smittypig24 Posted May 11, 2008 Report Share Posted May 11, 2008 Hello computer gurus,My computer has a problem. When I click the internet explorer button, it takes about a minute before it pops up to my homepage. Also, if my browser automatically opens a new window upon clicking on a link, it does the same thing. It seems like my browser is hijacked. Could you look at my log and tell me if you see anything bad in there? I did a recent adaware scan and housecall scan, but neither helped. This computer is primarily used for the internet (my 3yr to 6yr old kids play on kids sites) and world of warcraft. That's about it. Thanks in advance for your help! I'll be checking back every 15 mins or so as i'm desperate to get this fixed.-MattLogfile of Trend Micro HijackThis v2.0.2Scan saved at 8:14:27 AM, on 5/11/2008Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\hidserv.exeC:\WINNT\system32\nvsvc32.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\system32\stisvc.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\svchost.exeC:\WINNT\Explorer.EXEC:\Program Files\Creative\ShareDLL\CtNotify.exeC:\WINNT\Mixer.exeC:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9TA.EXEC:\Program Files\QuickTime\qttask.exeC:\WINNT\system32\Rundll32.exeC:\Program Files\Creative\ShareDLL\MediaDet.ExeC:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Program Files\Internet Explorer\iexplore.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nickjr.com/O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll (file missing)O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logonO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exeO4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startupO4 - HKLM\..\Run: [EPSON PictureMate] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I2P1.EXE /P17 "EPSON PictureMate" /O5 "LPT1:" /M "PictureMate"O4 - HKLM\..\Run: [EPSON PictureMate (Copy 1)] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE /P26 "EPSON PictureMate (Copy 1)" /O5 "LPT1:" /M "PictureMate"O4 - HKLM\..\Run: [EPSON PictureMate Deluxe] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9TA.EXE /P24 "EPSON PictureMate Deluxe" /O6 "USB001" /M "PictureMate Deluxe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17HelperO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifworkO4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exeO4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exeO4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exeO4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htmO16 - DPF: Yahoo! Cribbage - http://download2.games.yahoo.com/games/clients/y/it1_x.cabO16 - DPF: Yahoo! Spades - http://download2.games.yahoo.com/games/clients/y/st3_x.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168788609937O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1168789797390O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cabO16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exeO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe--End of file - 5728 bytes Link to post Share on other sites
Andro1d Posted May 12, 2008 Report Share Posted May 12, 2008 Hello and Welcome to BT. I am MoNsTeReNeRgY22 and I will be assisting you with your malware problem today. Sorry for the delay.Step 1Please download ATF Cleaner by Atribune.This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.Under Main choose: Select AllClick the Empty Selected button.If you use Firefox browserClick Firefox at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.If you use Opera browserClick Opera at the top and choose: Select AllClick the Empty Selected button.NOTE: If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Step 2Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to infect your system. Please follow these steps to remove older version Java components and update:Download the latest version of Java Runtime Environment (JRE) 6 Update 6 and save it to your desktop.Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 6...allows end-users to run Java applications".Click the "Download" button to the right.Read the License Agreement and then check the box that says: "Accept License Agreement". The page will refresh.Click on the link to download Windows Offline Installation and save the file to your desktop.Close any programs you may have running - especially your web browser.Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.Click the Remove or Change/Remove button.Repeat as many times as necessary to remove each Java versions.Reboot your computer once all Java components are removed.Then from your desktop double-click on jre-6u6-windows-i586-p.exe to install the newest version.Step 3Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors NOW:1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Detects and removes more than 50,000 viruses. Free support.2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.Once you install one of the above programs, please update its virus defintions and run a full PC scan. Please post the log as well.It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program that has an autoprotect feature on, uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should have an autoprotect feature on at a time.Step 4Please download Deckard's System Scanner (DSS) to your desktop.Close all applications and windows.Double-click on dss.exe to run it, and follow the prompts.When the scan is complete, a text file will open - Main.txtCopy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of Main.txt in your thread in the HijackThis Log Help Forum.An additional text file, Extra.txt,will also be available (by default) in the following FOLDER, C:\Deckard\System Scanner.Please go to that folder and also copy the contents of Extra.txt to your post as well.Note: Some firewalls may warn that sigcheck.exe is trying to access the internet - please ensure that you allow sigcheck.exe permission to do so. Link to post Share on other sites
smittypig24 Posted May 12, 2008 Author Report Share Posted May 12, 2008 Thanks for helping. Here are the logs you requested.What's next?-MattDeckard's System Scanner v20071014.68Run by Matt Smith on 2008-05-12 19:33:56Computer is in Normal Mode.--------------------------------------------------------------------------------Backed up registry hives.Performed disk cleanup.-- HijackThis (run as Matt Smith.exe) ------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 7:34:26 PM, on 5/12/2008Platform: Windows 2000 SP4 (WinNT 5.00.2195)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Boot mode: NormalRunning processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\spoolsv.exeC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeC:\WINNT\System32\svchost.exeC:\WINNT\system32\hidserv.exeC:\WINNT\system32\nvsvc32.exeC:\WINNT\system32\regsvc.exeC:\WINNT\system32\MSTask.exeC:\WINNT\system32\stisvc.exeC:\WINNT\System32\WBEM\WinMgmt.exeC:\WINNT\system32\svchost.exeC:\WINNT\Explorer.EXEC:\Program Files\Creative\ShareDLL\CtNotify.exeC:\WINNT\Mixer.exeC:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9TA.EXEC:\Program Files\Creative\ShareDLL\MediaDet.ExeC:\Program Files\QuickTime\qttask.exeC:\WINNT\system32\Rundll32.exeC:\Program Files\Java\jre1.6.0_06\bin\jusched.exeC:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exeC:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exeC:\Program Files\WinZip\WZQKPICK.EXEC:\Documents and Settings\Matt Smith\Desktop\dss.exeC:\PROGRA~1\TRENDM~1\HIJACK~1\Matt Smith.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nickjr.com/O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll (file missing)O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logonO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exeO4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startupO4 - HKLM\..\Run: [EPSON PictureMate] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I2P1.EXE /P17 "EPSON PictureMate" /O5 "LPT1:" /M "PictureMate"O4 - HKLM\..\Run: [EPSON PictureMate (Copy 1)] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I0P1.EXE /P26 "EPSON PictureMate (Copy 1)" /O5 "LPT1:" /M "PictureMate"O4 - HKLM\..