Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware detection [Solved]


  • This topic is locked This topic is locked

#1
king011

king011

    Member

  • Member
  • PipPip
  • 58 posts
Hello,

MSE randomly detected Exploit:Java/Blacole.CS and teh items were:
Items:
containerfile:C:\Users\Hussains\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\21f22781-746204b5
file:C:\Users\Hussains\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\21f22781-746204b5->photo/Mover.class
file:C:\Users\Hussains\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\21f22781-746204b5->photo/TContainer.class
file:C:\Users\Hussains\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\21f22781-746204b5->photo/Zoom.class

I did immediately remove the malware upon detection but I am not sure if my computer is malware free, so couid yo help me to make sure my computer does not have any malware on it ?

I couldn't post the outcome of OTL because every time OTL gets to "Google Chrome settings" it freezes and forces me to close it down and I have waited for OTL to continue but it keeps freezing.

Many Thanks
  • 0

Advertisements


#2
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

sorry for the late reply. Do you still need help?

If so please try running DDS instead of OTL:
Please run a scan with DDS:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
    DDS.scr
    DDS.pif
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.


Information on A/V control HERE
  • 0

#3
king011

king011

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Hello myrti,

Yep still require your help and its kool about the delay -no worries.
There were 2 log files so I've posted them both.
Thanks

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Hussains at 1:35:42 on 2012-01-04
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2045.1329 [GMT 0:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\AERTSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskmgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4070823
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
uRun: [FileHippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [NMSSupport] "c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe" /startup
mRun: [CCUTRAYICON] FactoryMode
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\hussains\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\hussains\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{C9C6B6EF-F0B8-4D7C-8325-36A8868F34D3} : DhcpNameServer = 192.168.2.1
AppInit_DLLs: c:\windows\system32\guard32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-12-14 56208]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R1 MpKsl7610089a;MpKsl7610089a;c:\programdata\microsoft\microsoft antimalware\definition updates\{8b673390-458f-4dae-b5cb-e9c8abc62dbd}\MpKsl7610089a.sys [2012-1-3 29904]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\34302\RapportCerberus32_34302.sys [2011-12-15 228208]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-12-14 71440]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-12-14 164112]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2011-8-22 21504]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2011-12-14 931640]
R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2007-8-23 5504]
R3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\RapportIaso.sys [2011-12-14 21520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2007-4-6 36312]
S3 DHTRACE;Intel® DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-4-6 39896]
S3 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896]
S3 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2007-4-6 158168]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 NMSCore;Intel® NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-4-6 313816]
S3 QualityManager;Intel® Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-4-6 272856]
S3 uti5mzy3;AVZ Kernel Driver;c:\windows\system32\drivers\uti5mzy3.sys [2011-10-27 7168]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-01-03 19:50:04 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8b673390-458f-4dae-b5cb-e9c8abc62dbd}\MpKsl7610089a.sys
2012-01-03 19:50:02 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8b673390-458f-4dae-b5cb-e9c8abc62dbd}\offreg.dll
2012-01-03 16:56:23 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{8b673390-458f-4dae-b5cb-e9c8abc62dbd}\mpengine.dll
2012-01-01 19:36:26 -------- d-----w- c:\program files\iPod
2012-01-01 19:36:19 -------- d-----w- c:\program files\iTunes
2011-12-14 23:09:11 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 23:08:08 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 23:08:07 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-14 23:08:03 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 23:08:02 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 23:07:59 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 23:06:00 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-12-14 12:23:32 56208 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2011-12-05 22:49:18 -------- d-----w- c:\users\hussains\appdata\local\uTorrent
2011-12-05 17:43:45 784144 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
.
==================== Find3M ====================
.
2011-11-21 18:13:26 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 13:28:50 7168 ----a-w- c:\windows\system32\drivers\uti5mzy3.sys
2011-10-22 14:28:05 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-07 17:47:11 33984 ----a-w- c:\windows\system32\cmdcsr.dll
.
============= FINISH: 1:36:33.24 ===============






