BleepingComputer.com: 20Dollars2Surf toolbar is spywarre

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  • 5 Pages +
  • « First
  • 3
  • 4
  • 5
  • You cannot start a new topic
  • This topic is locked

20Dollars2Surf toolbar is spywarre Get new windows & ads behind main browser window

#61 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,114
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 02 November 2011 - 01:18 PM

Conduit is also present in the OTL logs but, again, they are not flagged as malicious. We can remove them with a run of OTL and just to be sure we'll also remove any other settings on Firefox in the preferences that are ambiguous.

Open OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..keyword.URL: "http://mystart.incredimail.com/?loc=ff_address_bar&a=1&search="
[2011/10/25 13:56:10 | 000,000,000 | ---D | M] (MyBrowserCash) -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com
[2011/10/23 15:18:53 | 000,000,000 | ---D | M] (Yontoo Layers (Drop Down Deals)) -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com
[2011/09/24 14:53:28 | 000,001,945 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\bing-zugo.xml
[2011/08/15 16:03:36 | 000,000,863 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\conduit.xml
[2011/07/12 12:12:11 | 000,002,165 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\MyStart Search.xml
[2011/07/30 14:18:59 | 000,001,734 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\search-the-web.xml
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - No CLSID value found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:1CE11B51
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"


Then click the Run Fix button at the top

Let the program run unhindered.

When done it will say "Fix Complete press ok to open the log"
Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Now rerun OTL by scanning

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#62 User is offline   M Rushing 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 34
  • Joined: 24-September 11

Posted 03 November 2011 - 04:14 AM

========== OTL ==========
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "chrome://speeddial/content/speeddial.xul" removed from browser.startup.homepage
Prefs.js: "http://mystart.incredimail.com/?loc=ff_address_bar&a=1&search=" removed from keyword.URL
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\defaults\preferences folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\defaults folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\skin folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\locale\en-US folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\locale folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\content folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\skin folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\locale folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\defaults folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\content folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\bing-zugo.xml moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\conduit.xml moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\MyStart Search.xml moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\search-the-web.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47980628-3844-42AA-A0DD-E2D86BBA9600} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47980628-3844-42AA-A0DD-E2D86BBA9600}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:1CE11B51 deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

OTL by OldTimer - Version 3.2.31.0 log created on 11032011_051333

#63 User is offline   M Rushing 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 34
  • Joined: 24-September 11

Posted 03 November 2011 - 04:16 AM

View Postm0le, on 02 November 2011 - 01:18 PM, said:

Conduit is also present in the OTL logs but, again, they are not flagged as malicious. We can remove them with a run of OTL and just to be sure we'll also remove any other settings on Firefox in the preferences that are ambiguous.

Open OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..keyword.URL: "http://mystart.incredimail.com/?loc=ff_address_bar&a=1&search="
[2011/10/25 13:56:10 | 000,000,000 | ---D | M] (MyBrowserCash) -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com
[2011/10/23 15:18:53 | 000,000,000 | ---D | M] (Yontoo Layers (Drop Down Deals)) -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com
[2011/09/24 14:53:28 | 000,001,945 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\bing-zugo.xml
[2011/08/15 16:03:36 | 000,000,863 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\conduit.xml
[2011/07/12 12:12:11 | 000,002,165 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\MyStart Search.xml
[2011/07/30 14:18:59 | 000,001,734 | ---- | M] () -- C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\search-the-web.xml
O2:64bit: - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {47980628-3844-42AA-A0DD-E2D86BBA9600} - No CLSID value found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:1CE11B51
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"


Then click the Run Fix button at the top

Let the program run unhindered.

When done it will say "Fix Complete press ok to open the log"
Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Now rerun OTL by scanning

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.





========== OTL ==========
Prefs.js: "MyStart Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "chrome://speeddial/content/speeddial.xul" removed from browser.startup.homepage
Prefs.js: "http://mystart.incredimail.com/?loc=ff_address_bar&a=1&search=" removed from keyword.URL
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\defaults\preferences folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\defaults folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\skin folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\locale\en-US folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\locale folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome\content folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com\chrome folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\multisearchbox@multisearchbox.com folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\skin folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\locale folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\defaults folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com\content folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\extensions\plugin@yontoo.com folder moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\bing-zugo.xml moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\conduit.xml moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\MyStart Search.xml moved successfully.
C:\Users\maryrushing\AppData\Roaming\Mozilla\Firefox\Profiles\0anqyqlx.default\searchplugins\search-the-web.xml moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{47980628-3844-42AA-A0DD-E2D86BBA9600} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47980628-3844-42AA-A0DD-E2D86BBA9600}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:1CE11B51 deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!

OTL by OldTimer - Version 3.2.31.0 log created on 11032011_051333

#64 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,114
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 03 November 2011 - 07:06 PM

You posted the OTL fix log twice and I haven't got an OTL scan log at all.
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#65 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,114
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 06 November 2011 - 07:45 PM

Are you still there, Mary?
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

#66 User is offline   m0le 

  • I know the drill!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Instructor
  • Posts: 29,114
  • Joined: 24-July 08
  • Gender:Male
  • Location:London, UK

Posted 07 November 2011 - 07:32 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.
If I have helped you fix your PC then please donate. Thanks

Posted Image
m0le is a proud member of UNITE (Unified Network of Instructors and Trusted Eliminators)

Share this topic:


  • 5 Pages +
  • « First
  • 3
  • 4
  • 5
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users