Possible hacker? Changing password?

F

Fabbyfubz

New Member
My hotmail, World of Warcraft and facebook password has been changing (I think) I feel like I might be overreacting to something or being overly paranoid. I've reset my hotmail account password and changed all the other passwords, but a while afterward they change to something else. I've changed my main e-mail account for everything else.



This is my Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:19:07 AM, on 8/18/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Xfire\xfire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Xfire\xfire.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/Mothership...%&ai=636E3D34373034363726706F3D35393131343541
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/Mothership...%&ai=636E3D34373034363726706F3D35393131343541
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/mothership
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3315633919-63310495-4065009751-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'fletcher2')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6253 bytes








EDIT: I ran a virus scan with avast! and found this
c:\\windows\system32\OEM\OSCust.exe
Avast! said it was a trojan and I removed it. I googled it OSCust.exe, but didn't find much info...

If I changed my passwords before removing it, should I change it once more? Am I now safe?
 
Last edited:
Hello,

Download and Run ComboFix
If you already have Combofix, please delete this copy and download it again as it's being updated regularly.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

In your reply:
  • Post the combo fix log
  • Post a Fresh Hijackthis log

Thankyou
 
ComboFix 08-08-17.03 - Fletcher 2008-08-18 2:27:44.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1603 [GMT -5:00]
Running from: C:\Users\Fletcher\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Fletcher\AppData\Roaming\macromedia\Flash Player\#SharedObjects\ZPA9TYPV\interclick.com
C:\Users\Fletcher\AppData\Roaming\macromedia\Flash Player\#SharedObjects\ZPA9TYPV\interclick.com\ud.sol
C:\Users\Fletcher\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Users\Fletcher\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Windows\AWACT.dll

.
((((((((((((((((((((((((( Files Created from 2008-07-18 to 2008-08-18 )))))))))))))))))))))))))))))))
.

2008-08-18 02:12 . 2008-08-18 02:12 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-08-18 02:11 . 2008-08-18 02:14 <DIR> d-------- C:\Windows\System32\drivers\Avg
2008-08-18 02:11 . 2008-08-18 02:11 <DIR> d-------- C:\Users\All Users\avg8
2008-08-18 02:11 . 2008-08-18 02:11 <DIR> d-------- C:\ProgramData\avg8
2008-08-18 02:11 . 2008-08-18 02:11 <DIR> d-------- C:\Program Files\AVG
2008-08-18 02:11 . 2008-08-18 02:11 96,520 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-08-18 02:11 . 2008-08-18 02:11 69,128 --a------ C:\Windows\System32\drivers\avgwfpx.sys
2008-08-18 00:18 . 2008-08-18 00:18 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-17 23:48 . 2008-08-17 23:48 <DIR> d-------- C:\Program Files\Alwil Software
2008-08-17 23:48 . 2003-03-18 16:20 1,060,864 --a------ C:\Windows\System32\MFC71.dll
2008-08-17 23:48 . 2008-07-19 09:36 51,280 --a------ C:\Windows\System32\drivers\aswMonFlt.sys
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Videos
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Searches
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Saved Games
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Pictures
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Music
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Links
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Downloads
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Documents
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> dr------- C:\Users\fletcher2\Contacts
2008-08-17 23:39 . 2006-11-02 07:37 <DIR> d-------- C:\Users\fletcher2\AppData\Roaming\Media Center Programs
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> d--h----- C:\Users\fletcher2\AppData
2008-08-17 23:39 . 2008-08-17 23:39 <DIR> d-------- C:\Users\fletcher2
2008-08-17 23:17 . 2008-08-17 23:17 <DIR> d-------- C:\Users\Fletcher\AppData\Roaming\Ahead
2008-08-17 22:36 . 2008-08-17 22:37 <DIR> d-------- C:\Users\All Users\Lavasoft
2008-08-17 22:36 . 2008-08-17 22:37 <DIR> d-------- C:\ProgramData\Lavasoft
2008-08-17 22:36 . 2008-08-17 22:36 <DIR> d-------- C:\Program Files\Lavasoft
2008-08-17 03:04 . 2008-07-15 20:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-17 01:46 . 2008-08-17 01:46 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-08-17 01:46 . 2008-08-17 01:46 <DIR> d-------- C:\ProgramData\Media Center Programs
2008-08-17 01:46 . 2007-07-19 18:14 3,727,720 --a------ C:\Windows\System32\d3dx9_35.dll
2008-08-17 01:46 . 2007-07-19 18:14 1,358,192 --a------ C:\Windows\System32\D3DCompiler_35.dll
2008-08-17 01:46 . 2007-07-19 18:14 444,776 --a------ C:\Windows\System32\d3dx10_35.dll
2008-08-17 01:44 . 2008-08-17 01:44 <DIR> d-------- C:\Program Files\Electronic Arts
2008-08-17 00:57 . 2008-04-26 03:25 3,600,952 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-08-17 00:57 . 2008-04-26 03:25 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-08-17 00:57 . 2008-04-26 03:26 891,448 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-08-17 00:57 . 2008-04-11 22:32 784,896 --a------ C:\Windows\System32\rpcrt4.dll
2008-08-17 00:57 . 2008-05-09 22:35 564,736 --a------ C:\Windows\System32\emdmgmt.dll
2008-08-17 00:57 . 2008-06-18 22:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-08-17 00:57 . 2008-04-04 20:21 72,192 --a------ C:\Windows\System32\drivers\pacer.sys
2008-08-17 00:57 . 2008-04-04 22:34 15,360 --a------ C:\Windows\System32\pacerprf.dll
2008-08-17 00:55 . 2008-03-07 21:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-08-17 00:55 . 2008-02-28 23:21 2,032,128 --a------ C:\Windows\System32\win32k.sys
2008-08-17 00:55 . 2008-03-07 23:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-08-17 00:55 . 2008-02-21 23:57 295,936 --a------ C:\Windows\System32\gdi32.dll
2008-08-17 00:55 . 2008-05-09 20:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-08-17 00:54 . 2008-04-26 03:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-08-17 00:54 . 2008-04-10 00:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
2008-08-17 00:54 . 2008-05-08 16:59 430,080 --a------ C:\Windows\System32\vbscript.dll
2008-08-17 00:54 . 2008-05-08 16:59 180,224 --a------ C:\Windows\System32\scrobj.dll
2008-08-17 00:54 . 2008-05-08 16:59 172,032 --a------ C:\Windows\System32\scrrun.dll
2008-08-17 00:54 . 2008-05-08 16:59 155,648 --a------ C:\Windows\System32\wscript.exe
2008-08-17 00:54 . 2008-05-08 16:58 135,168 --a------ C:\Windows\System32\wshom.ocx
2008-08-17 00:54 . 2008-05-08 16:58 135,168 --a------ C:\Windows\System32\cscript.exe
2008-08-17 00:54 . 2008-05-08 16:59 90,112 --a------ C:\Windows\System32\wshext.dll
2008-08-16 23:15 . 2008-08-16 23:15 <DIR> d-------- C:\Windows\System32\URTTEMP
2008-08-16 22:57 . 2008-08-16 23:06 <DIR> d-------- C:\Users\Fletcher\AppData\Roaming\uTorrent
2008-08-16 22:57 . 2008-08-16 22:57 <DIR> d-------- C:\Program Files\uTorrent
2008-08-16 17:41 . 2008-08-16 17:41 <DIR> d-------- C:\Program Files\Netdevil
2008-08-16 17:21 . 2005-05-26 15:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2008-08-16 17:20 . 2008-08-17 19:04 136,888 --a------ C:\Windows\System32\drivers\PnkBstrK.sys
2008-08-16 17:20 . 2008-08-16 17:20 22,328 --a------ C:\Users\Fletcher\AppData\Roaming\PnkBstrK.sys
2008-08-16 17:19 . 2008-08-17 19:04 111,928 --a------ C:\Windows\System32\PnkBstrB.exe
2008-08-16 17:19 . 2008-08-16 19:04 66,872 --a------ C:\Windows\System32\PnkBstrA.exe
2008-08-16 17:19 . 2008-08-16 17:19 319 --a------ C:\Windows\game.ini
2008-08-16 17:09 . 2008-08-16 17:09 <DIR> d-------- C:\Program Files\Activision
2008-08-16 17:00 . 2008-08-16 22:39 <DIR> d-------- C:\Users\Fletcher\AppData\Roaming\Xfire
2008-08-16 17:00 . 2008-08-16 17:59 <DIR> d-------- C:\Users\All Users\Xfire
2008-08-16 17:00 . 2008-08-16 17:59 <DIR> d-------- C:\ProgramData\Xfire
2008-08-16 17:00 . 2008-08-16 17:00 <DIR> d-------- C:\Program Files\Xfire
2008-08-16 16:31 . 2008-08-16 16:31 <DIR> d-------- C:\Users\Fletcher\AppData\Roaming\SystemRequirementsLab
2008-08-16 16:31 . 2008-08-16 16:32 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-08-16 16:17 . 2008-08-16 16:17 <DIR> d-------- C:\Windows\System32\AGEIA
2008-08-16 16:17 . 2008-08-17 22:35 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-16 16:17 . 2008-08-16 17:42 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-08-16 15:56 . 2008-08-16 15:56 <DIR> d-------- C:\Users\Fletcher\AppData\Roaming\Apple Computer
2008-08-16 15:56 . 2008-08-16 15:56 <DIR> d-------- C:\Program Files\iTunes
2008-08-16 15:56 . 2008-08-16 15:56 <DIR> d-------- C:\Program Files\iPod
2008-08-16 15:56 . 2008-08-16 15:56 <DIR> d-------- C:\Program Files\Bonjour
2008-08-16 15:55 . 2008-08-16 15:56 <DIR> d-------- C:\Users\All Users\Apple Computer
2008-08-16 15:55 . 2008-08-16 15:56 <DIR> d-------- C:\ProgramData\Apple Computer
2008-08-16 15:55 . 2008-08-16 15:55 <DIR> d-------- C:\Program Files\QuickTime
2008-08-16 15:54 . 2008-08-16 15:54 <DIR> d-------- C:\Program Files\Apple Software Update
2008-08-16 15:53 . 2008-08-16 15:53 <DIR> d-------- C:\Users\All Users\Apple
2008-08-16 15:53 . 2008-08-16 15:53 <DIR> d-------- C:\ProgramData\Apple
2008-08-16 15:53 . 2008-08-16 15:53 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-08-16 15:42 . 2008-08-17 23:01 <DIR> d-------- C:\Program Files\Steam
2008-08-16 15:42 . 2008-08-16 15:44 <DIR> d-------- C:\Program Files\Common Files\Steam
2008-08-16 15:35 . 2008-08-16 15:36 <DIR> d-------- C:\Program Files\Java
2008-08-16 15:34 . 2008-08-16 15:34 <DIR> dr------- C:\Users\Fletcher\Searches
2008-08-16 15:34 . 2008-08-16 15:34 <DIR> dr------- C:\Users\Fletcher\Contacts
2008-08-16 15:34 . 2008-08-16 15:34 <DIR> d-------- C:\Program Files\Common Files\Java
2008-08-16 15:33 . 2008-08-16 15:34 <DIR> dr------- C:\Users\Fletcher\Videos
2008-08-16 15:33 . 2008-08-16 15:34 <DIR> dr------- C:\Users\Fletcher\Saved Games
2008-08-16 15:33 . 2008-08-16 16:29 <DIR> dr------- C:\Users\Fletcher\Pictures
2008-08-16 15:33 . 2008-08-16 15:57 <DIR> dr------- C:\Users\Fletcher\Music
2008-08-16 15:33 . 2008-08-16 20:04 <DIR> dr------- C:\Users\Fletcher\Links
2008-08-16 15:33 . 2008-08-17 22:32 <DIR> dr------- C:\Users\Fletcher\Downloads
2008-08-16 15:33 . 2008-08-17 02:19 <DIR> dr------- C:\Users\Fletcher\Documents
2008-08-16 15:33 . 2006-11-02 07:37 <DIR> d-------- C:\Users\Fletcher\AppData\Roaming\Media Center Programs
2008-08-16 15:33 . 2008-08-16 15:34 <DIR> d--h----- C:\Users\Fletcher\AppData
2008-08-16 15:33 . 2008-08-16 16:18 <DIR> d-------- C:\Users\Fletcher
2008-08-16 15:30 . 2008-08-16 15:30 <DIR> dr------- C:\Windows\System32\config\systemprofile\Contacts
2008-08-16 15:16 . 2008-08-16 20:28 <DIR> d-------- C:\Program Files\World of Warcraft
2008-08-16 15:16 . 2008-08-16 15:28 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-08-16 15:06 . 2008-08-16 15:06 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music
2008-08-16 15:03 . 2008-08-16 15:03 <DIR> d-------- C:\NVIDIA
2008-08-16 15:02 . 2008-08-16 15:02 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-08-12 17:07 . 2008-08-12 17:07 42,320 --a------ C:\Windows\System32\xfcodec.dll
2008-08-08 21:44 . 2003-08-06 15:08 81,676 --a------ C:\Windows\alienware logo_slvr.jpg
2008-08-08 17:24 . 2008-08-08 17:24 <DIR> d--hs---- C:\System.sav
2008-08-08 13:03 . 2008-08-08 13:04 12,976,128 --a------ C:\Windows\ocsetup_install_MSRDC-Infrastructure.etl
2008-08-08 13:03 . 2008-08-08 13:04 196,608 --a------ C:\Windows\ocsetup_cbs_install_MSRDC-Infrastructure.perf
2008-08-08 13:03 . 2008-08-08 13:04 65,536 --a------ C:\Windows\ocsetup_cbs_install_MSRDC-Infrastructure.dpx
2008-08-08 10:20 . 2008-08-08 13:03 <DIR> d-------- C:\3DMark06
2008-08-08 10:19 . 2008-08-08 10:19 <DIR> d-------- C:\Windows\System32\Alienware
2008-08-08 09:53 . 2008-08-16 15:33 <DIR> d-------- C:\Windows\SMINST
2008-08-08 09:53 . 2008-08-16 23:58 <DIR> d-------- C:\Program Files\Alienware
2008-08-08 09:53 . 2003-03-19 03:03 544,768 --a------ C:\Windows\System32\msvcr71d.dll
2008-08-08 09:53 . 2005-10-10 10:03 266,240 --a------ C:\Windows\System32\ShellvRTF64.dll
2008-08-08 09:53 . 2006-11-02 00:50 128,104 --a------ C:\Windows\System32\drivers\WimFltr.sys
2008-08-08 09:53 . 2002-09-20 19:42 122,880 --a------ C:\Windows\System32\ShellvRTF.dll
2008-08-08 09:53 . 2008-08-08 09:53 0 --a------ C:\C_USERPART
2008-08-08 09:52 . 2008-08-08 09:52 <DIR> d-------- C:\Windows\System32\Macromed

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-17 08:05 --------- d-----w C:\Program Files\Windows Mail
2008-08-08 14:42 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-06-27 04:15 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-06-12 05:28 541,696 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelTraditionalChinese.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelSwedish.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelSpanish.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelSimplifiedChinese.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelPortugese.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelKorean.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelJapanese.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelGerman.dll
2008-06-11 14:02 58,648 ----a-w C:\Windows\System32\AgCPanelFrench.dll
2008-06-05 13:58 197,912 ----a-w C:\Windows\System32\physxcudart_20.dll
2008-05-22 20:34 795,104 ----a-w C:\Windows\System32\dpinst.exe
2008-05-22 20:34 5,806,624 ----a-w C:\Windows\System32\nvdispsr.dll
2008-05-22 20:34 465,440 ----a-w C:\Windows\System32\nvmccssr.dll
2008-05-22 20:34 4,155,936 ----a-w C:\Windows\System32\nvvitvsr.dll
2008-05-22 20:34 3,430,944 ----a-w C:\Windows\System32\nvgamesr.dll
2008-05-22 20:34 2,980,384 ----a-w C:\Windows\System32\nvwssr.dll
2008-05-22 20:34 2,861,600 ----a-w C:\Windows\System32\nvmoblsr.dll
2008-03-06 18:15 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 02:33 1233920]
"Steam"="c:\program files\steam\steam.exe" [2008-08-16 15:42 1271032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 01:16 39792]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 14:10 56928]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 21:55 54832]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-06-18 17:46 551456]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-06-18 17:46 13535776]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2008-06-18 17:46 92704]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 09:38 78008]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-18 02:11 1232152]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 14:11 4317184 C:\Windows\RtHDVCpl.exe]

C:\Users\Fletcher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-08-12 17:07:30 3065168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{192A61CF-9658-436E-BA6E-42C7D1D8256F}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{B209063B-C95F-4791-8BA6-AC3F59611274}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{3757BEC6-2D26-40EF-8AB1-BCD46D05997F}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{A7E9CF0B-541E-40B0-9947-1F0AE5ACFE83}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{E7DF163F-55D8-4D56-9CA3-44AF8D275403}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{FB4D773C-3E53-44D5-8826-CB79BC25C373}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{7F6F57B1-CE1F-44F8-9AE5-8ED2C1CA67D5}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{84737C86-0F62-4022-9D64-D2800BDA5E5B}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{5804E20F-164A-47D9-B142-86F9D5DA162D}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{EFFAABB4-4706-4C08-89B6-30862ECD0336}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{AC77054B-6AAA-4FE8-8E48-B63E3A6F5D61}"= UDP:C:\Program Files\World of Warcraft\Launcher.exe:World of Warcraft
"{318FC41C-F0CD-4AF0-8332-E83B7FD358AB}"= TCP:C:\Program Files\World of Warcraft\Launcher.exe:World of Warcraft
"{931175A0-4F3E-4FFD-89BA-7F8A01912A21}"= UDP:C:\Program Files\Steam\Steam.exe:Steam
"{77C2A272-EA2B-4D88-AF42-EBBEB19A4A34}"= TCP:C:\Program Files\Steam\Steam.exe:Steam
"{88009D01-16AF-4149-A4BD-112839EE5FDB}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:Crysis_32_sp_demo
"{B37F28C5-514F-433D-9CC1-661C6FB82D62}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis SP Demo\Bin32\Crysis.exe:Crysis_32_sp_demo
"{8F10B23F-A6B9-426D-96D7-21461F3EA3FF}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{7190BFBE-1207-423B-A71E-6B70E6D08533}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{DE83EEFF-833D-4175-9E15-10D6B49F1B35}"= UDP:C:\Program Files\Steam\steamapps\[email protected]\team fortress 2\hl2.exe:hl2
"{D00371DA-67A4-4DEC-B785-A15B12A12EF3}"= TCP:C:\Program Files\Steam\steamapps\[email protected]\team fortress 2\hl2.exe:hl2
"TCP Query User{8EA4E0A7-D3BB-4E3C-A18C-759C99135374}C:\\program files\\xfire\\xfire.exe"= UDP:C:\program files\xfire\xfire.exe:Xfire
"UDP Query User{1B956606-E8B0-42B9-9B6A-F97BF7717546}C:\\program files\\xfire\\xfire.exe"= TCP:C:\program files\xfire\xfire.exe:Xfire
"{6C384232-E39C-4639-AC3F-4CA8E03DDDA5}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{D43C7062-F392-4EC2-83B0-A5B724DDFFB3}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-08-18 02:11]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-18 02:11]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-18 02:11]
R3 AvgWfpX;AVG Free8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-08-18 02:11]
R3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-16 15:42]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 09:36]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-05-02 10:43]
S4 nvrd32;NVIDIA nForce RAID Driver;C:\Windows\system32\drivers\nvrd32.sys [2008-01-25 19:02]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

*Newly Created Service* - AVGLDX86
*Newly Created Service* - AVGMFX86
*Newly Created Service* - AVGWFPX
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Fletcher\AppData\Roaming\Mozilla\Firefox\Profiles\tdwy6llx.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/ig
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-18 02:29:29
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-18 2:30:29
ComboFix-quarantined-files.txt 2008-08-18 07:30:27

Pre-Run: 155,535,081,472 bytes free
Post-Run: 157,912,387,584 bytes free

259 --- E O F --- 2008-08-17 08:05:26
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:35:19 AM, on 8/18/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Xfire\xfire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Xfire\xfire.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/Mothership...%&ai=636E3D34373034363726706F3D35393131343541
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/mothership
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3315633919-63310495-4065009751-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'fletcher2')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6154 bytes
 
Please do a scan with Kaspersky Online Scanner

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • In the drop down box labeled Files of type change the type to Text file.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Also pls be patient as we are not always on, and there are not always pros on.
 
Also pls be patient as we are not always on, and there are not always pros on.
Click to expand...
Sorry about that.


Monday, August 18, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, August 19, 2008 02:37:55
Records in database: 1108139
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
Scan statistics
Files scanned 75914
Threat name 0
Infected objects 0
Suspicious objects 0
Duration of the scan 00:39:34

No malware has been detected. The scan area is clean.
The selected area was scanned.
 
OK, well that log is clean.

Just wait for a pro to come along and then you will be fine and they can clear anything else up for you.
 
Your logfiles all appear to be clean. Do you use any computers other than this one that may be infected?

Your logs show that you do not have a third party firewall installed, which is an important part of system security, particularly with regards to defending against hackers.

Some good free firewalls are ZoneAlarm, Kerio, or Outpost. All of these will provide a far greater level of protection than the firewall built into Windows.
A tutorial on understanding and using firewalls may be found here.

I suggest you install one of these to help protect you.
 
You must log in or register to reply here.
Back
Top