\Run: [EPSON PictureMate Deluxe] C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9TA.EXE /P24 "EPSON PictureMate Deluxe" /O6 "USB001" /M "PictureMate Deluxe"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17HelperO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /minO4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifworkO4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exeO4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exeO4 - Global Startup: EPSON CardMonitor.lnk = C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exeO4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXEO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htmO16 - DPF: Yahoo! Cribbage - http://download2.games.yahoo.com/games/clients/y/it1_x.cabO16 - DPF: Yahoo! Spades - http://download2.games.yahoo.com/games/clients/y/st3_x.cabO16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1168788609937O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1168789797390O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cabO16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exeO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeO23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exeO23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exeO23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe--End of file - 6862 bytes-- File Associations -----------------------------------------------------------All associations okay.-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------R2 pmem - c:\winnt\system32\drivers\pmemnt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows NT Operating System>S3 NTSIM - c:\winnt\system32\ntsim.sys <Not Verified; VIA Networking, Inc.; Network Device Monitor Utility>S3 USB-100 (Linksys EtherFast 10/100 Compact USB Network Adapter) - c:\winnt\system32\drivers\usb100m.sys <Not Verified; Linksys; Linksys Compact USB Network Adapter>-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------R2 AntiVirScheduler (Avira AntiVir Personal – Free Antivirus Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; AntiVir Workstation>-- Device Manager: Disabled ----------------------------------------------------No disabled devices found.-- Files created between 2008-04-12 and 2008-05-12 -----------------------------2008-05-12 19:02:46 0 d-------- C:\Program Files\Avira2008-05-12 19:02:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira2008-05-12 19:01:56 0 d-------- C:\Program Files\Java2008-05-12 19:01:55 0 d-------- C:\Program Files\Common Files\Java2008-05-12 19:01:46 0 d-------- C:\Documents and Settings\Matt Smith\Application Data\Sun2008-05-11 07:48:40 0 d-------- C:\Program Files\Trend Micro2008-05-10 15:21:10 0 d-------- C:\Documents and Settings\Matt Smith\.housecall6.62008-05-10 11:12:52 16384 --a-----t C:\WINNT\system32\Perflib_Perfdata_1cc.dat-- Find3M Report ---------------------------------------------------------------2008-05-12 19:04:53 1288860 ---h----- C:\WINNT\ShellIconCache2008-05-12 19:01:55 0 d-a------ C:\Program Files\Common Files2008-04-21 20:40:05 0 d-------- C:\Program Files\World of Warcraft2008-04-21 01:31:20 0 d-------- C:\Program Files\Full Tilt Poker2008-03-26 01:43:02 0 d-------- C:\Documents and Settings\Matt Smith\Application Data\IGN_DLM2008-03-25 01:41:12 0 d-------- C:\Program Files\IGN-- Registry Dump ---------------------------------------------------------------*Note* empty entries & legit default entries are not shown[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Synchronization Manager"="mobsync.exe" [06/19/03 03:05p C:\WINNT\system32\mobsync.exe]"NvCplDaemon"="C:\WINNT\system32\NvCpl.dll" [08/02/04 09:03p]"nwiz"="nwiz.exe" [07/12/06 02:19p C:\WINNT\system32\nwiz.exe]"NvMediaCenter"="C:\WINNT\System32\NvMcTray.dll" [07/12/06 02:19p]"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [12/16/98 02:53a]"C-Media Mixer"="Mixer.exe" [07/12/02 04:33p C:\WINNT\mixer.exe]"EPSON PictureMate"="C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I2P1.exe" [09/19/03 03:00a]"EPSON PictureMate (Copy 1)"="C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S4I0P1.exe" [10/10/03 03:00a]"EPSON PictureMate Deluxe"="C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_FATI9TA.exe" [10/17/04 03:00a]"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/05/07 09:55p]"P17Helper"="P17.dll" [05/03/05 07:38a C:\WINNT\system32\P17.dll]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/08 04:28a]"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [02/12/08 10:06a][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07/30/07 05:58p]"igndlm.exe"="C:\Program Files\IGN\Download Manager\DLM.exe" [03/05/07 02:57p][HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]"^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktopC:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [1/4/2008 10:56:43 PM]Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [10/23/2006 1:48:20 AM]Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [10/23/2006 12:01:50 AM]EPSON CardMonitor.lnk - C:\Program Files\EPSON\EPSON CardMonitor\EPSON CardMonitor1.1.exe [6/5/2007 9:53:08 PM]WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [1/15/2007 10:04:56 PM][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]@="Service"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]@="Driver"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]@="Driver"*Newly Created Service* - SSMDRV-- End of Deckard's System Scanner: finished at 2008-05-12 19:35:10 ------------Deckard's System Scanner v20071014.68Extra logfile - please post this as an attachment with your post.---------------------------------------------------------------------------------- System Information ----------------------------------------------------------Microsoft Windows 2000 Professional (build 2195) SP 4.0Architecture: X86; Language: EnglishCPU 0: Intel® Pentium® 4 CPU 3.00GHzPercentage of Memory in Use: 25%Physical Memory (total/avail): 1023.48 MiB / 760.78 MiBPagefile Memory (total/avail): 2462.56 MiB / 2215.49 MiBVirtual Memory (total/avail): 2047.88 MiB / 1960.26 MiBC: is Fixed (NTFS) - 189.9 GiB total, 167.61 GiB free. D: is CDROM (CDFS)E: is CDROM (CDFS)\\.\PHYSICALDRIVE0 - Maxtor 6Y200P0 - 128 GiB - 1 partition \PARTITION0 (bootable) - Installable File System - 189.9 GiB - C:-- Security Center -------------------------------------------------------------AUOptions is scheduled to auto-install.-- Environment Variables -------------------------------------------------------ALLUSERSPROFILE=C:\Documents and Settings\All UsersAPPDATA=C:\Documents and Settings\Matt Smith\Application DataCommonProgramFiles=C:\Program Files\Common FilesCOMPUTERNAME=FRANK2ComSpec=C:\WINNT\system32\cmd.exeHOMEDRIVE=C:HOMEPATH=\Documents and Settings\Matt SmithLOGONSERVER=\\FRANK2NUMBER_OF_PROCESSORS=1OS=Windows_NTOs2LibPath=C:\WINNT\system32\os2\dll;Path=C:\WINNT\system32;C:\WINNT;C:\WINNT\System32\WbemPATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSHPROCESSOR_ARCHITECTURE=x86PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 3, GenuineIntelPROCESSOR_LEVEL=15PROCESSOR_REVISION=0303ProgramFiles=C:\Program FilesPROMPT=$P$GSystemDrive=C:SystemRoot=C:\WINNTTEMP=C:\DOCUME~1\MATTSM~1\LOCALS~1\TempTMP=C:\DOCUME~1\MATTSM~1\LOCALS~1\TempUSERDOMAIN=FRANK2USERNAME=Matt SmithUSERPROFILE=C:\Documents and Settings\Matt Smithwindir=C:\WINNT-- User Profiles ---------------------------------------------------------------Matt Smith (admin)-- Add/Remove Programs ---------------------------------------------------------3D Groove Playback Engine --> RunDll32 C:\WINNT\DOWNLO~1\GrooveAX.dll,_RemoveGroove@16Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}Adobe Flash Player 9 ActiveX --> C:\WINNT\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDeleteAdobe Photoshop 7.0 --> C:\WINNT\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll"Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}Adobe Shockwave Player --> C:\WINNT\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINNT\system32\Macromed\SHOCKW~1\Install.logAge of Mythology --> "C:\Program Files\Microsoft Games\Age of Mythology\UNINSTAL.EXE" /runtemp /addremoveAvira AntiVir Personal – Free Antivirus --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVEBiAdmin --> C:\WINNT\IsUninst.exe -f"C:\Program Files\Print Server\Uninst.isu"Canon Camera TWAIN Driver 6.6 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3519A06E-33A4-4910-BB14-7BCE133BF46F} /l1033 Cars - Radiator Springs Adventures --> "C:\Program Files\THQ\Disney-PIXAR\Cars\Radiator Springs Adventures\Uninstall_Cars - Radiator Springs Adventures\Uninstall Cars - Radiator Springs Adventures.exe"Creative Launcher --> C:\WINNT\CTDELLAU.EXE -[Creative LauncherCreative PlayCenter --> C:\WINNT\uninst.exe -f"C:\Program Files\Creative\PlayCenter\DeIsL2.isu"EPSON CardMonitor --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\Setup.exe" -l0x9 uninstEPSON PhotoStarter3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5983C895-DDA4-45D9-A8D1-877D5DE7693E}\Setup.exe" uninstEPSON PictureMate Deluxe User's Guide --> C:\Program Files\epson\guide\picturemate_dlx_e\uninstall.exeEPSON Printer Software --> C:\WINNT\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /RFilm Factory --> C:\WINNT\IsUninst.exe -f"C:\Program Files\EPSON Software\Film Factory\Uninst.isu"Full Tilt Poker --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -l0x9 -removeonlyGoogle Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstallIGN Download Manager 2.3.0 --> C:\Program Files\IGN\Download Manager\uninst.exeJava 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}Medal of Honor Pacific Assault --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}\Setup.exe" -l0x9 -removeonlyMicrosoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}Microsoft .NET Framework 1.1 Hotfix (KB928366) --> "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINNT\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"Microsoft .NET Framework 2.0 Service Pack 1 --> MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINNT\$NtUninstallbasecsp$\spuninst\spuninst.exe"Mozilla Firefox (2.0.0.9) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exeMSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}NVIDIA Drivers --> C:\WINNT\system32\nvudisp.exe UninstallGUIPCI Audio Driver --> cmuninst.exeQuickTime --> C:\WINNT\unvise32qt.exe C:\WINNT\system32\QuickTime\Uninstall.logReader Rabbit's Toddler --> C:\WINNT\IsUninst.exe -fC:\Tlcwin\Rrt\Uninst\DeIsL2.isuSCRABBLE --> C:\PROGRA~1\YAHOO!~1\Scrabble\UNWISE.EXE /U C:\PROGRA~1\YAHOO!~1\Scrabble\INSTALL.LOGSecurity Update for DirectX 9 (KB941568) --> "C:\WINNT\$NtUninstallKB941568_DX9$\spuninst\spuninst.exe"Security Update for Windows 2000 (KB904706) --> Security Update for Windows 2000 (KB923689) --> "C:\WINNT\$NtUninstallKB923689$\spuninst\spuninst.exe"Security Update for Windows 2000 (KB941569) --> "C:\WINNT\$NtUninstallKB941569$\spuninst\spuninst.exe"Sportsbook.com Poker --> C:\Program Files\Sportsbook Poker\uninstall.exeVentrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}VIA Rhine-Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIAVirtools 3D Life Player --> C:\Program Files\Virtools\3D Life Player\WebplayerConfig.exe -uWindows Media Player system update (9 Series) --> C:\PROGRA~1\WINDOW~2\setup_wm.exe /UninstallWinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstallWorld of Warcraft --> C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exeZIP Reader 8.00.0018 --> MsiExec.exe /I{856C155E-4A74-4041-B026-04F96FFD1BCD}-- Application Event Log -------------------------------------------------------Event Record #/Type871 / WarningEvent Submitted/Written: 05/12/2008 07:06:46 PMEvent ID/Source: 35 / WinMgmtEvent Description:WMI ADAP was unable to load the ASP.NET_2.0.50727 performance library because it returned invalid data: 0x0Event Record #/Type870 / WarningEvent Submitted/Written: 05/12/2008 07:06:45 PMEvent ID/Source: 35 / WinMgmtEvent Description:WMI ADAP was unable to load the ASP.NET performance library because it returned invalid data: 0x0Event Record #/Type863 / WarningEvent Submitted/Written: 05/10/2008 04:59:58 PMEvent ID/Source: 35 / WinMgmtEvent Description:WMI ADAP was unable to load the ASP.NET_2.0.50727 performance library because it returned invalid data: 0x0Event Record #/Type862 / WarningEvent Submitted/Written: 05/10/2008 04:59:57 PMEvent ID/Source: 35 / WinMgmtEvent Description:WMI ADAP was unable to load the ASP.NET performance library because it returned invalid data: 0x0Event Record #/Type859 / WarningEvent Submitted/Written: 05/09/2008 07:47:03 AMEvent ID/Source: 35 / WinMgmtEvent Description:WMI ADAP was unable to load the ASP.NET_2.0.50727 performance library because it returned invalid data: 0x0-- Security Event Log ----------------------------------------------------------No Errors/Warnings found.-- System Event Log ------------------------------------------------------------Event Record #/Type2024 / ErrorEvent Submitted/Written: 05/12/2008 07:32:34 PMEvent ID/Source: 10010 / DCOMEvent Description:The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout.Event Record #/Type2023 / ErrorEvent Submitted/Written: 05/12/2008 07:32:04 PMEvent ID/Source: 10010 / DCOMEvent Description:The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout.Event Record #/Type2022 / ErrorEvent Submitted/Written: 05/12/2008 07:31:34 PMEvent ID/Source: 10010 / DCOMEvent Description:The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout.Event Record #/Type2016 / ErrorEvent Submitted/Written: 05/12/2008 03:50:46 PMEvent ID/Source: 10010 / DCOMEvent Description:The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout.Event Record #/Type2015 / ErrorEvent Submitted/Written: 05/12/2008 03:50:16 PMEvent ID/Source: 10010 / DCOMEvent Description:The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout.-- End of Deckard's System Scanner: finished at 2008-05-12 19:35:10 ------------ Link to post Share on other sites
Andro1d Posted May 14, 2008 Report Share Posted May 14, 2008 (edited) Hello again,Please do an online scan with Kaspersky WebScannerClick on AcceptYou will be promted to install an ActiveX component from Kaspersky, Click Yes.The program will launch and then begin downloading the latest definition files:Once the files have been downloaded click on NEXTNow click on Scan SettingsIn the scan settings make that the following are selected:Scan using the following Anti-Virus database:Extended (if available otherwise Standard)Scan Options:Scan ArchivesScan Mail Bases[*]Click OK[*]Now under select a target to scan:Select My Computer[*]This will program will start and scan your system.[*]The scan will take a while so be patient and let it run.[*]Once the scan is complete it will display if your system has been infected.Now click on the Save as Text button:[*]Save the file to your desktop.[*]Copy and paste that information in your next post. Edited May 14, 2008 by MoNsTeReNeRgY22 Link to post Share on other sites
smittypig24 Posted May 15, 2008 Author Report Share Posted May 15, 2008 Here it is...------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, May 15, 2008 3:42:55 PM Operating System: Microsoft Windows 2000 Professional, Service Pack 4 (Build 2195) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 15/05/2008 Kaspersky Anti-Virus database records: 774093-------------------------------------------------------------------------------Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: trueScan Target - My Computer: C:\ D:\ E:\Scan Statistics: Total number of scanned objects: 49181 Number of viruses found: 0 Number of infected objects: 0 Number of suspicious objects: 0 Duration of the scan process: 00:37:50Infected Object Name / Virus Name / Last ActionC:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skippedC:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skippedC:\Documents and Settings\Matt Smith\Cookies\index.dat Object is locked skippedC:\Documents and Settings\Matt Smith\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skippedC:\Documents and Settings\Matt Smith\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skippedC:\Documents and Settings\Matt Smith\Local Settings\History\History.IE5\index.dat Object is locked skippedC:\Documents and Settings\Matt Smith\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skippedC:\Documents and Settings\Matt Smith\NTUSER.DAT Object is locked skippedC:\Documents and Settings\Matt Smith\ntuser.dat.LOG Object is locked skippedC:\WINNT\CSC0000001 Object is locked skippedC:\WINNT\Debug\ipsecpa.log Object is locked skippedC:\WINNT\Debug\oakley.log Object is locked skippedC:\WINNT\Debug\PASSWD.LOG Object is locked skippedC:\WINNT\SchedLgU.Txt Object is locked skippedC:\WINNT\SoftwareDistribution\ReportingEvents.log Object is locked skippedC:\WINNT\Sti_Trace.log Object is locked skippedC:\WINNT\system32\CatRoot\SYSMAST.cbd Object is locked skippedC:\WINNT\system32\CatRoot\SYSMAST.cbk Object is locked skippedC:\WINNT\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATMAST.cbd Object is locked skippedC:\WINNT\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATMAST.cbk Object is locked skippedC:\WINNT\system32\config\AppEvent.Evt Object is locked skippedC:\WINNT\system32\config\default Object is locked skippedC:\WINNT\system32\config\default.LOG Object is locked skippedC:\WINNT\system32\config\SAM Object is locked skippedC:\WINNT\system32\config\SAM.LOG Object is locked skippedC:\WINNT\system32\config\SecEvent.Evt Object is locked skippedC:\WINNT\system32\config\SECURITY Object is locked skippedC:\WINNT\system32\config\SECURITY.LOG Object is locked skippedC:\WINNT\system32\config\software Object is locked skippedC:\WINNT\system32\config\software.LOG Object is locked skippedC:\WINNT\system32\config\SysEvent.Evt Object is locked skippedC:\WINNT\system32\config\system Object is locked skippedC:\WINNT\system32\config\SYSTEM.ALT Object is locked skippedC:\WINNT\WindowsUpdate.log Object is locked skippedScan process completed. Link to post Share on other sites
Andro1d Posted May 15, 2008 Report Share Posted May 15, 2008 Nice job your log looks clean! How is it running?Please use the following suggestion to help prevent reinfection.Also, you may delete any tools I had you download during the cleaning process.Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)Now we need to make a new System Restore Point for your PC, please do the followingClick Start, Settings, Control PanelDouble-click the System iconClick the Performance tab, File System, Troubleshooting tabCheck "Turn off System Restore" and click "Apply". Please give a moment as it will delete the old System Restore pointsThen uncheck "Turn off System Restore" which will create a new System Restore pointClick OKI highly recommend downloading the following programs, to keep malware of your computer to begin with.The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.Malwarebytes' Anti-Malware - A very powerful tool which searches and kills malware that infects your system. **Tutorial on installing & using this product can be found HERE**SpywareBlaster - Great prevention tool to keep malware from installing on your system.**Tutorial on installing & using this product can be found HERE**SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.**Tutorial on installing & using this product can be found HERE**IE-SpyAd - Puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.**Tutorial on installing & using this product can be found HERE**Firewall A firewall is definitely a must have to protect your computer from hackers. I recommend Comodo, Online Armor, or Outpost.**Tutorial on Firewalls can be found HERE**Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.You must stay on top of your updates at all times, for the above mentioned applications.It is vitally important to stay on top of your critical updates provided by Microsoft.And finally a little How did I get infected in the first place?(by Tony Klein)Good luck and safe surfing Link to post Share on other sites
smittypig24 Posted May 18, 2008 Author Report Share Posted May 18, 2008 It runs well, however, internet explorer still hangs when you initially open it. It's like it locks up for 1 minute after you start the program. It will show the yahoo.com start page (my homepage) but you can't click on anything for about a minute. Any ideas on what could be happening? It doesn't do it if I use firefox.-Matt Link to post Share on other sites
Andro1d Posted May 18, 2008 Report Share Posted May 18, 2008 (edited) Hi Matt,Lets try something to see if we can speed up your IE. As a note though, IE is the slowest browser you can use out there. My parents had a similiar issue where they would open IE and it would take about 2 - 3 minutes just to load their home page. I switched them over to Opera, and they haven't had any problems since.Close any Internet Explorer or Windows Explorer windows that are currently open.Open Internet Explorer by clicking the Start button , and then clicking Internet Explorer.Click the Tools button, and then click Internet Options.Click the Advanced tab, and then click Reset.In the Reset Internet Explorer Settings dialog box, click Reset.When Internet Explorer finishes restoring the settings, click Close, and then click OK.Close Internet Explorer.Your changes will take effect the next time you open Internet Explorer.Then...Please register (it's free, don't worry) with PCPitStop and run the full tests here:http://www.pcpitstop.com/pcpitstop/default.aspWhen the tests are complete, a results page will pop up. Click "Share these results with TechExpress" on the right-hand side. Then copy the URL provided and post it here for me. Edited May 18, 2008 by MoNsTeReNeRgY22 Link to post Share on other sites
Recommended Posts