2009, 02:12 PM Post #6
To INSANITY and BEYOND !! Group: Moderator Posts: 24,473 Joined: 10-September 04 From: NJ USA Member No.: 2,608	Ok,good...Let's run these next and we could be done. Next run ATF and SAS: Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator". From your regular user account.. Download Attribune's ATF Cleaner and then SUPERAntiSpyware , Free Home Version. Save both to desktop .. DO NOT run yet. Open SUPER from icon and install and Update it Under Scanner Options make sure the following are checked (leave all others unchecked): Close browsers before scanning. Scan for tracking cookies. Terminate memory threats before quarantining. Click the "Close" button to leave the control center screen and exit the program. DO NOT run yet. Now reboot into Safe Mode: How to enter safe mode(XP) Using the F8 Method Restart your computer. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu. Select the option for Safe Mode using the arrow keys. Then press enter on your keyboard to boot into Safe Mode. Double-click ATF-Cleaner.exe to run the program. Under Main "Select Files to Delete" choose: Select All. Click the Empty Selected button. If you use Firefox or Opera browser click that browser at the top and choose: Select All Click the Empty Selected button. If you would like to keep your saved passwords, please click No at the prompt. Click Exit on the Main menu to close the program. NOW Scan with SUPER Open from the desktop icon or the program Files list On the left, make sure you check C:\Fixed Drive. Perform a Complete scan. After scan,Verify they are all checked. Click OK on the summary screen to quarantine all found items. If asked if you want to reboot, click "Yes" and reboot normally. To retrieve the removal information after reboot, launch SUPERAntispyware again. Click Preferences, then click the Statistics/Logs tab. Under Scanner Logs, double-click SUPERAntiSpyware Scan Log. If there are several logs, click the current dated log and press View log. A text file will open in your default text editor. Please copy and paste the Scan Log results in your next reply. Click Close to exit the program. Please ask any needed questions,post logs and Let us know how the PC is running now. -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info.. ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... Become a BleepingComputer fan: Facebook

superbeast View Member Profile	Jul 8 2009, 03:52 PM Post #7
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Thanks Boopme, - completed ATF Cleaner - completed SUPERAntiSpyware - btw, SUPERAntiSpyware Regular download now works - previously had to use the "Alternate Start" version - post: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/08/2009 at 01:32 PM Application Version : 4.26.1006 Core Rules Database Version : 3979 Trace Rules Database Version: 1919 Scan type : Complete Scan Total Scan Time : 00:37:23 Memory items scanned : 240 Memory threats detected : 0 Registry items scanned : 4432 Registry threats detected : 0 File items scanned : 49497 File threats detected : 0

superbeast View Member Profile	Jul 8 2009, 06:37 PM Post #8
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Hi Boopme, Thank you for your help, everything seems back to normal so far. no issues with speed or launching programs. I re-ran RootRepeal and MBAM, all clean! Again thank you and BleepingComputer for your support. sincerely, mark

boopme View Member Profile	Jul 8 2009, 09:06 PM Post #9
To INSANITY and BEYOND !! Group: Moderator Posts: 24,473 Joined: 10-September 04 From: NJ USA Member No.: 2,608	You're welcome Mark.. Now you should Create a New Restore Point *to prevent possible reinfection* from an old one*. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is: Go to Start* > Programs > Accessories > System Tools and click "System Restore". Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore. Then use Disk Cleanup to remove all but the most recently created Restore Point. Go to Start > Run and type: Cleanmgr Click "Ok". Disk Cleanup will scan your files for several minutes, then open. Click the "More Options" tab, then click the "Clean up" button under System Restore. Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?" Click Yes, then click Ok. Click Yes again when prompted with "Are you sure you want to perform these actions?" Disk Cleanup will remove the files and close automatically. Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup. -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info.. ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... Become a BleepingComputer fan: Facebook

superbeast View Member Profile	Jul 8 2009, 10:53 PM Post #10
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Boopme, sincerely, thanks for the advice! you and your team are invaluable. skol mark

boopme View Member Profile	Jul 9 2009, 09:10 AM Post #11
To INSANITY and BEYOND !! Group: Moderator Posts: 24,473 Joined: 10-September 04 From: NJ USA Member No.: 2,608	You're most welcome and thanks for the kind words, please take a moment to read quietman7's excellent prevention tips in post 17 here Click>>Tips to protect yourself against malware and reduce the potential for re-infection: -------------------- Can you spare some PC cycles to help FIND A CURE .. BC FOLDING TEAM Click me /info.. ThoughtVent a goodplace to discuss.<<>>>Staying Updated Calendar of Updates. For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear.... Become a BleepingComputer fan: Facebook

superbeast View Member Profile	Jul 11 2009, 05:37 AM Post #12
New Member Group: Members Posts: 8 Joined: 7-July 09 Member No.: 349,214	Thanks again Boopme, i've started going thru quietman7's instructions. can't say enough thanks! mark

« Next Oldest · Am I infected? What do I do? · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Virus Removal Guides