Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92374 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved]áNeed Help Removing Trojan BackDoor.Generic


  • This topic is locked This topic is locked
8 replies to this topic

#1 maxreturn

maxreturn

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 18 October 2009 - 06:35 AM

Good Morning. I have AVG 8.5 which detected the BackDoor.Generic11.BBDE trojan horse which has infected the file asyncmas.sys file in the following directory: C:\Windows\System32\drivers\. AVG will not delete or heal the file. Following per your requests are the logs. I greatly appreciate your help! ROOT REPEAL FILE: ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/10/18 08:25 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB0D39000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBA606000 Size: 8192 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xACE96000 Size: 49152 File Visible: No Signed: - Status: - ==EOF== DDS TEXT FILE DDS (Ver_09-06-26.01) - NTFSx86 Run by Chuck at 8:20:53.65 on Sun 10/18/2009 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1435 [GMT -4:00] AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\stsystra.exe C:\Program Files\S4F\Filter7.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\S4F\filter7.exe C:\Documents and Settings\Chuck\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/ uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f mStart Page = hxxp://www.yahoo.com/ mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll mURLSearchHooks: H - No File mWinlogon: Shell=Explorer.exe logon.exe BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar2.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll TB: {EBC780C8-5A2F-4BF2-B274-FDA3D61ACC6C} - No File TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [SigmatelSysTrayApp] stsystra.exe mRun: [S4F] "c:\program files\s4f\Filter7.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palmone\Hotsync.exe IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll LSP: c:\windows\system\wins4f.dll Trusted Zone: turbotax.com Trusted Zone: vectorvest.com\www DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234112483765 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFECAFE-0013-0001-0018-ABCDEFABCDEF} DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\chuck\applic~1\mozilla\firefox\profiles\mkz8pgnf.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll FF - plugin: c:\program files\mozilla firefox\plugins\npaxctrl.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13118.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Sotfone Tracker: No Registry Reference - c:\program files\mozilla firefox\extensions\sotfone-tracker@sotfone.ru FF - HiddenExtension: XUL Cache: No Registry Reference - c:\program files\mozilla firefox\extensions\{35FE725C-4C4A-46B7-8874-00EE84652E9B} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-10-3 335240] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-10-3 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-10-3 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-10-3 297752] =============== Created Last 30 ================ 2009-10-03 11:46 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-10-03 11:38 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-10-03 11:38 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-10-03 11:38 335,240 a------- c:\windows\system32\drivers\avgldx86.sys 2009-10-03 11:38 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-10-03 11:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-10-03 11:16 <DIR> --d----- c:\docume~1\chuck\applic~1\AVG8 2009-10-02 18:18 <DIR> --d----- c:\program files\Ask.com 2009-09-29 18:38 <DIR> --d----- c:\program files\gBurner 2009-09-19 16:12 <DIR> --d----- c:\windows\pss 2009-09-19 13:50 26,628 a------- c:\windows\system32\logon.exe 2009-09-18 18:46 153,088 -------- c:\windows\system32\dllcache\triedit.dll 2009-09-18 18:45 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll 2009-09-18 18:44 128,512 -------- c:\windows\system32\dllcache\dhtmled.ocx ==================== Find3M ==================== 2009-08-13 11:16 512,000 -------- c:\windows\system32\dllcache\jscript.dll 2009-08-10 19:14 98,304 a------- c:\windows\system32\NtDirect.dll 2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll 2009-07-29 00:37 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 00:37 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-29 00:37 119,808 -------- c:\windows\system32\dllcache\t2embed.dll 2009-07-29 00:37 81,920 -------- c:\windows\system32\dllcache\fontsub.dll 2009-05-25 14:43 48,248 a------- c:\docume~1\chuck\applic~1\GDIPFONTCACHEV1.DAT 2009-02-24 10:17 60,744 a------- c:\documents and settings\chuck\g2mdlhlpx.exe 2008-02-21 22:36 60,968 a------- c:\documents and settings\chuck\GoToAssistDownloadHelper.exe 2007-11-02 12:10 0 a------- c:\docume~1\chuck\applic~1\wklnhst.dat 2008-11-25 16:06 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008112520081126\index.dat ============= FINISH: 8:21:28.20 ===============

Attached Files


    Advertisements

Register to Remove


#2 LDTate

LDTate

    Forum God

  • Root Admin
  • 57,180 posts

Posted 21 October 2009 - 07:39 PM

Posted Image


DO NOT use any TOOLS such as Combofix, SmitfraudFix, MBAM, Vundofix, or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.


Vista users:
1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")


Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Uncheck "Hide file extensions for known file types."
Under the "Hidden files" folder, select "Show hidden files and folders."
Uncheck "Hide protected operating system files."
Click Apply, and then click OK.


Please do not delete anything unless instructed to.


Please download ATF Cleaner by Atribune.
Download - ATF Cleaner╗
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Posted Image
Click the Empty Selected button.

(If you use FireFox or the Opera browser
To keep saved passwords, click No at the prompt.)

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.

Next:

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
    Posted Image
  • When the scan is complete, click OK, then Show Results to view the results.
  • Posted Image
  • Then click Remove Selected .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.


Also please describe how your computer behaves at the moment.


Please don't attach the scans / logs, use "copy/paste". .

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#3 maxreturn

maxreturn

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 22 October 2009 - 06:41 AM

Hello LD. Below is the Malwarebytes' scan log. After running this program I did get a message which indicated to reboot in order to remove one of the trojan threats. After doing so I didn't get any AVG Resident Shield message indicating a threat. BTW...could you tell me how I can receive email notification when you respond? For some reason I did not receive an email notification when you responded the first time. Thanks for your help!

MALWAREBYTES LOG


Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

10/22/2009 8:28:05 AM
mbam-log-2009-10-22 (08-28-05).txt

Scan type: Quick Scan
Objects scanned: 92534
Time elapsed: 4 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe logon.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\logon.exe (Backdoor.Bot) -> Delete on reboot.

#4 LDTate

LDTate

    Forum God

  • Root Admin
  • 57,180 posts

Posted 22 October 2009 - 02:56 PM

C:\WINDOWS\system32\logon.exe (Backdoor.Bot)

Whether you wish to continue with cleaning or not, you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:
  • Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
  • Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
  • Consider what other private information could possibly have been taken from your computer and take appropriate steps
This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.

Please post back to let me know how you wish to proceed.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#5 maxreturn

maxreturn

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 22 October 2009 - 03:44 PM

C:\WINDOWS\system32\logon.exe (Backdoor.Bot)

Whether you wish to continue with cleaning or not, you should be aware that you may have been infected by a backdoor trojan. This type of program has the ability to steal passwords and other information from your system. If you are using your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:

  • Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
  • Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
  • Consider what other private information could possibly have been taken from your computer and take appropriate steps
This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.

Please post back to let me know how you wish to proceed.


Thanks LD. Wow, that wasn't the answer I was hoping for. But I think to be on the safe side I will go ahead and reformat the hard drive. However, I just have two questions. 1) I have an excel file that is locked that has passwords for my clients for whom I manage money. Should I assume that these may have been pirated and change those too? 2) I'm assuming that all my other files (word, excel, etc) are not infected and I can safely back them up and reinstall them on the newly formatted drive? Thank you!

#6 LDTate

LDTate

    Forum God

  • Root Admin
  • 57,180 posts

Posted 22 October 2009 - 03:56 PM

If it were me I'd check each file I was going to back up and save. It will be worth it in th elong run.


Please go to http://virusscan.jotti.org, click on Browse, and upload the following file for analysis:

Example: C:\WINDOWS\system32\logon.exe


Then click Submit. Allow the file to be scanned.


If virscan.org is too busy you can try these.

http://virscan.org/

http://www.kaspersky...anforvirus.html


http://www.virustota.../en/indexf.html

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#7 maxreturn

maxreturn

    Authentic Member

  • Authentic Member
  • PipPip
  • 25 posts

Posted 22 October 2009 - 04:20 PM

If it were me I'd check each file I was going to back up and save. It will be worth it in th elong run.


Please go to http://virusscan.jotti.org, click on Browse, and upload the following file for analysis:

Example: C:\WINDOWS\system32\logon.exe


Then click Submit. Allow the file to be scanned.


If virscan.org is too busy you can try these.

http://virscan.org/

http://www.kaspersky...anforvirus.html


http://www.virustota.../en/indexf.html


Hello LD. Well, this is interesting. There is no "logon.exe" file in my windows\system32 directory. Here are the only "logon'' files in that directory:

logon.scr
logonui.exe
logonui.exe.manifest

Methinks something is screwy in Denmark

#8 LDTate

LDTate

    Forum God

  • Root Admin
  • 57,180 posts

Posted 22 October 2009 - 04:49 PM

I used that file as an example. That file was removed.

Files Infected:
C:\install.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\logon.exe (Backdoor.Bot) -> Delete on reboot.


Use the files you want to save.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 


#9 LDTate

LDTate

    Forum God

  • Root Admin
  • 57,180 posts

Posted 25 October 2009 - 03:27 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

The forum is run by volunteers who donate their time and expertise.

Want to help others? Join the ClassRoom and learn how.

Logs will be closed if you haven't replied within 3 days

 

If you would like to paypal.gif for the help you received.
 

Proud graduate of TC/WTT Classroom

 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users