Easy29 Posted December 6, 2012 ID:620448 Share Posted December 6, 2012 Hi there, I recently got a call from my bank telling me they have locked my account because of malware attack. When I google an anti virus site, norton for example it redirects me to google. I have used malware bytes which now shows no infected files. - how can I be sure it's gone though?Thanks, hope i posted this in the correct section. Link to post Share on other sites More sharing options...
MrCharlie Posted December 6, 2012 ID:620463 Share Posted December 6, 2012 Welcome to the forum, please start at the link below:http://forums.malwar...?showtopic=9573Post back the 2 logs here.....DDS.txt and Attach.txt<====><====><====><====><====><====><====><====>Next.......Please remove any usb or external drives from the computer before you run this scan!Quit all running programs.Please download and run RogueKiller to your desktop.For Windows XP, double-click to start.For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything!Don't run any other options, they're not all bad!!!!!!!Post back the report which should be located on your desktop.MrC------->Your topic will be closed if you haven't replied within 3 days!<--------(If I don't respond within 48 hours, please send me a PM) Link to post Share on other sites More sharing options...
Easy29 Posted December 6, 2012 Author ID:620466 Share Posted December 6, 2012 DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2Run by Eric at 13:43:22 on 2012-12-06Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.2806.1365 [GMT 11:00].SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ================.C:\windows\system32\wininit.exeC:\windows\system32\lsm.exeC:\windows\system32\nvvsvc.exeC:\windows\system32\WLANExt.exeC:\windows\system32\conhost.exeC:\windows\System32\spoolsv.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exeC:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exeC:\windows\system32\TODDSrv.exeC:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exeC:\Program Files\NVIDIA Corporation\Display\NvXDSync.exeC:\windows\system32\nvvsvc.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\windows\system32\taskhost.exeC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\TOSHIBA\Power Saver\TPwrMain.exeC:\Program Files\TOSHIBA\FlashCards\TCrdMain.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exeC:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exeC:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exeC:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\AVG Secure Search\vprot.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Windows\System32\rundll32.exeC:\Program Files\iPod\bin\iPodService.exeC:\windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\windows\system32\taskeng.exeC:\Program Files\TOSHIBA\ConfigFree\NDSTray.exeC:\windows\system32\wbem\wmiprvse.exeC:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exeC:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exeC:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exeC:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exeC:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exeC:\windows\system32\wuauclt.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\SearchProtocolHost.exeC:\windows\system32\SearchFilterHost.exeC:\windows\system32\conhost.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\System32\svchost.exe -k LocalServiceNoNetworkC:\windows\system32\svchost.exe -k imgsvcC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.google.com.au/uSearch Bar = PreserveuDefault_Page_URL = hxxp://toshiba.msn.commURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dllBHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dllBHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dllBHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - c:\program files\toshiba\toshiba media controller plug-in\TOSHIBAMediaControllerIE.dllTB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - c:\program files\utorrentbar\prxtbuTor.dllTB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\prxtbuTor.dllTB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dlluRun: [Reimage] RUNDLL32.EXE c:\users\eric\appdata\local\reimage\bvgnlvoi.dll,vlc_entry__1_0_0emRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXEmRun: [TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exemRun: [smartAudio] c:\program files\conexant\saii\SAIICpl.exe /tmRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [iTSecMng] c:\program files\toshiba\bluetooth toshiba stack\ItSecMng.exe /STARTmRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exemRun: [ToshibaServiceStation] c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe /hide:60mRun: [TosVolRegulator] c:\program files\toshiba\tosvolregulator\TosVolRegulator.exemRun: [TosNC] c:\program files\toshiba\bulletinboard\TosNcCore.exemRun: [TosReelTimeMonitor] c:\program files\toshiba\reeltime\TosReelTimeMonitor.exemRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exemRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbyloginmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - c:\program files\toshiba\bulletinboard\TosBBCom.dllDPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabTCP: NameServer = 192.168.2.1TCP: Interfaces\{028B5156-3E80-482F-BDB0-F8F10628A15A} : DHCPNameServer = 198.142.0.51 61.88.88.88TCP: Interfaces\{3984DFF2-D05C-4E8F-80DE-96DFD89E47B6} : DHCPNameServer = 198.142.0.51 61.88.88.88TCP: Interfaces\{B1A59E09-7A66-4BE9-BB5A-40B927B39C1D} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{B1A59E09-7A66-4BE9-BB5A-40B927B39C1D}\14E64627F696461405 : DHCPNameServer = 192.168.43.1TCP: Interfaces\{B1A59E09-7A66-4BE9-BB5A-40B927B39C1D}\445616B696E6023556475707 : DHCPNameServer = 10.128.0.21 10.64.0.21 10.96.0.21TCP: Interfaces\{B1A59E09-7A66-4BE9-BB5A-40B927B39C1D}\46F6E6E656C6C69737D6F64656D6 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{B1A59E09-7A66-4BE9-BB5A-40B927B39C1D}\542796362E08993702960586F6E656 : DHCPNameServer = 198.142.0.51 61.88.88.88TCP: Interfaces\{B1A59E09-7A66-4BE9-BB5A-40B927B39C1D}\55355425D20534F5E4564777F627B6 : DHCPNameServer = 192.168.0.1Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - c:\users\eric\appdata\roaming\mozilla\firefox\profiles\08n68c7l.default\FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=3&q={searchTerms}FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.au/FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3196716&SearchSource=2&q=FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dllFF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dllFF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\program files\microsoft silverlight\4.0.50401.0\npctrlui.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dllFF - plugin: c:\windows\system32\npDeployJava1.dllFF - plugin: c:\windows\system32\npmproxy.dllFF - ExtSQL: 2012-10-31 23:23; avg@toolbar; c:\programdata\avg secure search\firefoxext\13.2.0.5.---- FIREFOX POLICIES ----FF - user.js: network.cookie.cookieBehavior - 0FF - user.js: privacy.clearOnShutdown.cookies - falseFF - user.js: security.warn_viewing_mixed - falseFF - user.js: security.warn_viewing_mixed.show_once - falseFF - user.js: security.warn_submit_insecure - falseFF - user.js: security.warn_submit_insecure.show_once - false.============= SERVICES / DRIVERS ===============.R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-31 26984]R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2010-1-29 185712]R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-11 46448]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-5 399432]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-5 676936]R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2010-10-20 3791872]R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2011-7-4 2656280]R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-10-31 711112]R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\drivers\btfilter.sys [2011-7-4 33640]R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2011-7-4 7680]R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2011-2-10 68720]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-5 22856]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-12-6 40776]R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2011-7-4 41088]R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2011-7-4 33616]R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2011-7-4 54136]R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2010-12-9 112032]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-10-8 49664]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-9-12 1512448]S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-8-2 18432]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2011-7-4 190464]S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-21 52224]S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 27264].=============== Created Last 30 ================.2012-12-06 01:41:05 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2012-12-05 11:27:32 -------- d-----w- c:\users\eric\appdata\roaming\Yhhy2012-12-05 11:27:32 -------- d-----w- c:\users\eric\appdata\roaming\Ufoh2012-12-05 11:27:32 -------- d-----w- c:\users\eric\appdata\roaming\Ubud2012-12-05 07:52:11 -------- d-----w- c:\users\eric\appdata\roaming\Malwarebytes2012-12-05 07:52:06 -------- d-----w- c:\programdata\Malwarebytes2012-12-05 07:52:05 22856 ----a-w- c:\windows\system32\drivers\mbam.sys2012-12-05 07:52:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-12-05 07:22:17 -------- d-----w- c:\program files\GridinSoft Trojan Killer2012-12-05 06:26:56 -------- d-----w- c:\users\eric\appdata\roaming\Ywqea2012-12-05 06:26:56 -------- d-----w- c:\users\eric\appdata\roaming\Yryq2012-12-05 06:26:56 -------- d-----w- c:\users\eric\appdata\roaming\Cywiob2012-12-05 01:47:45 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys2012-12-05 01:47:28 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E12012-12-05 01:47:28 -------- d-----w- c:\program files\iPod2012-12-05 00:01:04 -------- d-----w- c:\users\eric\appdata\roaming\Weep2012-12-05 00:01:04 -------- d-----w- c:\users\eric\appdata\roaming\Ukogsy2012-12-05 00:01:04 -------- d-----w- c:\users\eric\appdata\roaming\Kegovy2012-12-04 03:12:38 -------- d-----w- c:\users\eric\appdata\roaming\Yviv2012-12-04 03:12:38 -------- d-----w- c:\users\eric\appdata\roaming\Umzow2012-12-04 03:12:38 -------- d-----w- c:\users\eric\appdata\roaming\Pyxa2012-12-02 13:38:14 -------- d-----w- c:\users\eric\appdata\roaming\Yxum2012-12-02 13:38:14 -------- d-----w- c:\users\eric\appdata\roaming\Cuuz2012-12-02 13:38:14 -------- d-----w- c:\users\eric\appdata\roaming\Atfu2012-12-02 00:04:16 -------- d-----w- c:\users\eric\appdata\roaming\Zucyyb2012-12-02 00:04:16 -------- d-----w- c:\users\eric\appdata\roaming\Uqdion2012-12-02 00:04:16 -------- d-----w- c:\users\eric\appdata\roaming\Qyuz2012-12-01 10:46:00 -------- d-----w- c:\users\eric\appdata\roaming\Paik2012-12-01 10:46:00 -------- d-----w- c:\users\eric\appdata\roaming\Olyh2012-12-01 10:46:00 -------- d-----w- c:\users\eric\appdata\roaming\Etvaic2012-11-30 16:18:15 -------- d-----w- c:\users\eric\appdata\roaming\Owxu2012-11-30 16:18:15 -------- d-----w- c:\users\eric\appdata\roaming\Okti2012-11-30 16:18:15 -------- d-----w- c:\users\eric\appdata\roaming\Cyory2012-11-30 09:00:37 -------- d-----w- c:\users\eric\appdata\roaming\Myqi2012-11-30 09:00:37 -------- d-----w- c:\users\eric\appdata\roaming\Foeqwi2012-11-30 09:00:37 -------- d-----w- c:\users\eric\appdata\roaming\Bidyr2012-11-30 01:00:18 -------- d-----w- c:\users\eric\appdata\roaming\Teeku2012-11-30 01:00:18 -------- d-----w- c:\users\eric\appdata\roaming\Noal2012-11-30 01:00:18 -------- d-----w- c:\users\eric\appdata\roaming\Gidus2012-11-29 09:07:48 -------- d-----w- c:\users\eric\appdata\roaming\Rovopu2012-11-29 09:07:48 -------- d-----w- c:\users\eric\appdata\roaming\Oqad2012-11-29 09:07:48 -------- d-----w- c:\users\eric\appdata\roaming\Giumti2012-11-27 23:08:02 -------- d-----w- c:\users\eric\appdata\roaming\Waegf2012-11-27 23:08:02 -------- d-----w- c:\users\eric\appdata\roaming\Otwoe2012-11-27 23:08:02 -------- d-----w- c:\users\eric\appdata\roaming\Adegvu2012-11-27 12:15:02 -------- d-----w- c:\users\eric\appdata\roaming\Uffi2012-11-27 12:15:02 -------- d-----w- c:\users\eric\appdata\roaming\Diyr2012-11-27 12:15:02 -------- d-----w- c:\users\eric\appdata\roaming\Afsuv2012-11-27 01:33:00 -------- d-sh--w- c:\windows\system32\%APPDATA%2012-11-27 01:11:08 -------- d-----w- c:\users\eric\appdata\roaming\Uqiri2012-11-27 01:11:08 -------- d-----w- c:\users\eric\appdata\roaming\Upziyb2012-11-27 01:11:08 -------- d-----w- c:\users\eric\appdata\roaming\Acriga2012-11-21 14:05:36 -------- d-----w- c:\users\eric\appdata\local\Reimage2012-11-10 03:36:35 -------- d-----w- c:\users\eric\appdata\roaming\WindSolutions2012-11-10 03:36:35 -------- d-----w- c:\programdata\WindSolutions.==================== Find3M ====================.2012-10-31 12:23:19 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys2012-10-11 05:10:13 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-10-11 05:10:13 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-09-27 23:32:56 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll2012-09-27 23:32:56 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys2012-09-13 07:50:28 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2012-09-13 07:50:27 821736 ----a-w- c:\windows\system32\npDeployJava1.dll2012-09-13 07:50:27 746984 ----a-w- c:\windows\system32\deployJava1.dll2012-09-12 05:07:44 58368 ----a-w- c:\windows\system32\sirenacm.dll2012-09-12 04:58:44 49664 ----a-w- c:\windows\system32\drivers\fssfltr.sys2012-09-12 04:57:44 322048 ----a-w- c:\windows\WLXPGSS.SCR.============= FINISH: 13:44:25.42 =============== Link to post Share on other sites More sharing options...
Easy29 Posted December 6, 2012 Author ID:620467 Share Posted December 6, 2012 .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 12/10/2011 7:20:33 PMSystem Uptime: 6/12/2012 12:33:33 PM (1 hours ago).Motherboard: TOSHIBA | | Portable PCProcessor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU | 782/1333mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 585 GiB total, 417.584 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP112: 22/10/2012 3:36:06 PM - Scheduled CheckpointRP113: 31/10/2012 11:10:08 PM - Scheduled CheckpointRP114: 31/10/2012 11:17:39 PM - Removed WinZip 16.5RP115: 31/10/2012 11:22:09 PM - Installed WinZip 17.0RP116: 8/11/2012 5:34:25 PM - Scheduled CheckpointRP118: 18/11/2012 10:06:05 PM - Windows Defender CheckpointRP119: 22/11/2012 1:11:17 PM - Installed VirtualDJ PRO Full.==== Installed Programs ======================.4Videosoft MKV Video ConverterAdobe AIRAdobe Community HelpAdobe Flash Player 11 PluginAdobe Media PlayerAdobe Photoshop CS5Adobe Reader 9.3.4Adobe Shockwave Player 11.6Apple Application SupportApple Mobile Device SupportApple Software UpdateASIO4ALLAtheros Bluetooth Filter Driver PackageAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverAtheros Driver Installation ProgramµTorrentAVG Security ToolbarBejeweled 2 DeluxeBluetooth Stack for Windows by ToshibaBonjourBuild-a-lot 2Chuzzle DeluxeConexant HD AudioCopyTrans Suite Remove OnlyD3DX10Dorgem 2.1.0Dream Video Converter Ultimate 4.3.8FATEffdshow v1.1.3562 [2010-09-07]FL Studio 10FLV PlayerGoogle ChromeGoogle Earth Plug-inGoogle Update HelperIL Download ManagerIntel® Management Engine ComponentsIntel® Rapid Storage TechnologyiTunesJava 7 Update 7Java Auto UpdaterJava 6 Update 31Jewel Quest - HeritageJunk Mail filter updateMalwarebytes Anti-Malware version 1.65.1.1000Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Office Excel MUI (English) 2007Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Standard 2007Microsoft Office Word MUI (English) 2007Microsoft Primary Interoperability Assemblies 2005Microsoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319Microsoft_VC80_ATL_x86Microsoft_VC80_CRT_x86Microsoft_VC80_MFC_x86Microsoft_VC80_MFCLOC_x86Microsoft_VC90_ATL_x86Microsoft_VC90_CRT_x86Microsoft_VC90_MFC_x86Movie MakerMozilla Firefox 16.0.2 (x86 en-GB)Mozilla Maintenance ServiceMSVCRTMSVCRT110Native Instruments Audio 8 DJNative Instruments Controller EditorNative Instruments Service CenterNative Instruments TraktorNVIDIA Control Panel 267.44NVIDIA Graphics Driver 267.44NVIDIA HD Audio Driver 1.2.18.0NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.10.0514PDF Settings CS5Photo CommonPhoto GalleryPlants vs. ZombiesPlayReady PC Runtime x86Polar BowlerRealtek USB 2.0 Card ReaderRollerCoaster Tycoon 3 PlatinumSkype™ 5.5StarCraftStarcraft Brood War (RAZOR 1911)swMSMSynaptics Pointing Device DriverTOSHIBA AssistTOSHIBA Bulletin BoardTOSHIBA ConfigFreeTOSHIBA Disc CreatorTOSHIBA Face RecognitionTOSHIBA Hardware SetupTOSHIBA HDD/SSD AlertTOSHIBA Media ControllerTOSHIBA Media Controller Plug-inTOSHIBA Recovery Media CreatorTOSHIBA ReelTimeTOSHIBA Resolution+ Plug-in for Windows Media PlayerTOSHIBA Service StationTOSHIBA Speech System ApplicationsTOSHIBA Speech System SR Engine(U.S.) Version1.0TOSHIBA Speech System TTS Engine(U.S.) Version1.0TOSHIBA Supervisor PasswordTOSHIBA Value Added PackageTOSHIBA Web Camera ApplicationTOSHIBA Wireless LAN IndicatoruTorrentBar ToolbarVC80CRTRedist - 8.0.50727.6195Virtual Villagers 4 - The Tree of LifeVirtualDJ PRO FullVLC media player 1.1.11Wheel of Fortune 2WildTangent GamesWildTangent ORB Game ConsoleWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinZip 17.0Zuma's Revenge.==== Event Viewer Messages From Past Week ========.6/12/2012 12:34:13 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-21470248916/12/2012 12:34:13 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-21470248916/12/2012 12:33:50 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.6/12/2012 12:33:48 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.6/12/2012 12:33:48 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.6/12/2012 11:17:10 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.6/12/2012 11:17:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}6/12/2012 11:17:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}6/12/2012 11:17:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}6/12/2012 11:17:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}6/12/2012 11:17:08 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}6/12/2012 11:17:02 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}6/12/2012 11:16:54 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.6/12/2012 11:16:48 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.5/12/2012 12:47:04 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.5/12/2012 12:46:04 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.5/12/2012 12:45:48 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service..==== End Of File =========================== Link to post Share on other sites More sharing options...
Easy29 Posted December 6, 2012 Author ID:620470 Share Posted December 6, 2012 Just a note, when i download and run RogueKiller my laptop crashes with a blue screen Link to post Share on other sites More sharing options...
Easy29 Posted December 6, 2012 Author ID:620472 Share Posted December 6, 2012 I attatched the reportdebug.log Link to post Share on other sites More sharing options...
MrCharlie Posted December 6, 2012 ID:620477 Share Posted December 6, 2012 Please try RogueKiller in safe mode. MrC Link to post Share on other sites More sharing options...
Easy29 Posted December 6, 2012 Author ID:620479 Share Posted December 6, 2012 here we go, thanks mr cRKreport1_S_12062012_02d1410.txt Link to post Share on other sites More sharing options...
MrCharlie Posted December 6, 2012 ID:620481 Share Posted December 6, 2012 Before we proceed further, please uninstall or disable uTorrent and any other peer-to-peer filesharing app.Continued use of filesharing or ill-advised downloads will surely re-infect your system.Risks of File-Sharing Technology.P2P file sharing: Know the risksIt's also against the forums policy concerning P2P programs:http://forums.malwar...showtopic=97700~~~~~~~~~~~~~~~~~~~~~~~~~~You're badly infected!!!Here you go......Please read the following information first.You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.BACKDOOR WARNING------------------------------One or more of the identified infections is known to use a backdoor.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?http://www.dslreports.com/faq/10451When Should I Format, How Should I Reinstallhttp://www.dslreports.com/faq/10063I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards.Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.~~~~~~~~~~~~~~~~~~~Run RogueKiller again and click ScanWhen the scan completes > click on the Registry tabPut a check next to all of these and uncheck the rest: (if found)[RUN][NOTFOUND] HKCU\[...]\Run : Reimage (RUNDLL32.EXE C:\Users\Eric\AppData\Local\Reimage\bvgnlvoi.dll,vlc_entry__1_0_0e) -> FOUND[RUN][NOTFOUND] HKUS\S-1-5-21-3390684805-3501667938-2072976212-1001[...]\Run : Reimage (RUNDLL32.EXE C:\Users\Eric\AppData\Local\Reimage\bvgnlvoi.dll,vlc_entry__1_0_0e) -> FOUNDNow click Delete on the right hand column under Options~~~~~~~~~~~~~Next....Next click on the Files tab and put a check next to these and uncheck the rest. (if found)[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-18\$850f12792d6326bdffc74436330d287d\@ --> FOUND[ZeroAccess][FILE] @ : C:\$recycle.bin\S-1-5-21-3390684805-3501667938-2072976212-1001\$850f12792d6326bdffc74436330d287d\@ --> FOUND[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-18\$850f12792d6326bdffc74436330d287d\U --> FOUND[ZeroAccess][FOLDER] U : C:\$recycle.bin\S-1-5-21-3390684805-3501667938-2072976212-1001\$850f12792d6326bdffc74436330d287d\U --> FOUND[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-18\$850f12792d6326bdffc74436330d287d\L --> FOUND[ZeroAccess][FOLDER] L : C:\$recycle.bin\S-1-5-21-3390684805-3501667938-2072976212-1001\$850f12792d6326bdffc74436330d287d\L --> FOUNDNow click Delete on the right hand column under Options~~~~~~~~~~~~~~~Next.............Please create a new system restore point before running Malwarebytes Anti-Rootkit.MBAR tutorialDownload Malwarebytes Anti-Rootkit from HEREUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txtTo attach a log if needed:Bottom right corner of this page.New window that comes up.MrC (be back in the am) Link to post Share on other sites More sharing options...
Easy29 Posted December 6, 2012 Author ID:620500 Share Posted December 6, 2012 Thanks for your help, did everything, how did it go?will definately format asap.system-log.txtmbar-log-2012-12-06 (15-21-34).txt Link to post Share on other sites More sharing options...
MrCharlie Posted December 6, 2012 ID:620547 Share Posted December 6, 2012 Next..............Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Information on disabling your malware programs can be found Here.Make sure you run ComboFix from your desktop. Give it at least 30-45 minutes to finish if needed.Please include the C:\ComboFix.txt in your next reply for further review.---------->NOTE<----------If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.MrC Link to post Share on other sites More sharing options...
MrCharlie Posted December 8, 2012 ID:621099 Share Posted December 8, 2012 How are we doing??Do you still need help or can I close this post??MrC Link to post Share on other sites More sharing options...
LDTate Posted December 10, 2012 ID:621865 Share Posted December 10, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Easy29 Posted December 16, 2012 Author ID:623828 Share Posted December 16, 2012 hi mr c thanks for your help, here is my combo fix report.ComboFix.txt Link to post Share on other sites More sharing options...
MrCharlie Posted December 16, 2012 ID:623878 Share Posted December 16, 2012 Using ComboFix......1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the quotebox below into it:4. If ComboFix wants to update.....please allow it to.Folder::c:\users\Eric\AppData\Roaming\Ufohc:\users\Eric\AppData\Roaming\Ywqeac:\users\Eric\AppData\Roaming\Kegovyc:\users\Eric\AppData\Roaming\Pyxac:\users\Eric\AppData\Roaming\Cuuzc:\users\Eric\AppData\Roaming\Yxumc:\users\Eric\AppData\Roaming\Qyuzc:\users\Eric\AppData\Roaming\Zucyybc:\users\Eric\AppData\Roaming\Olyhc:\users\Eric\AppData\Roaming\Paikc:\users\Eric\AppData\Roaming\Oktic:\users\Eric\AppData\Roaming\Cyoryc:\users\Eric\AppData\Roaming\Myqic:\users\Eric\AppData\Roaming\Bidyrc:\users\Eric\AppData\Roaming\Teekuc:\users\Eric\AppData\Roaming\Noalc:\users\Eric\AppData\Roaming\Giumtic:\users\Eric\AppData\Roaming\Oqadc:\users\Eric\AppData\Roaming\Adegvuc:\users\Eric\AppData\Roaming\Otwoec:\users\Eric\AppData\Roaming\Diyrc:\users\Eric\AppData\Roaming\Afsuvc:\users\Eric\AppData\Roaming\Uqiric:\users\Eric\AppData\Roaming\Acrigac:\users\Eric\AppData\Roaming\UpziybClearJavaCache::Save this as CFScript.txt, in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeCAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.After reboot, (in case it asks to reboot)......Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.MrC Link to post Share on other sites More sharing options...
Easy29 Posted December 17, 2012 Author ID:624163 Share Posted December 17, 2012 thanks will get back to you asap Link to post Share on other sites More sharing options...
Easy29 Posted December 18, 2012 Author ID:624417 Share Posted December 18, 2012 here we go Link to post Share on other sites More sharing options...
Easy29 Posted December 18, 2012 Author ID:624418 Share Posted December 18, 2012 sorry didnt post, hereloglatest.txt Link to post Share on other sites More sharing options...
MrCharlie Posted December 18, 2012 ID:624536 Share Posted December 18, 2012 Please download AdwCleaner from here and save it on your Desktop. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.Now click on the Search tab.Please post the contents of the log-file created in your next post.Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.MrC Link to post Share on other sites More sharing options...
Maurice Naggar Posted December 22, 2012 ID:625942 Share Posted December 22, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts