×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

Advice on preventing Internet Security 2010, Sysguard, etc.

Advice on preventing Internet Security 2010, Sysguard, etc.

Advice on preventing Internet Security 2010, Sysguard, etc.

(OP)
We are having a few users continually getting infected with some of the latest security hoax trojans.  What are others using to prevent this sort of thing?

We have Trend Micro AV installed and try to constantly educate on not clicking on every thing that pops up.  Just looking for some advice on how others are handling this.

Thanks.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

When you say users, what type setup are you talking about?  A large corporate setup, or a small business or home users or what?

Thanks.

--

"If to err is human, then I must be some kind of human!" -Me

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

(OP)
Small business with 75-100 users.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Though I've not used it, it's often mentioned as being possibly the best paid AV software: NOD32 by Eset.

Also, that definitely seems large enough, in my opinion, to look into something like Sophos.

There are of course other options, such as using your own or different DNS servers, so that you can have better control over what is/is not allowed through the network.

Also, there are different web filter companies out there that also help to disallow access to bad content, such as malware.

There's Blue Coat, and there's WebSense, at least that's 2 that come to my mind.  We use WebSense where I work, and I think it works very well, from what little I've seen from a user perspective.  For Blue Coat, I've not seen their corporate stuff, but their k9 protection for home users seems great.

--

"If to err is human, then I must be some kind of human!" -Me

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Currently a lot of scareware is being installed on the fly using adapted pdf files which by default open automatically in your browser without prompting, the enclosed javascript can then run and do what it wants without prompts.

Make sure that you turn off the Javascript option within Adobe reader to help prevent infection.

Also there is a new alert out for Adobe Reader:-
http://www.eset.com/threat-center/blog/2010/01/04/adobe-javascript-and-the-cve-2009-4324-exploit


 

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Internet Security 2010 is exploiting something within IE 8 to infect systems.

I was surfing the web Sunday morning with multiple windows open but not having clicked on anything or opened anything when it infected my machine at the house.

Obviously I took care of it immediately, but it gave me a better insight as to my users saying they didn't do anything...I saw first hand you don't have to click on anything to get infected. I have always recommended AVG...but there it sat, not alerting/preventing a damn thing.

I'm trying out Kaspersky right now at the house to see how that works. At the office I use the Trend product and am currently on a migration path to get the latest version, which is 10, across my network.

I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.

There are no more PDC's! There are DC's with FSMO roles!
 

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

At least for home, I'd suggest Avira Antivir over Trend Micro.  Or you can always go with Nod32.  I've not tried Nod32, but I've yet to read of anyone giving anything but praise for it.  I use Avira b/c it's free, and is the closest thing to Nod32 - better in some tests - that I'm aware of.

I too used AVG before.  It's not bad, but it's not as good as Avira or Nod32.  And it seems AVG isn't as good as it used to be - system performance and detection.

Also, what firewall were you using?  I'd suggest one of these:
#1 - unless using a 64 bit system - Online Armor by Tall Emu.
#2 - Comodo Internet Security - 32 or 64 bit.

--

"If to err is human, then I must be some kind of human!" -Me

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

We've had a few attempted infections (all in a 3 hour period) but no infections because we don't give our users admin rights, either locally or on the domain.  Unless your users need admin rights then set them up as normal, or limited, users.  Even if your AV is up-to-date there's a chance for viruses to slip through because all AV companies need a sample of the virus to build a defense against it.

Hope this helps.

Please help us help you.  Read Tek-Tips posting polices before posting.

Canadian members check out Tek-Tips in Canada for socializing, networking, and anything non-technical.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Yeah, that is a very good suggestion, cmeagan656, that I always seem to forget.  Mainly b/c it annoys me to no end when I try to run as a limited user at home.

