Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

W32:crypt-cmv [trj] Virus Affected Most Exe Files


  • This topic is locked This topic is locked
2 replies to this topic

#1 Sudar

Sudar

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:28 AM

Posted 06 August 2008 - 04:53 PM

Hi,

3 days back i was affected by the virus : W32:Crypt-CMV [Trj]
I ran Avast and it detected it and put it in quarantine. i am not able to heal it.
This has affected many of the EXE files on my system.
vlc.exe, adobe, nero.exe and even winword.exe etc

Many of my software setup.exe files are affected. I could not find any way to clean these files
These EXE files are not unusable and hence their Applications dont work.
Please help in cleaning this !

FYI - i reinsalled OFfice and then it worked, but existing files are still unusable
I have pasted the DSS log here !!!!

**********
MAIN.TXT
**********

Deckard's System Scanner v20071014.68
Run by VISHAL on 2008-08-07 02:57:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 3 Restore Point(s) --
3: 2008-08-06 20:59:26 UTC - RP90 - Removed CA eTrust Antivirus
2: 2008-08-06 20:58:06 UTC - RP89 - Removed CA eTrust Antivirus
1: 2008-08-06 00:53:07 UTC - RP88 - Installed AVG Free 8.0


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 1014 MiB (1024 MiB recommended).


-- HijackThis (run as VISHAL.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:00:41 AM, on 8/7/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\VISHAL\Desktop\dss.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\VISHAL.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: ViewerHelper Class - {78104A01-8E71-4F30-9A36-3793799615B4} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {D94D958F-4B34-442A-83BE-BB56C5916329} - C:\Windows\system32\apirc.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [gemstrmw] C:\Windows\system32\gemstrmw.exe /r
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Desktop__.ini
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.7.4.dll
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40971 - {685ec120-f786-4498-a8f0-794d47916161} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O9 - Extra button: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-205 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Microsoft\Rights Management Add-on\RMARes.dll,-40970 - {aede78a6-42b6-4c3c-96eb-5ae6dbec4859} - C:\Program Files\Microsoft\Rights Management Add-on\RMAFilt.dll (HKCU)
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 8048 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S4 msvsmon80 (Visual Studio 2005 Remote Debugger) - "c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe" /service msvsmon80


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description:
Device ID: ROOT\*ISATAP\0000
Manufacturer: Microsoft
Name:
PNP Device ID: ROOT\*ISATAP\0000
Service: tunnel

Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01BD1028&REV_01\4&17A74D1&0&0AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_01BD1028&REV_01\4&17A74D1&0&0AF0
Service:

Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_01BD1028&REV_0A\4&17A74D1&0&0BF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_01BD1028&REV_0A\4&17A74D1&0&0BF0
Service:

Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_01BD1028&REV_05\4&17A74D1&0&0CF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_01BD1028&REV_05\4&17A74D1&0&0CF0
Service:

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: WAN Miniport (SSTP)
Device ID: ROOT\MS_SSTPMINIPORT\0000
Manufacturer: Microsoft
Name: WAN Miniport (SSTP)
PNP Device ID: ROOT\MS_SSTPMINIPORT\0000
Service: RasSstp


-- Files created between 2008-07-07 and 2008-08-07 -----------------------------

2008-08-07 02:31:32 0 d-------- C:\Program Files\Trend Micro
2008-08-06 06:50:17 0 d--h----- C:\$AVG8.VAULT$
2008-08-06 06:24:15 0 d-------- C:\Windows\system32\drivers\Avg
2008-08-06 06:23:51 0 d-------- C:\Program Files\AVG
2008-08-06 06:23:50 0 d-------- \ProgramData\avg8
2008-08-04 00:12:52 0 d-------- C:\Program Files\Alwil Software
2008-08-03 14:59:34 0 d-------- C:\Program Files\CA
2008-08-03 14:21:22 0 d--h----- C:\Windows\PIF
2008-07-09 05:51:49 0 d-------- C:\Program Files\Microsoft
2008-07-07 08:16:11 0 --a------ C:\Windows\nsreg.dat


-- Find3M Report ---------------------------------------------------------------

2008-08-07 02:57:40 0 d-------- \Windows
2008-08-07 02:57:19 0 d-------- \Deckard
2008-08-07 02:34:39 0 d--hs---- \System Volume Information
2008-08-07 02:31:32 0 dr------- \Program Files
2008-08-07 02:30:58 0 d--hs---- \Config.Msi
2008-08-07 02:09:40 1377644544 --ahs---- \pagefile.sys
2008-08-06 07:12:55 12 --a------ C:\Windows\bthservsdp.dat
2008-08-06 07:10:38 0 d--h----- \$AVG8.VAULT$
2008-08-06 06:23:50 0 d--h----- \ProgramData
2008-08-06 06:18:50 0 d-------- C:\Program Files\ffdshow
2008-08-06 06:18:50 0 d-------- C:\Program Files\BitComet
2008-08-06 06:18:49 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-08-06 06:18:48 0 d-------- C:\Program Files\Free Audio Pack
2008-08-06 06:18:18 0 dr------- \Downloads
2008-08-06 06:18:15 0 d-------- C:\Program Files\DivX
2008-08-04 13:47:56 0 d-------- C:\Program Files\Microsoft Works
2008-08-03 15:01:36 557 --a------ \Pltfrm2.ini
2008-08-03 13:53:14 0 dr------- \Users
2008-08-03 13:53:14 0 d-------- \temp
2008-08-03 13:50:54 0 d-------- C:\Program Files\Yahoo!
2008-08-03 13:50:43 0 d-------- C:\Program Files\Windows Sidebar
2008-08-03 13:50:42 0 d-------- C:\Program Files\Windows Photo Gallery
2008-08-03 13:50:42 0 d-------- C:\Program Files\Windows Mail
2008-08-03 13:50:41 0 d-------- C:\Program Files\Windows Journal
2008-08-03 13:50:41 0 d-------- C:\Program Files\Windows Installer Clean Up
2008-08-03 13:50:40 0 d-------- C:\Program Files\Windows Defender
2008-08-03 13:50:40 0 d-------- C:\Program Files\Windows Calendar
2008-08-03 13:50:24 0 d-------- C:\Program Files\Winamp
2008-08-03 13:50:21 0 d-------- C:\Program Files\WIDCOMM
2008-08-03 13:50:21 0 d-------- C:\Program Files\vLite
2008-08-03 13:50:09 0 d-------- C:\Program Files\VideoLAN
2008-08-03 13:50:08 0 d-------- C:\Program Files\Synaptics
2008-08-03 13:50:07 0 d-------- C:\Program Files\SQLXML 4.0
2008-08-03 13:50:04 0 d-------- C:\Program Files\SpaceMonger
2008-08-03 13:49:53 0 d-------- C:\Program Files\SigmaTel
2008-08-03 13:49:53 0 d-------- C:\Program Files\Reference Assemblies
2008-08-03 13:49:50 0 d-------- C:\Program Files\Real Alternative
2008-08-03 13:49:50 0 d-------- C:\Program Files\PlayFLV
2008-08-03 13:49:39 0 d-------- C:\Program Files\Nero
2008-08-03 13:49:38 0 d-------- C:\Program Files\MSECACHE
2008-08-03 13:49:38 0 d-------- C:\Program Files\MSBuild
2008-08-03 13:49:34 0 d-------- C:\Program Files\Microsoft.NET
2008-08-03 13:49:09 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-08-03 13:48:21 0 d-------- C:\Program Files\Microsoft SQL Server
2008-08-03 13:47:19 0 d-------- C:\Program Files\Microsoft Games
2008-08-03 13:47:19 0 d-------- C:\Program Files\Microsoft Analysis Services
2008-08-03 13:47:17 0 d-------- C:\Program Files\Media Player Classic
2008-08-03 13:47:16 0 d-------- C:\Program Files\KONAMI
2008-08-03 13:47:14 0 d-------- C:\Program Files\Google
2008-08-03 13:47:13 0 d-------- C:\Program Files\Gemplus
2008-08-03 13:47:12 0 d-------- C:\Program Files\Fma
2008-08-03 13:47:09 0 d-------- C:\Program Files\Dell
2008-08-03 13:47:08 0 d-------- C:\Program Files\Broadcom
2008-08-03 13:46:54 8 -r-hs---- C:\Program Files\Desktop__.ini
2008-08-03 13:46:49 0 dr-h----- \MSOCache
2008-08-03 13:46:48 0 d-------- \Intel
2008-08-03 13:46:17 0 d-------- \dell
2008-08-03 13:46:15 0 d--hs---- \Boot
2008-08-03 13:46:15 0 d--hs---- \$Recycle.Bin
2008-06-29 17:58:31 174 --ahs---- C:\Program Files\desktop.ini
2008-06-29 17:50:32 0 d-------- C:\Program Files\Windows Collaboration
2008-06-29 17:50:32 0 d-------- C:\Program Files\Movie Maker
2008-06-09 14:06:01 0 d-------- C:\Program Files\Common Files
2008-06-09 14:06:01 0 d-------- C:\Program Files\Common Files\Adobe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D94D958F-4B34-442A-83BE-BB56C5916329}]
C:\Windows\system32\apirc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [07/11/2007 08:56 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/15/2006 07:06 PM]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [03/09/2007 06:53 PM]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [01/28/2008 01:56 PM]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [01/28/2008 01:56 PM]
"Persistence"="C:\Windows\system32\igfxpers.exe" [01/28/2008 01:56 PM]
"gemstrmw"="C:\Windows\system32\gemstrmw.exe" [08/29/2003 11:35 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [07/19/2008 08:08 PM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [08/06/2008 06:23 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [03/12/2007 01:49 PM]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [02/21/2008 09:40 PM]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [04/01/2008 03:09 PM]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A70001000000}\SC_Reader.exe [6/9/2008 2:06:08 PM]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [11/3/2006 5:55:50 PM]
Desktop__.ini [8/3/2008 1:51:20 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5456c25d-29c3-11dd-98c7-0015c5ced0a2}]
AutoRun\command- F:\autorun_PES2008.exe


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- Hosts -----------------------------------------------------------------------

127.0.0.1 dl2.teenpassage.com


-- End of Deckard's System Scanner: finished at 2008-08-07 03:03:25 ------------




*************
EXTRA.TXT
*************

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Ultimate (build 6000)
Architecture: X86; Language: English

CPU 0: Intel® Core™2 CPU T5500 @ 1.66GHz
Percentage of Memory in Use: 76%
Physical Memory (total/avail): 1013.82 MiB / 240.01 MiB
Pagefile Memory (total/avail): 2280.74 MiB / 1150.84 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.34 MiB

C: is Fixed (NTFS) - 30 GiB total, 9.11 GiB free.
D: is Fixed (FAT32) - 31.48 GiB total, 5.64 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Hitachi HTS541680J9SA00 ATA Device - 74.53 GiB - 5 partitions
\PARTITION0 (bootable) - Installable File System - 30 GiB - C:
\PARTITION1 - Unknown - 31.5 GiB - D:
\PARTITION2 - Extended w/Extended Int 13 - 9.97 GiB
\PARTITION3 - Unknown - 3 GiB



-- Security Center -------------------------------------------------------------

Windows Internal Firewall is enabled.

AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
AV: avast! antivirus 4.8.1229 [VPS 080806-0] v4.8.1229 (ALWIL Software) Disabled
AS: AVG Anti-Virus Free v8.0 (AVG Technologies) Disabled
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
AS: avast! antivirus 4.8.1229 [VPS 080806-0] v4.8.1229 (ALWIL Software) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\VISHAL\AppData\Roaming
AVENGINE=C:\PROGRA~1\CA\SHARED~1\SCANEN~1
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=THEMATRIX
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HKCU_S=\REGISTRY\CUSER\Software
HKLM_S=\REGISTRY\MACHINE\Software
HOMEDRIVE=C:
HOMEPATH=\Users\VISHAL
INOCULAN=C:\Program Files\CA\eTrust Antivirus
lib=C:\Program Files\SQLXML 4.0\bin\
LOCALAPPDATA=C:\Users\VISHAL\AppData\Local
LOGONSERVER=\\THEMATRIX
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Microsoft SQL Server\90\DTS\Binn\;C:\Program Files\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\PrivateAssemblies\;C:\PROGRA~1\CA\SHARED~1\SCANEN~1;C:\Program Files\CA\eTrust Antivirus;C:\Program Files\AVG\AVG8
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\VISHAL\AppData\Local\Temp
TMP=C:\Users\VISHAL\AppData\Local\Temp
USERDOMAIN=TheMatrix
USERNAME=VISHAL
USERPROFILE=C:\Users\VISHAL
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

VISHAL (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70001000000}
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BitComet 0.91 --> C:\Program Files\BitComet\uninst.exe
Broadcom 440x 10/100 Integrated Controller --> MsiExec.exe /X{612B9183-67A9-4B44-9877-2F059E35B86A}
Cardmod_x86 and MSITPintool --> MsiExec.exe /I{210C4411-95A8-4CAF-8B23-F964CF8A78F3}
Counter-Strike: Condition Zero --> D:\GAMES\VALVE\CONDIT~1\UNWISE.EXE D:\GAMES\VALVE\CONDIT~1\INSTALL.LOG
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
ffdshow (remove only) --> "C:\Program Files\ffdshow\uninstall.exe"
Free Mp3 Wma Converter V 1.7.2 --> "C:\Program Files\Free Audio Pack\unins000.exe"
Gemplus Smart Card Reader Tools --> C:\Program Files\Gemplus\ReaderTools\Installer\setup.exe /u
Google Talk (remove only) --> "C:\Users\VISHAL\AppData\Roaming\Google\Google Talk\uninstall.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel® Graphics Media Accelerator Driver --> C:\Windows\system32\igxpun.exe -uninstall
Microsoft Office 2003 Web Components --> MsiExec.exe /I{90A40409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005 --> MsiExec.exe /I{2373A92B-1C1C-4E71-B494-5CA97F96AA19}
Microsoft SQL Server 2005 Backward compatibility --> MsiExec.exe /I{69880C00-08DD-4385-B752-9C62656F6D1E}
Microsoft SQL Server 2005 Books Online (English) --> MsiExec.exe /I{0B43A744-B1B8-4089-9BD1-9D41C7EC0AA3}
Microsoft SQL Server 2005 Tools --> MsiExec.exe /I{90032DD0-ABEE-4424-AC1E-B076BDD4E350}
Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual Studio 2005 Premier Partner Edition - ENU --> MsiExec.exe /I{C25EF637-BE7A-4761-9B45-9069989C319F}
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Premium --> MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PlayFLV --> "C:\Program Files\PlayFLV\uninstall.exe"
Pro Evolution Soccer 2008 --> C:\Program Files\InstallShield Installation Information\{2FDFD600-7338-4738-90D5-FC4ACA08DC36}\setup.exe -runfromtemp -l0x0409
Real Alternative 1.29 --> "C:\Program Files\Real Alternative\unins000.exe"
Rights Management Add-on for Internet Explorer --> MsiExec.exe /I{3505E1E2-8127-4681-A3EC-F9B5CAAA07C9}
Service Pack 2 for SQL Server Database Services 2005 ENU (KB921896) --> C:\Windows\SQL9_KB921896_ENU\Hotfix.exe /Uninstall
Service Pack 2 for SQL Server Tools and Workstation Components 2005 ENU (KB921896) --> C:\Windows\SQLTools9_KB921896_ENU\Hotfix.exe /Uninstall
SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
SpaceMonger 2.1.1 --> C:\Program Files\SpaceMonger\unins000.exe
SpeechRedist --> MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
SQLXML4 --> MsiExec.exe /I{36DD7006-7BFE-4E3D-AF6E-FA734BC879B7}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
VideoLAN VLC media player 0.8.6e --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.3100 --> MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type11987 / Warning
Event Submitted/Written: 08/07/2008 02:29:57 AM
Event ID/Source: 10010 / Microsoft-Windows-RestartManager
Event Description:
14620C:\Windows\System32\msiexec.exeWindows® installer001671088651

Event Record #/Type11986 / Warning
Event Submitted/Written: 08/07/2008 02:29:57 AM
Event ID/Source: 10010 / Microsoft-Windows-RestartManager
Event Description:
13544C:\Windows\explorer.exeWindows Explorer041671088651

Event Record #/Type11972 / Success
Event Submitted/Written: 08/07/2008 02:10:27 AM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type11971 / Success
Event Submitted/Written: 08/07/2008 02:10:22 AM
Event ID/Source: 5615 / WinMgmt
Event Description:


Event Record #/Type11969 / Success
Event Submitted/Written: 08/07/2008 02:10:11 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type56351 / Warning
Event Submitted/Written: 08/07/2008 03:01:13 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TheMatrix27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TheMatrix27 can't undo changes that you allow.

For more information please see the following:
%TheMatrix275

Scan ID: {766E6994-1CD3-4806-BA46-26A660309C62}

User: TheMatrix\VISHAL

Name: %TheMatrix271

ID: %TheMatrix272

Severity ID: %TheMatrix273

Category ID: %TheMatrix274

Path Found: %TheMatrix276

Alert Type: %TheMatrix278

Detection Type: 1.1.1505.02

Event Record #/Type56350 / Warning
Event Submitted/Written: 08/07/2008 03:01:13 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TheMatrix27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TheMatrix27 can't undo changes that you allow.

For more information please see the following:
%TheMatrix275

Scan ID: {1DE731F8-55EA-4438-87D8-146F0BE63BDA}

User: TheMatrix\VISHAL

Name: %TheMatrix271

ID: %TheMatrix272

Severity ID: %TheMatrix273

Category ID: %TheMatrix274

Path Found: %TheMatrix276

Alert Type: %TheMatrix278

Detection Type: 1.1.1505.02

Event Record #/Type56349 / Warning
Event Submitted/Written: 08/07/2008 03:01:13 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TheMatrix27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TheMatrix27 can't undo changes that you allow.

For more information please see the following:
%TheMatrix275

Scan ID: {21DD2EDB-A8F7-480E-9A83-3460547CD5E0}

User: TheMatrix\VISHAL

Name: %TheMatrix271

ID: %TheMatrix272

Severity ID: %TheMatrix273

Category ID: %TheMatrix274

Path Found: %TheMatrix276

Alert Type: %TheMatrix278

Detection Type: 1.1.1505.02

Event Record #/Type56348 / Warning
Event Submitted/Written: 08/07/2008 03:01:13 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TheMatrix27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TheMatrix27 can't undo changes that you allow.

For more information please see the following:
%TheMatrix275

Scan ID: {A1D107A4-4E9C-4675-B9E6-100FA12A3964}

User: TheMatrix\VISHAL

Name: %TheMatrix271

ID: %TheMatrix272

Severity ID: %TheMatrix273

Category ID: %TheMatrix274

Path Found: %TheMatrix276

Alert Type: %TheMatrix278

Detection Type: 1.1.1505.02

Event Record #/Type56347 / Warning
Event Submitted/Written: 08/07/2008 03:01:13 AM
Event ID/Source: 3004 / WinDefend
Event Description:
%TheMatrix27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %TheMatrix27 can't undo changes that you allow.

For more information please see the following:
%TheMatrix275

Scan ID: {D28EC886-3106-4D26-B941-700C37053F11}

User: TheMatrix\VISHAL

Name: %TheMatrix271

ID: %TheMatrix272

Severity ID: %TheMatrix273

Category ID: %TheMatrix274

Path Found: %TheMatrix276

Alert Type: %TheMatrix278

Detection Type: 1.1.1505.02



-- End of Deckard's System Scanner: finished at 2008-08-07 03:03:25 ------------

Attached Files



BC AdBot (Login to Remove)

 


#2 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:04:58 AM

Posted 18 August 2008 - 04:56 AM

Hello and welcome to BC

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. We aim to provide the valuable service known to come from BC to every member we can, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Upon completing the steps below a staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

Thanks and again sorry for the delay.

Please see here for instructions
how to install HijackThis and make a logfile. Save it into convenient location and include it to your next reply, please.

Next
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
Please post back with HijackThis log and Kaspersky report.

Regards
Microsoft MVP Consumer Security
Posted Image

Posted Image

#3 Shaba

Shaba

    Koutsi


  • Members
  • 7,872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:04:58 AM

Posted 23 August 2008 - 03:46 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Microsoft MVP Consumer Security
Posted Image

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users