.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 23/08/2007 16:35:55
System Uptime: 03/01/2012 19:49:45 (6 hours ago)
.
Motherboard: Dell Inc. | | 0RY007
Processor: Intel® Core™2 CPU 4400 @ 2.00GHz | Socket 775 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 154.805 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 6.276 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP280: 22/12/2011 22:42:31 - Windows Update
RP281: 23/12/2011 10:01:10 - Windows Update
RP282: 23/12/2011 14:04:42 - Windows Update
RP283: 24/12/2011 08:20:45 - Windows Update
RP284: 24/12/2011 13:46:14 - Windows Update
RP285: 25/12/2011 12:30:01 - Windows Update
RP286: 25/12/2011 20:56:25 - Windows Update
RP287: 26/12/2011 11:09:18 - Windows Update
RP288: 26/12/2011 22:30:25 - Windows Update
RP289: 27/12/2011 12:33:09 - Windows Update
RP290: 27/12/2011 14:37:19 - Windows Update
RP291: 27/12/2011 21:55:40 - Windows Update
RP292: 28/12/2011 13:52:19 - Windows Update
RP293: 29/12/2011 14:30:25 - Windows Update
RP294: 29/12/2011 19:12:15 - Windows Update
RP295: 30/12/2011 14:18:53 - Windows Update
RP296: 31/12/2011 00:36:46 - Windows Update
RP297: 01/01/2012 15:29:25 - Windows Update
RP298: 02/01/2012 16:39:43 - Windows Update
RP299: 03/01/2012 16:55:59 - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.1)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
BlackBerry App World Browser Plugin
BlackBerry Desktop Software 6.1
BlackBerry Device Software Updater
Bonjour
CCleaner
Defraggler
Dell Support Center
Dell System Customization Wizard
DellSupport
Driving Test Success - The Complete Theory Test (2010-2011) (Update 2)
EPSON Scan
FileHippo.com Update Checker
Free YouTube Download version 3.0.13.815
Free YouTube to MP3 Converter version 3.10.8.815
Google Chrome
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® PRO Network Connections 12.1.11.0
Intel® Viiv™ Software
iTunes
Java Auto Updater
Java™ 6 Update 26
Java™ 7 Update 1
Java™ SE Runtime Environment 6
Macromedia Fireworks 8
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Antimalware
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access 2007
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA Display Control Panel
NVIDIA Drivers
PVSonyDll
QuickTime
Rapport
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Safari
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Sonic Activation Module
Speccy
SpywareBlaster 4.5
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VLC media player 1.1.11
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
31/12/2011 20:20:36, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
31/12/2011 16:36:51, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
31/12/2011 00:12:57, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
30/12/2011 22:20:19, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
30/12/2011 14:06:06, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
30/12/2011 12:12:12, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
30/12/2011 12:12:12, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
30/12/2011 12:12:12, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
30/12/2011 12:12:12, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
30/12/2011 12:10:58, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
29/12/2011 14:20:08, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
28/12/2011 20:17:18, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
28/12/2011 17:35:47, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
28/12/2011 13:49:15, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
03/01/2012 19:50:29, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
03/01/2012 16:47:07, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
02/01/2012 16:29:43, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
01/01/2012 15:19:19, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
.
==== End Of File ===========================
  • 0

#4
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

sorry about that I must have missed you reply.

Please run a scan with gmer next:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.
  • 0

#5
king011

king011

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-09 21:27:44
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-1 ST3250820AS rev.3.ADG
Running: cvgyr3pq.exe; Driver: C:\Users\Hussains\AppData\Local\Temp\uxddykoc.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwAssignProcessToJobObject [0x8E247080]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwCreateFile [0x8E247BDE]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteFile [0x8E247DD6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteKey [0x8E24B5AC]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwDeleteValueKey [0x8E24B5DE]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwLoadKey [0x8E24B740]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenFile [0x8E247CF6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenProcess [0x8E2471F6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwOpenThread [0x8E2473EA]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwProtectVirtualMemory [0x8E24751C]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwQueryValueKey [0x8E24B6B6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRenameKey [0x8E24B620]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwReplaceKey [0x8E24B652]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwRestoreKey [0x8E24B684]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetContextThread [0x8E247026]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetInformationFile [0x8E247E7C]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSetValueKey [0x8E24B544]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwSuspendThread [0x8E246FC0]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwTerminateProcess [0x8E246EE8]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys ZwTerminateThread [0x8E246F30]
SSDT \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys ZwCreateThreadEx [0x8DE76640]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 191 82AE0914 4 Bytes [80, 70, 24, 8E] {XOR BYTE [EAX+0x24], 0x8e}
.text ntkrnlpa.exe!KeSetEvent + 1D9 82AE095C 4 Bytes [DE, 7B, 24, 8E]
.text ntkrnlpa.exe!KeSetEvent + 2D1 82AE0A54 8 Bytes [D6, 7D, 24, 8E, AC, B5, 24, ...]
.text ntkrnlpa.exe!KeSetEvent + 2E1 82AE0A64 4 Bytes [DE, B5, 24, 8E]
.text ntkrnlpa.exe!KeSetEvent + 381 82AE0B04 4 Bytes [40, B7, 24, 8E]
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[560] ntdll.dll!KiUserApcDispatcher 77445B48 5 Bytes JMP 004448B0 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (RapportService/Trusteer Ltd.)
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[560] kernel32.dll!LoadLibraryExW + 173 75CD93EF 4 Bytes JMP 71AC000A
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[560] USER32.dll!InSendMessageEx + 3B1 75C1E6B0 6 Bytes JMP 71AE001E
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[560] WS2_32.dll!getaddrinfo 75B5418A 5 Bytes JMP 71A20022
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[560] WS2_32.dll!gethostbyname 75B662D4 5 Bytes JMP 71A60022
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1148] ntdll.dll!KiUserApcDispatcher 77445B48 5 Bytes JMP 00414DA0 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.)
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1148] kernel32.dll!LoadLibraryExW + 173 75CD93EF 4 Bytes JMP 71AA000A
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1148] WS2_32.dll!getaddrinfo 75B5418A 5 Bytes JMP 71A40022
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1148] WS2_32.dll!gethostbyname 75B662D4 5 Bytes JMP 71AD0022

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [742F7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7434A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [742FBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [742EF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [742F75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [742EE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74328395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [742FDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [742EFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [742EFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [742E71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7437CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [7431C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [742ED968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [742E6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [742E687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1904] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [742F2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
  • 0

#6
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

the logs are looking clean. Have you had any more detections? Please run another scan with Malwarebytes and let me know what it finds.

regards myrti
  • 0

#7
king011

king011

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Hello Myrti,

Sorry for such a reply.

I did the scan and nothing was found, however recently MSE detected "VirTool:JS/Obfuscator.BK" twice and both times I did remove the malware, but could you help me to make sure my computer is malware free.

Thanks
King011

Edited by king011, 18 January 2012 - 04:07 AM.

  • 0

#8
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

to be able to judge the detectoin, I would need to know where those files are detected. JS is javascript, this is something you only find in websites. So the detection was either done on a website you were visiting (eg if one of the pages you visit frequently got infected or a malicious ad poped up) so this means that anything was likely blocked before it got onto your PC.

To know ofr sure though I'd need to know where this infection was found.

regards myrti
  • 0

#9
king011

king011

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Hello Myrti,

Thanks for your reply.

Yep detections were made when I was on this download site and the detections were referred to as:

file:C:\Users\Hussains\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000345->(SCRIPT0000)

containerfile:C:\Users\Hussains\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000848
file:C:\Users\Hussains\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00083b->(SCRIPT0000)
file:C:\Users\Hussains\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000848->(SCRIPT0000)

After removing with MSE I did run CCleaner as I do usually. ( just to let you know)

Look forward to your reply.

Thanks
King011
  • 0

#10
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

yes that would be something to do with that site then most likely. So not part of any infection on your PC.

We have run extensive scans on your computer without any sign of malware so far. Do you ahve a reason to believe you are currently infected?
reagrds myrti
  • 0

#11
king011

king011

    Member

  • Topic Starter
  • Member
  • PipPip
  • 58 posts
Hello,

No other than the detections MSE made I don't there is any other malware on the computer.

Thank you very much for your help, tolerance and prompt response over the duration of making sure the computer is malware free, its greatly appreciated.

Regards
King011
  • 0

#12
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

you're most welcome! :)

since your software seems up to date as well (which is likely a big factor in why you are clean. ;)) all that is left to do is to remove the tools we used:
Read those last few lines, in order to keep your pc safe and clean:
Please do the following to clean up your PC:
  • Delete the tools used during the disinfection:
    • Download OTC from the following mirrors and save it to your desktop:
    • Double click on Posted Image
    • Push the large "Cleanup" button.
    • Allow your system to reboot.
  • If OTC faild to remove all programs from your Desktop, please delete the rest manually.
  • Disable and Enable System Restore.
    You can find instructions on how to disable and reenable system restore here:
    Windows ME System Restore Guide
    Windows XP System Restore Guide
    Windows Vista System Restore Guide

    Note: You should only do this once, not on a regular basis!
    You will not be able to restore computer to any earlier than today!

Please read these advices, in order to prevent reinfecting your PC:

  • Install and update the following programs regularly:
    • an outbound firewall
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    • an Anti-Spyware program
      Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
      SUPERAntiSpyware is another good scanner with high detection and removal rates.
      Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    • Spyware Blaster
      A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
    • MVPs hosts file
      A tutorial for MVPs hosts file can be found here. If you would like automatic updates you might want to take a look at HostMan host file manager. For more information on thehosts file, and what it can do for you,please consult the Tutorial on the Hosts file
  • Keep Windows (and your other Microsoft software) up to date!
    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holeswill allow an attacker unrestricted access to your computer.
    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  • Keep your other software up to date as well
    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.
  • Stay up to date!
    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variantsevery single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing :(.
Some more links you might find of interest:
Have a nice day
myrti
  • 0

#13
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP