Jump to content


Photo

Hijack this log


  • Please log in to reply
18 replies to this topic

#1 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 July 2004 - 03:20 PM

The only thing i have noticed is that spyware guard keeps warning me that a BHO is trying to take over my homepage i keep rejecting it but it wants to get in the worst way i also ran a panda scan and it found a trojan...ive ran trojanhunter and it didnt pick it up nor did my nortans antivirus 2003 and its been updated...another thing i noticed is that i cant install the latest patches from microsoft..it keeps telling me that the download failed and to try again..i try again and it keeps saying the same thing over and over..also i cant load spywareblaster either.....please help

Logfile of HijackThis v1.97.7
Scan saved at 3:13:10 PM, on 7/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Owner\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Owner\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 3.9\THGuard.exe"
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab

#2 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 July 2004 - 03:33 PM

Also i cant get the updates from Cwshredder when i click on updates.

#3 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 July 2004 - 03:54 PM

I ran about:buster and it still came back.

#4 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 July 2004 - 03:57 PM

Just ran Find and Fix...


»»»»»»»»»»»»»»»»»»*** freeatlast.100free.com ***»»»»»»»»»»»»»»»»

Microsoft Windows XP [Version 5.1.2600]
The type of the file system is NTFS.
C: is not dirty.

Sat 07/03/2004
3:55pm up 0 days, 2:02
»»»»»»»»»»»»»»»»»»***Attention!***»»»»»»»»»»»»»»»»
Files listed in this section (in System32) are not always definitive!
Always Double Check and be sure the file pointed doesn't exist!

»»Locked or 'Suspect' file(s) found...


C:\WINDOWS\System32\ACCTRES.DLL +++ File read error
\\?\C:\WINDOWS\System32\ACCTRES.DLL +++ File read error
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»Special 'locked' files scan in 'System32'........
**File C:\FINDnFIX\LIST.TXT
ACCTRES.DLL Can't Open!
COMRES.DLL Can't Open!
DFRGRES.DLL Can't Open!
DMDSKRES.DLL Can't Open!
DSPRPRES.DLL Can't Open!
INETRES.DLL Can't Open!
RES.DLL Can't Open!
RTCRES.DLL Can't Open!
SYSRES.DLL Can't Open!
XPOB2RES.DLL Can't Open!
XPSP1RES.DLL Can't Open!
XPSP2RES.DLL Can't Open!

****Filtering files in System32... (-h -s -r...) ***
»»»*»»»*»»»*»»»*»»»*»»»*»»»*»»»*»»»*»»»

C:\WINDOWS\SYSTEM32\
res.dll Wed Jun 30 2004 7:53:28a A...R 57,344 56.00 K

1 item found: 1 file, 0 directories.
Total of file sizes: 57,344 bytes 56.00 K

No matches found.

Sniffing..........
Power SNiF 1.34 - The Ultimate File Snifferdog. Created Mar 16 1992, 21:09:15.

Sniffed -> C:\WINDOWS\SYSTEM32\RES.DLL
»»»*»»»*»»»*»»»*»»»*»»»*»»»*»»»*»»»*»»»

»»Size of Windows key:
(*Default-450 *No AppInit-398 *fake(infected)-448,504,512...)

Size of HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Windows: 448

»»Security settings for 'Windows' key:


RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)
This program is Freeware, use it on your own risk!

Access Control List for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:
(ID-NI) ALLOW Read BUILTIN\Users
(ID-IO) ALLOW Read BUILTIN\Users
(ID-NI) ALLOW Full access BUILTIN\Administrators
(ID-IO) ALLOW Full access BUILTIN\Administrators
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Full access VALUED-7B9600FA\Owner
(ID-IO) ALLOW Full access CREATOR OWNER

Effective permissions for Registry key hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:
Read BUILTIN\Users
Full access BUILTIN\Administrators
Full access NT AUTHORITY\SYSTEM
Full access VALUED-7B9600FA\Owner


»»Member of...: (Admin logon required!)
User is a member of group VALUED-7B9600FA\None.
User is a member of group \Everyone.
User is a member of group VALUED-7B9600FA\Debugger Users.
User is a member of group BUILTIN\Administrators.
User is a member of group BUILTIN\Users.
User is a member of group \LOCAL.
User is a member of group NT AUTHORITY\INTERACTIVE.
User is a member of group NT AUTHORITY\Authenticated Users.

»»Dir 'junkxxx' was created with the following permissions...
(FAT32=NA)
Directory "C:\junkxxx"
Permissions:
Type Flags Inh. Mask Gen. Std. File Group or User
======= ======== ==== ======== ==== ==== ==== ================
Allow 00000003 tco- 001F01FF ---- DSPO rw+x BUILTIN\Administrators
Allow 00000003 tco- 001F01FF ---- DSPO rw+x NT AUTHORITY\SYSTEM
Allow 00000000 t--- 001F01FF ---- DSPO rw+x VALUED-7B9600FA\Owner
Allow 0000000B -co- 10000000 ---A ---- ---- \CREATOR OWNER
Allow 00000003 tco- 001200A9 ---- -S-- r--x BUILTIN\Users
Allow 00000002 tc-- 00000004 ---- ---- --+- BUILTIN\Users
Allow 00000002 tc-- 00000002 ---- ---- -w-- BUILTIN\Users

Owner: VALUED-7B9600FA\Owner

Primary Group: VALUED-7B9600FA\None



»»»»»»Backups created...»»»»»»
3:55pm up 0 days, 2:03
Sat 07/03/2004

A C:\FINDnFIX\winBack.hiv
--a-- - - - - - 8,192 06-26-2004 winback.hiv
A C:\FINDnFIX\keys1\winkey.reg
--a-- - - - - - 268 06-26-2004 winkey.reg

»»Performing 16bit string scan....

---------- WIN.TXT
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710

3/3Z3
3d3v3
Windows
UDeviceNotSelectedTimeout
zGDIProcessHandleQuota"
Spooler2
5swapdisk
TransmissionRetryTimeout
USERProcessHandleQuota
,<><(
<c<h<v<
=!=1=B=g=l=z=
>-><>L>s>
?C?H?X?
?n?y?
0&0<0B0G0Q0Y0e0j0p0x0
1-131;1
1F1N1Y1a1g1l1q1v1
1"2'2,2;2F2N2Y2
2i2t2
3%3*3<3J3k3q3
4%4+434=4H4N4V4
4c4h4s4x4
6I6N6
6f6q6
1 1$1(1,1014181<1
1D1H1L1P1T1X1
1d1h1l1p1t1x1
2 2(20282
2H2P2X2
2h2p2x2
4 4$4(4,4044484<4
4D4H4L4P4T4X4
4d4h4l4p4t4x4
5 5$5(5,5054585<5
5D5H5L5P5T5X5
5d5h5l5p5t5x5
6 6$6(6,6064686<6
6D6H6L6P6T6X6
6d6h6l6p6t6x6

**File C:\FINDnFIX\WIN.TXT


#5 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 July 2004 - 04:33 PM

:gah:

:rant:

#6 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 03 July 2004 - 04:42 PM

Just dl the new hijackthis...here's my log...

Logfile of HijackThis v1.98.0
Scan saved at 4:41:31 PM, on 7/3/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 3.9\THGuard.exe"
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab

#7 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 04 July 2004 - 01:09 PM

bump

#8 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 04 July 2004 - 01:24 PM

I think this is the about/buster log....

About:Buster Version 1.24
Attempted Clean Of Temp folder.
Removed LEGACY___NS_Service_3 Key
Pages Reset... Done!

#9 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Developer
  • PipPipPipPipPip
  • 878 posts

Posted 04 July 2004 - 01:28 PM

Hi Noobie :).


About:buster does not remove this variant just yet.

It looks however that you removed this variant... somehow without help

Run Hijack this tick the boxes next to these items

R3 - Default URLSearchHook is missing
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)

Then close all windows and hit fix checked.

You should be clean from then on. Restart and see if the problem comes back...


Also if you have this file - sp.html - in your temp or windows folder can you zip it up and send it to Here

Edited by RubbeR DuckY, 04 July 2004 - 01:29 PM.

Marcin Kleczynski
Chief Executive Officer
Malwarebytes Corporation

Follow me on Twitter or check out my Blog!

#10 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 04 July 2004 - 02:49 PM

First off THANK YOU SO MUCH RUBBER DUCKY for responding i can just imagine how backed up you are in ppls post :D :love: :D

ok here it goes..this is my log after i deleted the items you had mentioned...

Logfile of HijackThis v1.98.0
Scan saved at 2:38:17 PM, on 7/4/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\unzipped\hijackthis\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Owner\LOCALS~1\Temp\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = file://C:\DOCUME~1\Owner\LOCALS~1\Temp\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 3.9\THGuard.exe"
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe" +c
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O18 - Filter: text/html - {31BEFD82-9D28-41D6-BFBB-A711C8DD4673} - C:\WINDOWS\System32\gpcl.dll
O18 - Filter: text/plain - {31BEFD82-9D28-41D6-BFBB-A711C8DD4673} - C:\WINDOWS\System32\gpcl.dll

also i did find an SP file in my temp folder....but get this when i went into the folder its self the file was not there i had to run a search for SP.HTML to find it .

Also i am unable to reinstall spyware blaster....i get a message like this
THIS PROGRAM HAS BEEN DAMAGED,POSSIBLY BY A BAD SECTOR OF THE HARD DRIVE OR A VIRUS,PLEASE REINSTALL. <---i keep trying but no luck

Also i cant Download the windows critcal updates i have XP

oh one more thing i have nortons antivirus 2003 updated and trojanhunter and both could not find anything....but when i ran panda scan it found a trojan...forgot the name of it though.

in all the only thing that is keeping my homepage being hijacked is spyware guard it keeps poping up telling me of the BHO trying to install i keep removing it and it keeps coming back...SPYWARE GUARD is the only thing that is right now protecting me from being hijacked with all its prompting.

Oh i have winzip but have never zipped a file and sent it ....ill need help with that..sorry.

i hope i havent left anything out.....Thnaks

#11 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 July 2004 - 03:58 PM

bump.

#12 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Developer
  • PipPipPipPipPip
  • 878 posts

Posted 05 July 2004 - 04:19 PM

Hey can you goto Start - Run - Type in Local Settings - double click Temp. Then in that folder look for sp.html. Can you zip up the file and send it to Here



Edit: Im not sure how to find the .dll just yet. I had one but someone said its not it.. Gimme a minute :)

Edited by RubbeR DuckY, 05 July 2004 - 04:22 PM.

Marcin Kleczynski
Chief Executive Officer
Malwarebytes Corporation

Follow me on Twitter or check out my Blog!

#13 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 July 2004 - 05:30 PM

Hi ducky sorry for responding late .... i did find the sp.html again even after i deleted it,it came back again...ive never zipped a file before ill need help with that.. :unsure:

#14 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Developer
  • PipPipPipPipPip
  • 878 posts

Posted 05 July 2004 - 05:40 PM

Right click on the file. Hit Sent To -> Compressed Folder. The file should be called sp.zip and it should be a folder with a zipper through it. Then attach the file to the e-mail and send it.
Marcin Kleczynski
Chief Executive Officer
Malwarebytes Corporation

Follow me on Twitter or check out my Blog!

#15 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 July 2004 - 06:30 PM

Ok i have the file zipped but when i click on HERE in the post above it keeps telling me Could not perform this operation because the default mail client is not properly installed

#16 RubbeR DuckY

RubbeR DuckY

    Marcin

  • Developer
  • PipPipPipPipPip
  • 878 posts

Posted 05 July 2004 - 06:36 PM

Send it to TBoY14 at msn.com

Replace at with @
Marcin Kleczynski
Chief Executive Officer
Malwarebytes Corporation

Follow me on Twitter or check out my Blog!

#17 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 July 2004 - 07:08 PM

I sent it ducky ...let me know if you have it or if i need to resend it..thanks

#18 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 05 July 2004 - 07:26 PM

Bump.

#19 noobie

noobie

    Member

  • Full Member
  • Pip
  • 20 posts

Posted 06 July 2004 - 09:07 AM

Bump.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button