--

"If to err is human, then I must be some kind of human!" -Me

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

1.  Don't let the users run as ADMIN (clearly the number one issue - especially on a corporate network that large!!!!!)
2.  Keep Windows updates up to date.
3.  Use Firefox vs. IE but keep IE up to date anyway
4.  Keep Acrobat, Flash, Shockwave, Java up to date
5.  Beat users that repeatedly get infections
6.  Install MBAM on every PC and give users a handout on how to update it and use it.  If you have to pay for it, it would be worth it (since I'd imagine it's not free for corporate use - though I never studied the EULA.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

@kjv

Except for installing MS updates (I have auto updates set to notify only, not install), a new printer/scanner/copier, and installing software I haven't run logged on as an administrative user in over 3 years.

If there is something that needs to run as an administrator I just right click on the shortcut and select "run as" and then enter my admin account logon credentials.  Alternatively, I'll open a cmd box using "run as".  Anything you do at the cmd line when you open it as "run as" and enter your administrator credentials runs as though you were logged on as an administrator.

Hope this helps.

Please help us help you.  Read Tek-Tips posting polices before posting.

Canadian members check out Tek-Tips in Canada for socializing, networking, and anything non-technical.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

5.  Beat users that repeatedly get infections lmao

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Yes - 5 is very important and not far from the truth.  Not the beating part, but users that repeatedly get malware usually have a behavior problem - where they're going on the internet and whether it's business or personal can affect your risk for an infection.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Yeah I realize that, and it is true.  It is just the way you worded it, made me laugh lol.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Believe me, I would really love to have actually beaten some of my users.  They were such arrogant and selfish %)$%+##%s.  They did whatever they pleased in terms of internet browsing while at work and customized their laptops for their own use as a HOME computer.  They installed home printers and camera software, etc.

Having wimpy management staff/IT management is a killer for IT administrative types.  

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

goombawaho
Why not restrict it to certain sites, and have everything else blocked?  Like modify host file and mark it read only, and only allow admins into the windows folder?

I have never worked for a company for that type, only to install new equipment and/or upgrade software.  So my question my come across stupid lol.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

goombawaho
tell your users that the internet responsibily form that they signed specifically states that they are not allowed to install any software on the company issued computer or they will lose privelages or be terminated.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

I don't have users any more, so it's not my issue.  I was speaking of past experiences with the hoards of users.  I USED to have when I was an admin.

Plus it was an HR function and neither HR nor IT management  wanted to enforce any policies.  Crazy but true.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

goombawaho
I hear ya. I've seen it myself with other issues in my company.  

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

From my customers, I am seeing infections through pretty much ALL security apps -- including Avira and Eset (which are two of the "top three" I recommend -- the third being Kaspersky.)  

This is just a limited observation, of course.  I'm just a "one-tech shop".

 

RE: Advice on preventing Internet Security 2010, Sysguard, etc.


I too have been trying to find a "proactive" defense against this one.

I (we) do not have a problem fixing it (on customers machines, 50/50 Home & Small Business) using a either use a Linux "quarantine" PC (re-imaged each use) with a variety of tools. Even booting on the host PC and running "the usual suspects", i.e. Malwarebytes, Spybot S&D, Hijack this etc will usually get shut of it.

However non of the A/V / Security products we have tried seem able to stop it getting onto a PC. This includes Norton, AVG's "Site adviser" or any of the other common products ( Kaspersky, McAfee,NOD etc )

The good advice above re keeping EVERYTHING up to date and perhaps using Firefox does not stop it either !!

It would be nice if we could find this elusive "Proactive Defense" ;)

John in the N.W. UK - trading as "Small Business Computer Support"
 

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

I see this every day and would love to be able to tell people how to avoid getting it.  Everyone has the Vundo trojan (behind the scenes) and then something like Antivirus something something or Security Center or Personal Antivirus popping up in their face on the screen or taskbar whining that they are infected.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

@ghost123uk...

Just out of curiosity, is there any correlation between the people who get the infections, and their use of PDF documents?

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

@ghost123uk...

Just out of curiosity, is there any correlation between the people who get the infections, and their use of PDF documents?

No I don't think so.

My elderly mother got it a couple of weeks ago and she does not use PDF's, I don't think she even has Adobe reader on her laptop. She only opens emails she knows the origin of and only visits very ordinary websites (BBC, & flower arranging sites mostly !!)

One of our engineers got it on his gaming PC, not used for online games, just installed from CD/DVD games, though it is on the WAN of course.

We know it is a Vundo based thing but I don't think Vundo has to be present before the "Fake Antivirus" shows as many clean ups we have done do not show Vundo being present.

I am only guessing now (based on what we have learned along the way) but we reckon it arrives as a "drive by attack" from an infected website.

It seems pretty random though as we have never had it on the 2 Office PC's and they are allowed to go anywhere on the net (and often do :0 )

85% of the PC's we work on (and own) have Kaspersky 2010 installed (this does not prevent infection). AVG's "site advisor" (the green tick alongside URL's in IE and Firefox searches) does not prevent or alert either.

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

If like some previous versions of the fake AV apps, I don't believe they are all website based.  I think some of them are getting onto PCs just via random pings for systems with just the right port open at just the right time.

For instance, about a year or two ago now, I setup a new media PC for our church's media ministry.  At the end, I hadn't gotten on a website at all for a day or two, at least, and just had it connected to my home router... literally seconds from disconnecting it, shutting it down, and taking it to the church.

Next thing I know, whammo!  Antivirus 2008 or 2009 or whatever it was at the time is trying to control the machine.  So I figured, oh well, I'll just start over again.  No way I'm going to chance something being left on a machine I'm taking to my church. smile

--

"If to err is human, then I must be some kind of human!" -Me

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

This ComputerWorld Article suggests the 81% of infections come from PDF's, I personally have not seen it. Mostly I see these come from emails and websites.

James P. Cottingham
I'm number 1,229!
I'm number 1,229!

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

I was already leary of "statistics", and with one like that, I'm even more leary.  Those stats just don't make sense in the real world.

--

"If to err is human, then I must be some kind of human!" -Me

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

If like some previous versions of the fake AV apps, I don't believe they are all website based.  I think some of them are getting onto PCs just via random pings for systems with just the right port open at just the right time.

I think I am with you kjv1611 on this one (at least leaning that way ;) )

It would explain why even "non surfers" such as my mother managed to get it.

Note to self - No don't even think about ZoneAlarm = hate it !!

Mind you, if that is the case, I wonder how it gets past the firewall in the router - afaic that should not allow incoming only traffic (pings etc) onto the PC's ports.

Interesting stuff :)

Keep it coming...
  

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

I was already leary of "statistics", and with one like that, I'm even more leary.  Those stats just don't make sense in the real world.
Wasn't it Mark Twain who said, "There are lies, damn lies, and then there are statistics" or something to that affect? winky smile

 

James P. Cottingham
I'm number 1,229!
I'm number 1,229!

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

The only reason I consider PDF's as a possible vector, is that when I clean up PC's that have had these infections, I almost always find at least one read-only PDF file with a "gibberish" name, in one or more of the temp folders -- which I rarely find when tuning up a non-infected PC.  

This seems a little strange, although I suppose they could be legitimate.  Next time, I'll snag some and take a closer look...

FYI, I don't believe anything I read on the Internet unless I can verify it through trusted sources.  I'd like to point out that security software developers have a vested interest in NOT explaining their statistics.  (Then again, they also have a vested interest in lying -- which anyone can get away with on the Internet.)  

That's why I don't share info with AV developers...  because they don't share any information back!
 

90% of being smart is knowing what you're dumb at.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Speaking of sharing, I had a very rewarding virus-hunting experience today. Today, I documented some substantial evidence of how this fraudware is loading.

Initial symptom:  Every time the customer powered up his laptop it would eventually display:

"Error loading c:\windows\system32\tihunedo.dll  The specified module cannot be found."

I immediately recognized (and verified) that DLL as one of the infamous infections.  However, other than that, there were no other symptoms of infection.  He simply clicked "OK" and continued.  There were no virus detection notifications. The system ran slower than it should, but other than that, it was ok.

Checking the registry, I found the value:

"wxvault.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL vunakifa.dll c:\windows\system32\tihunedo.dll"

Under the key:

"hklm\software\microsoft\windows nt\currentversion\windows"

vunakifa.dll...
   ...is another confirmed Fraudware component.  (Prevx)

GOEC62~1.DLL ....

" ...is used by objects that are classified as safe. It has not yet been seen to be associated with malicious software."  (Prevx)

"... is located in a not identifiable folder. The file size on Windows XP is 0 bytes.
The program has a visible window. The application has no file description. Note: File does not exist any longer. The application is loaded during the Windows boot process (see Registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs). goec62~1.dll is not a Windows core file. Therefore the technical security rating is 25% dangerous, however also read the users reviews."  (file.com)

wxvault.dll...  
   ...is both listed as a "harmless" component, and a Vundo malware component.  The "legit" description is that it is an encryption engine "related to Embassy Security Suite that comes installed on Dell Lap tops.  [per] www.dell.com"    



I'm not going to say more than this.  You high-level techies will be able to figure this out, and understand why I'm keeping my mouth shut...  bigglasses

Hope this helps!

90% of being smart is knowing what you're dumb at.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

2ffat:  "Mostly I see these come from emails and websites."

How have you managed to trace the source of the infection??  What is the method that can tell you where the malware came from?

I was not aware that you could trace the source unless someone was looking over your shoulder.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

I was not aware that you could trace the source unless someone was looking over your shoulder.
Which is exactly how I did it. Technically, I don't trace the exact source, I just see the results on certain web sites and from certain emails. Just this week, my wife kept getting this "warning" every time she clicked on a certain email. She didn't even have to open an attachment, just the email. By revisiting those sites or looking at those emails, I can reproduce this @#$%^ junk warning. That's one way I can trace it.

I've learned that no matter what you click on in their warning, it tries to download. I go into task manager and cancel it from there.  

James P. Cottingham
I'm number 1,229!
I'm number 1,229!

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Right - that's what I do.  Anything suspicious Process Explorer or Task Manager and start killing stuff off ASAP.

That's where most people can't/don't react and just get the junk installed.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.


So, do we think that when the Fake Antivirus / Security alert 2010 (or what ever it calls itself this week) appears on the screen it is still possible to kill the process and remain un-infected.

Personally ( and imho of course ;) )- I think not.

As I mentioned further up ^^ - we had a customer with a clean machine (checked by us the day before) and they got this, they turned it off straight away and brought it to us. We found it was infected with 6 infected files and 600 odd infected registry keys. We kept a copy of the Malwarebytes log file from this one in case it might help identifying what went on (but it doesn't :0 )

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

So, do we think that when the Fake Antivirus / Security alert 2010 (or what ever it calls itself this week) appears on the screen it is still possible to kill the process and remain un-infected.
Yes. As long as you are quick enough to kill the process via task manager. If you click anything on the pop up, however, you'll start the download(s).
 

James P. Cottingham
I'm number 1,229!
I'm number 1,229!

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

I think that when it pops up and says "scanning your computer - 544 threats found" it's way too late.  You have to catch it before it has installed or not give it permission to install by NOT clicking on a strange prompt.

But even at that point, SOMETHING is on your system.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

I think that when it pops up and says "scanning your computer - 544 threats found" it's way too late.  You have to catch it before it has installed or not give it permission to install by NOT clicking on a strange prompt.

But even at that point, SOMETHING is on your system.

I reckon this is true.

Still, back to the subject, how the flip can we block it from getting in in the first place.

This reminds me of the Blaster virus that came onto your machine just "by be being on the NET", (not dependent on looking at an infected website or anything like that).

MS produced a patch for that one !!
Should we hope they can do the same for this too (holds breath) ;)

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

I have found common registry installation points for these infections.  If someone can find a way to block these keys from changes, lock out new entries -- or the equivalent -- it would go a long way towards a fast-and-simple solution.  (Of course, it may not be possible -- this isn't my area of skill.)

1.) The USERINIT registry key:
    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\WINLOGON  >>  C:\Windows\system32\userint.exe
   is changed to
    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\WINLOGON  >>  C:\Windows\system32\win32logon.exe

2.) The following VALUE is added as either an APPDLL key, or a BHO key:

    C:\WINDOWS\SYSTEM32\WIN32EXTENSION.DLL

3.)  The LSP provider HELPER32.DLL is added.


NOTE:  If the infection execuables/extensions are deleted without correcting or deleting the corresponding registry key, the system may either BSOD on boot, or boot to a logon screen and loop back to the logon screen every time a logon is attempted.  This appears to be because the registry keys are altered BEFORE the executables/extensions are downloaded AFTER the registry changes are made.


90% of being smart is knowing what you're dumb at.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

@ Ghost...

Today I had a very similar situation to the one you described where a customer reported that their PC had been reinfected.  She said that since I had cleaned it, she had only visited foodnetwork.com, and checked her email on Yahoo Webmail (through her pop.att.yahoo.com webmail account.)  she's a neighbor, and I believe her.

Any overlaps with what you're seeing?

90% of being smart is knowing what you're dumb at.

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

NOTE:  If the infection execuables/extensions are deleted without correcting or deleting the corresponding registry key, the system may either BSOD on boot, or boot to a logon screen and loop back to the logon screen every time a logon is attempted.  This appears to be because the registry keys are altered BEFORE the executables/extensions are downloaded AFTER the registry changes are made.

Yes we have seen that situation often.

It puzzles me that the virus writers write code that prevents a machine from booting when nowadays they are not vandals, they are after our customers money !

Re protecting registry keys, I wonder if registry protection software ( such as Zone Alarm, yuk yuk ) helps with this type of infection. I never recommend using it on end users machines as the pop ups are usually so complicated to understand, the end user always clicks "allow" just so they can get on with what they are doing. Seen that LOTS f times, same with KIS, AVG full security suite and Norton 360 etc. We often have to spend 5 mins on Google researching what it says before knowing whether to click "allow", "allow once" or "always allow" !!!!!!

~~~~~~~~~~~~~~~~~~~~

Quote:

@ Ghost...

Today I had a very similar situation to the one you described where a customer reported that their PC had been reinfected.  She said that since I had cleaned it, she had only visited foodnetwork.com, and checked her email on Yahoo Webmail (through her pop.att.yahoo.com webmail account.)  she's a neighbor, and I believe her.

Any overlaps with what you're seeing?

The circumstances = Yes, though not necessarily those URL's

Just to re-iterate, I wonder if MS are working on a patch to prevent it ?

I might even go to an MS forum and ask !



JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

Just to re-iterate, I wonder if MS are working on a patch to prevent it ?

I might even go to an MS forum and ask !

I did - and they said they are not !!

Lets just hope some black hat doesn't use the same invasion technique to write a nastier and destructive type threat !!

Mind you if that happened someone WOULD fix it like they did with Blaster in 2003 and Sasser in 2004.

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote (Davetoo):

I was surfing the web Sunday morning with multiple windows open but not having clicked on anything or opened anything when it infected my machine at the house.
I am relieved to know I wasn't imagining things when that happened to me!

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Stay away from ring tone web pages.  I never use those type of pages (or ring tones either), but was watching the other night and someone else would have gotten one of these trojans / B.S. Antivirus 2015 if I hadn't been there to CTRL ALT DEL

Also, song lyrics pages seem to be a danger.

What do the two have in common:
1.  Things that everybody wants - ringtones and lyrics
2.  Things that people want and ALL FOR FREE

All of the above "computing" suggestions are good, but behavior is also an important component of protection.  In terms of behavior - being suspicious is about 70% of protecting yourself.  Not going after FREE stuff (porno, music, lyrics, ring tones, etc) is another 15%

 

RE: Advice on preventing Internet Security 2010, Sysguard, etc.

Quote:

In terms of behavior - being suspicious is about 70% of protecting yourself.  Not going after FREE stuff (porno, music, lyrics, ring tones, etc) is another 15%

Is good general advice, but this thing does not come from "certain" sites (or at least I am 99% sure of that "fact")

From what I can see from on here (and elsewhere) it is like the "Blaster" virus in so much as it is just "floating" around the net looking for PC's to infect. I (we) don't think it comes from an infection in a website or webserver.

So, still no "proactive defense" has been found then :(

 

JB - N.W. - UK....
If at first you don't succeed, keep at it until you can't even think straight !

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close