when I get home tomorrow nite I will post some instructions for you to do, and then you will need to post the log (hijackthis).
And I can show you what to delete, which would be a step in the right direction.
Several viruses - tried many things!
I have several viruses at the moment it seems (cos one is just not enough!).
Asspin was helping me fight them after i got some names off the housecall online virus scanner, but so far rebooting in safe mode, deleting from Run and Run Service and ending the task in Task Manager has not gotten rid of them.
They are fond of disabling my Norton, freezing the computer, bringing up strange black screens, bumping the internet off (I'm on dial up), refusing to open things like My Computer for short periods, putting weird icons in the task bar, etc.
Any other suggestions would be great! Asspin - they won't go away! (How are you by the way?)
I am also not able to connect to mIrC as it says i don't have Ident.
Thanks guys:confused:
when I get home tomorrow nite I will post some instructions for you to do, and then you will need to post the log (hijackthis).
And I can show you what to delete, which would be a step in the right direction.
- VampYre
- Videopimp Owner
- Forums Owner/Admin
Last Few Song's I've Listened To
InterWebs!
Try /server irc.efnet.net and you shoud connect eventually. You may be to the point however, where you want to format, install antivirus, install a better firewall, then reconnect to the internet.
Thanks so much guys.
Obviously the bit i did wasn't enough and I have just let it get worse.
Does formatting mean wiping my harddrive?
I can follow whatever you say to the T! I am quite clueless though (as you know)!
I am back on mIRC - thanks Asspin!
I'll hang out in your channel hoping to catch one of you tomorrow :)
Well you did something right... at least your ident is the one you set, not a random one now. And yes, formatting will wipe the drive.
Megan,
Before you format, please try this
Get http://216.180.233.162/~merijn/files/HijackThis.exe
That file. Run it, and either copy/paste the log file here, or attach the logfile to your post. Also, while you are online, can you run a virus scan @ www.pandasoftware.com/Products/activescan and when it's done scanning, save the activescan.txt and post it here as well. I can take a look at both logs, and let you know what you have, how to clean it, and possibly save you from having to completely redo your system.
Redoing your system should be considered last resort. If you do choose to redo your system, make sure you backup ALL OF YOUR FILES FIRST!
Backup your email, your address book, your favorits, your my documents, and anything else that you want to keep. When you format your hard drive, you are wiping it CLEAN. Nothing will remain on the hard drive.
- VampYre
- Videopimp Owner
- Forums Owner/Admin
Last Few Song's I've Listened To
InterWebs!
Oh man, i don't know how to thank you guys for all your help with this.
You have been so freaking awesome!
I will leave the scnas going while i go to uni and post the logs tonight when i get home.
THANK YOU!!!!!!!
Here is the HIjackThis log...
Logfile of HijackThis v1.99.1
Scan saved at 9:36:15 AM, on 10/24/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\System32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\r_server.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINNT\system32\MSTask.exe
c:\winnt\system32\os2\FireDaemon.EXE
c:\winnt\system32\os2\smss.exe
C:\WINNT\system32\stisvc.exe
c:\winnt\system32\os2\FireDaemon.EXE
c:\winnt\system32\os2\SVCHOST.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iPod\iTunesHelper.exe
C:\WINNT\system32\winamp32.exe
C:\WINNT\system32\ctfmon.exe
C:\WINNT\system32\winamp32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\system32\ircserv.exe
C:\WINNT\system32\hhs.pif
C:\WINNT\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\3J\My Documents\Megan!\Uni Work\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ihug.com.au/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: Shell=Explorer.exe ircserv.exe
F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iPod\iTunesHelper.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Windows32 Configuration Loader] winamp32.exe
O4 - HKLM\..\Run: [Windows Security] ms32.pif
O4 - HKLM\..\Run: [MS Sys Security] mswin.pif
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Up Service] up32.pif
O4 - HKLM\..\Run: [HTML Help System] hhs.pif
O4 - HKLM\..\RunServices: [Windows32 Configuration Loader] winamp32.exe
O4 - HKLM\..\RunServices: [Windows Security] ms32.pif
O4 - HKLM\..\RunServices: [MS Sys Security] mswin.pif
O4 - HKLM\..\RunServices: [Up Service] up32.pif
O4 - HKLM\..\RunServices: [HTML Help System] hhs.pif
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Configuration Loader] spooIsrv.exe
O4 - HKCU\..\Run: [MS-DOS Service] MS-DOS.PIF
O4 - HKCU\..\Run: [Windows32 Configuration Loader] winamp32.exe
O4 - HKCU\..\Run: [MS Sys Security] mswin.pif
O4 - HKCU\..\Run: [Windows Security] ms32.pif
O4 - HKCU\..\Run: [Up Service] up32.pif
O4 - HKCU\..\Run: [HTML Help System] hhs.pif
O4 - HKCU\..\RunServices: [MS Sys Security] mswin.pif
O4 - HKCU\..\RunServices: [Windows Security] ms32.pif
O4 - HKCU\..\RunServices: [Up Service] up32.pif
O4 - HKCU\..\RunServices: [HTML Help System] hhs.pif
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1128936085040
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{06BA267A-A6E2-4AB1-B9DD-B0DEA5100CA9}: NameServer = 203.0.178.191
O17 - HKLM\System\CS1\Services\Tcpip\..\{06BA267A-A6E2-4AB1-B9DD-B0DEA5100CA9}: NameServer = 203.0.178.191
O23 - Service: 10105 - Unknown owner - \\203.173.48.12\Admin$\eraseme_72665.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: radmm - Unknown owner - C:\WINNT\System32\r_server.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\TEMP\RarSFX0\svchost.exe" /service (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: FireDaemon Service: smss (smss) - Unknown owner - c:\winnt\system32\os2\FireDaemon.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: FireDaemon Service: SVCHO (SVCHO) - Unknown owner - c:\winnt\system32\os2\FireDaemon.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Okay, I've gone thru all the running files, and here's the list. Looks like your main problem is a spywareworm.
Remove
C:\WINNT\system32\ircserv.exe
Some sort of IRC server (shouldnt be running when windows starts BAD!)
Remove
C:\WINNT\system32\hhs.pif
Remove
F2 - REG:system.ini: Shell=Explorer.exe ircserv.exe
Remove
O4 - HKLM\..\Run: [Windows Security] ms32.pif <-- http://www.sophos.com/virusinfo/anal...32rbotarn.html
Remove
O4 - HKLM\..\Run: [MS Sys Security] mswin.pif <-- http://www.sophos.com/virusinfo/anal...32rbotarn.html
Remove
O4 - HKLM\..\RunServices: [Windows Security] ms32.pif
O4 - HKLM\..\RunServices: [MS Sys Security] mswin.pif
O4 - HKLM\..\RunServices: [Up Service] up32.pif
O4 - HKLM\..\RunServices: [HTML Help System] hhs.pif
O4 - HKCU\..\Run: [MS-DOS Service] MS-DOS.PIF
O4 - HKCU\..\Run: [MS Sys Security] mswin.pif
O4 - HKCU\..\Run: [Windows Security] ms32.pif
O4 - HKCU\..\Run: [Up Service] up32.pif
O4 - HKCU\..\Run: [HTML Help System] hhs.pif
O4 - HKCU\..\RunServices: [MS Sys Security] mswin.pif
O4 - HKCU\..\RunServices: [Windows Security] ms32.pif
O4 - HKCU\..\RunServices: [Up Service] up32.pif
O4 - HKCU\..\RunServices: [HTML Help System] hhs.pif
Its a W32/Rbot-ARN - spyware worm, that runs an IRC server (all of the above things are part of said worm)
Remove
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\TEMP\RarSFX0\svchost.exe" /service (file missing)
Remove
O2 - BHO: McAfee PopupKiller - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - (no file)
Things that can be removed to help speed up machine (ie dont need to be in the startup)
C:\Program Files\CyberLink\Shared Files\RichVideo.exe <-- DVD Player Program
C:\Program Files\Common Files\Real\Update_OB\realsched.exe <-- Real Player Update
C:\WINNT\system32\winamp32.exe <-- Winamp
C:\WINNT\system32\winamp32.exe (shouldnt need to run twice)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot <-- Real Player Update
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime <-- Quicktime Bootup (doesnt have to run on boot)
O4 - HKLM\..\Run: [Windows32 Configuration Loader] winamp32.exe <-- winamp tray
- VampYre
- Videopimp Owner
- Forums Owner/Admin
Last Few Song's I've Listened To
InterWebs!
Nice work. Good luck getting them all Megan. ;)
If you were here I would just say to take it to Vamp!
Hi guys,
I have removed everything you said Vamp - triple checked it! I then scanned again with HijackThis and I'll post the new log below...
I had a bit of trouble with the other scan, it froze after only scanning 5 files, i rebooted and tried again but it did the same thing. That was before i got home and read your post and deleted those files, so I'll try again now.
Thanks again! So much! I would really love to not have to format - I don't think i have enough blank discs to back up all the crap I have on here at the moment! ;)
Logfile of HijackThis v1.99.1
Scan saved at 6:33:57 PM, on 10/24/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\System32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\r_server.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINNT\system32\MSTask.exe
c:\winnt\system32\os2\FireDaemon.EXE
c:\winnt\system32\os2\smss.exe
C:\WINNT\system32\stisvc.exe
c:\winnt\system32\os2\FireDaemon.EXE
c:\winnt\system32\os2\SVCHOST.EXE
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\Explorer.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\iPod\iTunesHelper.exe
C:\WINNT\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\system32\wuauclt.exe
C:\Documents and Settings\3J\My Documents\Megan!\Uni Work\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ihug.com.au/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=C:\WINNT\system32\Userinit.exe
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program files\mcafee.com\mps\mcbrhlpr.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iPod\iTunesHelper.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU\..\Run: [Configuration Loader] spooIsrv.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...0/mcinsctl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1128936085040
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...23/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{06BA267A-A6E2-4AB1-B9DD-B0DEA5100CA9}: NameServer = 203.0.178.191
O17 - HKLM\System\CS1\Services\Tcpip\..\{06BA267A-A6E2-4AB1-B9DD-B0DEA5100CA9}: NameServer = 203.0.178.191
O23 - Service: 10105 - Unknown owner - \\203.173.48.12\Admin$\eraseme_72665.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PSEXESVC - Unknown owner - C:\WINNT\System32\PSEXESVC.EXE
O23 - Service: radmm - Unknown owner - C:\WINNT\System32\r_server.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\TEMP\RarSFX0\svchost.exe" /service (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: FireDaemon Service: smss (smss) - Unknown owner - c:\winnt\system32\os2\FireDaemon.EXE
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: FireDaemon Service: SVCHO (SVCHO) - Unknown owner - c:\winnt\system32\os2\FireDaemon.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
After you removed the files with hijackthis, did you try scanning after that?Originally Posted by MeganC
- VampYre
- Videopimp Owner
- Forums Owner/Admin
Last Few Song's I've Listened To
InterWebs!
Hi guys,
Sorry for not replying earlier.
Left the scan downloading while i went to uni yesterday and it said i had no viruses or anythign else. I wasn't sure it had scanned everything (as i wasn't here to watch it) so clicked the "my computer" icon to get it to scan again - it froze up.
Do you want me to do a House call scan?
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Bookmarks