Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combo Fix


  • This topic is locked This topic is locked
3 replies to this topic

#1 markm1862

markm1862

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 03 June 2008 - 12:38 PM

ComboFix 08-06-01.6 - Mark 2008-06-03 9:57:02.1 - NTFSx86
Running from: C:\Users\Mark\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\Mark\AppData\Roaming\inst.exe
C:\Windows\System32\CJSCddMp.ini
C:\Windows\System32\CJSCddMp.ini2
C:\Windows\system32\cqrsgsdf.dll
C:\Windows\system32\fkotogak.dll
C:\Windows\System32\fmqimecf.ini
C:\Windows\system32\hgGVmmJA.dll
C:\Windows\System32\JQXIPAHk.ini
C:\Windows\System32\JQXIPAHk.ini2
C:\Windows\system32\okatkpky.ini
C:\Windows\System32\OnXbdfii.ini
C:\Windows\System32\OnXbdfii.ini2
C:\Windows\System32\ppVvCcfe.ini
C:\Windows\System32\ppVvCcfe.ini2
C:\Windows\System32\rievbqbn.ini
C:\Windows\System32\rYxFgNmp.ini
C:\Windows\System32\rYxFgNmp.ini2
C:\Windows\system32\thcgbpjc.ini
C:\Windows\system32\trvceogj.ini
C:\Windows\System32\uqojilyu.ini
C:\Windows\system32\uylijoqu.dll
C:\Windows\system32\yayyVNDS.dll

.
((((((((((((((((((((((((( Files Created from 2008-05-03 to 2008-06-03 )))))))))))))))))))))))))))))))
.

2008-06-03 08:21 . 2008-06-03 08:21 <DIR> d-------- C:\Program Files\Safer Networking
2008-05-31 16:36 . 2008-05-30 14:22 59,392 --a------ C:\Windows\System32\ljJYOeCS.dl~
2008-05-31 14:44 . 2008-05-31 14:44 126,464 --------- C:\Windows\System32\tepvqefu.pxe
2008-05-31 14:43 . 2008-05-31 14:43 373,248 --------- C:\Windows\System32\oghcurlq.mln
2008-05-31 08:35 . 2008-05-31 08:35 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-30 15:13 . 2008-05-31 13:29 327 --a------ C:\Windows\wininit.ini
2008-05-30 14:28 . 2008-05-30 14:54 345 --ahs---- C:\Windows\System32\MVyGQXyb.ini
2008-05-30 14:27 . 2008-05-30 14:48 <DIR> d-------- C:\Program Files\Total Video Converter
2008-05-30 14:27 . 2000-05-22 22:58 608,448 --a------ C:\Windows\System32\comctl32.ocx
2008-05-28 09:22 . 2008-05-28 09:27 230 --a------ C:\config.xml
2008-05-28 09:21 . 2008-05-28 09:21 <DIR> d-------- C:\Program Files\Common Files\ASCOM
2008-05-28 08:39 . 2008-05-28 08:39 <DIR> d-------- C:\Program Files\Microsoft Research
2008-05-28 08:26 . 2008-03-07 19:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-28 08:26 . 2008-03-07 21:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-26 10:10 . <DIR> C:\Users\Mark\AppData\Roaming\NeroDigitalT
2008-05-26 09:54 . 2008-05-26 09:54 <DIR> d-------- C:\Program Files\NeroInstall.bak
2008-05-26 09:52 . 2008-05-26 09:52 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Nero
2008-05-26 09:45 . 2008-05-26 09:46 <DIR> d-------- C:\Users\All Users\Nero
2008-05-26 09:45 . 2008-05-26 09:46 <DIR> d-------- C:\ProgramData\Nero
2008-05-26 09:45 . 2008-05-26 09:45 <DIR> d-------- C:\Program Files\Nero
2008-05-26 09:45 . 2008-05-26 09:51 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-05-25 09:42 . 2008-05-25 09:42 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-05-25 09:33 . 2008-05-25 09:33 <DIR> d-------- C:\Program Files\MediaMonkey
2008-05-25 09:24 . 2008-05-25 09:24 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Sonic
2008-05-25 09:19 . 2008-05-25 09:19 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Leadertech
2008-05-25 09:03 . 2008-05-25 09:03 <DIR> d-------- C:\temp
2008-05-25 08:59 . 2008-05-25 08:59 <DIR> d-------- C:\Users\All Users\SupportSoft
2008-05-25 08:59 . 2008-05-25 08:59 <DIR> d-------- C:\ProgramData\SupportSoft
2008-05-25 08:58 . 2008-05-25 08:59 <DIR> d-------- C:\Program Files\Dell Support Center
2008-05-25 08:58 . 2008-05-25 08:58 <DIR> d-------- C:\Program Files\Common Files\supportsoft
2008-05-25 08:57 . 2008-05-25 09:02 <DIR> d-------- C:\Users\All Users\Dell
2008-05-25 08:57 . 2008-05-25 09:02 <DIR> d-------- C:\ProgramData\Dell
2008-05-25 08:42 . 2008-05-25 08:42 <DIR> d-------- C:\Users\All Users\Microsoft Corporation
2008-05-25 08:42 . 2008-05-25 08:42 <DIR> d-------- C:\ProgramData\Microsoft Corporation
2008-05-25 08:41 . 2008-05-25 08:41 <DIR> d-------- C:\Users\All Users\InstallShield
2008-05-25 08:41 . 2008-05-25 08:41 <DIR> d-------- C:\ProgramData\InstallShield
2008-05-25 08:41 . 2008-05-25 08:41 <DIR> d-------- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-05-25 08:39 . 2008-05-25 08:39 <DIR> d-------- C:\Users\All Users\Sonic
2008-05-25 08:39 . 2008-05-25 08:39 <DIR> d-------- C:\ProgramData\Sonic
2008-05-25 08:39 . 2008-05-25 12:31 <DIR> d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-25 08:35 . 2008-05-25 09:02 <DIR> d-------- C:\Program Files\Roxio
2008-05-24 17:59 . 2008-05-24 17:59 <DIR> d-------- C:\Users\Mark\AppData\Roaming\AVS4YOU
2008-05-24 17:59 . 2008-05-24 17:59 <DIR> d-------- C:\Users\All Users\AVS4YOU
2008-05-24 17:59 . 2008-05-24 17:59 <DIR> d-------- C:\ProgramData\AVS4YOU
2008-05-24 17:57 . 2008-05-24 17:58 <DIR> d-------- C:\Program Files\Common Files\AVSMedia
2008-05-24 17:57 . 2008-05-25 12:33 <DIR> d-------- C:\Program Files\AVS4YOU
2008-05-24 17:57 . 2007-02-27 19:36 974,848 --a------ C:\Windows\System32\mfc70.dll
2008-05-24 17:57 . 2007-02-27 19:36 487,424 --a------ C:\Windows\System32\msvcp70.dll
2008-05-24 17:57 . 2007-02-27 19:36 344,064 --a------ C:\Windows\System32\msvcr70.dll
2008-05-24 17:57 . 2007-02-27 19:36 24,576 --a------ C:\Windows\System32\msxml3a.dll
2008-05-24 17:50 . 2008-05-24 17:51 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Media Player Classic
2008-05-24 17:50 . 2008-05-24 17:50 <DIR> d-------- C:\abcc
2008-05-24 17:48 . 2008-05-24 17:48 34 --ah----- C:\Windows\System32\DVDRippper_sysquict.dat
2008-05-24 17:43 . 2008-05-24 17:43 <DIR> d-------- C:\Users\All Users\GRETECH
2008-05-24 17:43 . 2008-05-24 17:43 <DIR> d-------- C:\ProgramData\GRETECH
2008-05-24 17:42 . 2008-05-24 17:42 <DIR> d-------- C:\Users\Mark\AppData\Roaming\GRETECH
2008-05-24 17:42 . 2008-05-24 17:42 <DIR> d-------- C:\Program Files\GRETECH
2008-05-24 13:35 . 2008-05-24 13:35 <DIR> d-------- C:\Users\All Users\vsosdk
2008-05-24 13:35 . 2008-05-24 13:35 <DIR> d-------- C:\ProgramData\vsosdk
2008-05-24 12:44 . 2008-05-24 14:26 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Vso
2008-05-24 12:44 . 2008-05-24 12:44 47,360 --a------ C:\Windows\System32\drivers\pcouffin.sys
2008-05-24 12:44 . 2008-05-24 14:26 47,360 --a------ C:\Users\Mark\AppData\Roaming\pcouffin.sys
2008-05-22 09:13 . 2008-05-22 09:13 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Ahead
2008-05-20 14:25 . 2008-05-20 14:25 0 --a------ C:\Windows\System32\UG
2008-05-16 23:30 . 2008-05-16 23:30 <DIR> d-------- C:\Program Files\Common Files\xing shared
2008-05-16 23:29 . 2008-05-17 08:22 <DIR> d-------- C:\Users\Mark\AppData\Roaming\TigerPlayer
2008-05-16 23:28 . 2008-05-16 23:28 <DIR> d-------- C:\Users\All Users\Apple Computer
2008-05-16 23:28 . 2008-05-16 23:28 <DIR> d-------- C:\ProgramData\Apple Computer
2008-05-16 23:28 . 2008-05-16 23:29 <DIR> d-------- C:\Program Files\MpcStar
2008-05-16 18:03 . 2008-05-20 09:48 <DIR> d-------- C:\Program Files\RAR Password Cracker
2008-05-16 17:35 . 2008-06-02 17:57 69 --a------ C:\Windows\NeroDigital.ini
2008-05-16 17:17 . 2008-05-16 17:19 <DIR> d-------- C:\Users\Mark\AppData\Roaming\DeepBurner
2008-05-16 17:12 . 2008-05-16 17:12 <DIR> d-------- C:\Program Files\Astonsoft
2008-05-16 17:03 . 2008-05-16 17:03 <DIR> d-------- C:\Users\All Users\DVD Shrink
2008-05-16 17:03 . 2008-05-16 17:03 <DIR> d-------- C:\ProgramData\DVD Shrink
2008-05-16 17:03 . 2008-05-16 17:03 <DIR> d-------- C:\Program Files\DVD Shrink
2008-05-16 16:09 . 2008-05-16 16:09 <DIR> d-------- C:\Program Files\Defraggler
2008-05-16 15:51 . 2008-05-31 13:10 <DIR> d-------- C:\Downloads
2008-05-16 15:51 . 2008-05-17 15:22 2,560 --a------ C:\Windows\System32\bitcometres.dll
2008-05-16 15:43 . 2008-05-30 14:33 <DIR> d-------- C:\Program Files\BitComet
2008-05-15 08:36 . 2008-03-03 20:53 1,547,264 --a------ C:\Windows\System32\inetcpl.cpl
2008-05-15 08:36 . 2008-03-03 20:52 830,464 --a------ C:\Windows\System32\wininet.dll
2008-05-15 08:36 . 2008-03-03 20:53 385,024 --a------ C:\Windows\System32\html.iec
2008-05-15 08:36 . 2008-03-03 20:51 168,448 --a------ C:\Windows\System32\iexpress.exe
2008-05-15 08:36 . 2008-03-03 20:53 78,336 --a------ C:\Windows\System32\ieencode.dll
2008-05-15 08:36 . 2008-03-03 20:50 45,568 --a------ C:\Windows\System32\mshta.exe
2008-05-15 08:35 . 2008-06-02 17:35 <DIR> d-------- C:\Users\Mark\AppData\Roaming\FileZilla
2008-05-14 10:13 . 2008-05-25 12:12 <DIR> d-------- C:\Program Files\AMT
2008-05-13 12:33 . 2008-06-01 18:11 <DIR> d-------- C:\inetpub
2008-05-13 11:31 . 2008-05-13 11:31 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR
2008-05-13 11:31 . 2008-05-13 11:31 <DIR> d-------- C:\Program Files\Adobe Media Player
2008-05-12 18:47 . 2008-05-12 18:47 <DIR> d-------- C:\Users\Mark\AppData\Roaming\PeerNetworking
2008-05-12 16:37 . 2008-05-12 16:37 <DIR> d-------- C:\Users\All Users\Raxco
2008-05-12 16:37 . 2008-05-12 16:37 <DIR> d-------- C:\ProgramData\Raxco
2008-05-12 16:37 . 2008-05-12 16:37 <DIR> d-------- C:\Program Files\Raxco
2008-05-10 13:54 . 2008-05-10 13:54 <DIR> dr------- C:\Users\Mark\AppData\Roaming\Brother
2008-05-10 09:32 . 2008-05-10 10:13 <DIR> d-------- C:\Users\Mark\AppData\Roaming\Download Manager
2008-05-10 09:12 . 2008-05-31 11:56 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2008-05-10 08:58 . 2008-05-10 08:58 <DIR> d-------- C:\Program Files\Real
2008-05-10 08:57 . 2008-05-16 23:30 <DIR> d-------- C:\Program Files\Common Files\Real
2008-05-08 16:38 . 2008-05-27 14:20 <DIR> d-------- C:\Users\Mark\AppData\Roaming\StarOffice8
2008-05-08 10:15 . 2008-05-08 10:15 <DIR> d-------- C:\Program Files\TheWeatherNetwork
2008-05-08 09:51 . 2008-06-03 08:48 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-05-08 09:50 . 2008-05-08 09:50 <DIR> d-------- C:\Users\All Users\Symantec
2008-05-08 09:50 . 2008-05-08 09:50 <DIR> d-------- C:\ProgramData\Symantec
2008-05-08 09:47 . 2008-05-08 09:47 <DIR> d-------- C:\Program Files\Sun
2008-05-08 09:37 . 2008-05-08 09:37 <DIR> d-------- C:\Users\Mark\AppData\Roaming\PC Tools
2008-05-08 09:37 . 2008-06-03 09:51 <DIR> d-a------ C:\Users\All Users\TEMP
2008-05-08 09:37 . 2008-06-03 09:51 <DIR> d-a------ C:\ProgramData\TEMP
2008-05-08 09:37 . 2008-06-03 08:24 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-05-08 09:37 . 2007-12-10 14:53 81,288 --a------ C:\Windows\System32\drivers\iksyssec.sys
2008-05-08 09:37 . 2007-12-10 14:53 66,952 --a------ C:\Windows\System32\drivers\iksysflt.sys
2008-05-08 09:37 . 2008-02-01 12:55 42,376 --a------ C:\Windows\System32\drivers\ikfilesec.sys
2008-05-08 09:37 . 2007-12-10 14:53 29,576 --a------ C:\Windows\System32\drivers\kcom.sys
2008-05-08 09:36 . 2008-05-08 09:36 <DIR> d-------- C:\Windows\System32\runtime
2008-05-08 09:36 . 2008-05-08 09:36 <DIR> d-------- C:\Program Files\Picasa2
2008-05-08 09:36 . 2006-10-04 19:42 2,560 --a------ C:\Windows\System32\drivers\cdralw2k.sys
2008-05-08 09:36 . 2006-10-04 19:42 2,432 --a------ C:\Windows\System32\drivers\cdr4_xp.sys
2008-05-08 09:35 . 2008-05-08 09:36 <DIR> d-------- C:\Users\All Users\Google
2008-05-08 09:35 . 2008-06-03 08:47 <DIR> d-------- C:\Program Files\Norton Security Scan
2008-05-08 09:34 . 2008-06-02 11:41 <DIR> d-------- C:\Users\All Users\Google Updater
2008-05-08 09:34 . 2008-06-02 11:41 <DIR> d-------- C:\ProgramData\Google Updater
2008-05-08 09:34 . 2008-05-08 17:05 <DIR> d-------- C:\Program Files\Google
2008-05-08 09:19 . 2008-05-08 09:19 <DIR> d-------- C:\Windows\Sun
2008-05-08 09:19 . 2008-06-02 08:14 <DIR> d-------- C:\Users\Mark\awc_mark1862

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-26 17:10 --------- d-----w C:\Users\Mark\AppData\Roaming\NeroDigital™
2008-05-14 18:34 --------- d-----w C:\Program Files\Windows Mail
2008-05-07 04:11 174 --sha-w C:\Program Files\desktop.ini
2008-05-07 04:02 --------- d-----w C:\Program Files\Windows Sidebar
2008-05-07 04:02 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-05-07 04:02 --------- d-----w C:\Program Files\Windows Journal
2008-05-07 04:02 --------- d-----w C:\Program Files\Windows Defender
2008-05-07 04:02 --------- d-----w C:\Program Files\Windows Collaboration
2008-05-07 04:02 --------- d-----w C:\Program Files\Windows Calendar
2008-03-08 04:19 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-03-08 04:19 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-03-08 04:19 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-03-08 04:19 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-03-08 01:58 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-03-04 03:52 47,616 ----a-w C:\Windows\AppPatch\iebrshim.dll
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-08 09:34 68856]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe" [2007-09-13 16:21 61168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"TEPA.exe"="C:\Program Files\TELUS\eProtect Advisor\TEPA.exe" [2007-05-14 09:10 2061816]
"TELUS eProtect"="C:\Program Files\TELUS\TELUS eProtect\Rps.exe" [2007-09-13 16:22 310000]
"-FreedomNeedsReboot"="C:\Program Files\TELUS\TELUS eProtect\ZkRunOnceR.exe" [2007-09-13 16:22 13552]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\Windows\KHALMNPR.Exe]
"TELUS_McciTrayApp"="C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe" [2008-02-25 08:22 1468256]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-08 09:35 29744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe" [2007-09-13 16:21 61168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [5/7/2008 8:04:58 AM 688128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.FFDS"= ffdshow.ax
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"MSServer"=rundll32.exe C:\Windows\system32\ljJYOeCS.dll,#1

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-146266958-2305145417-2721714532-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1B4C15A4-016E-41A3-ABFD-988365F40A4D}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{70DB45C3-04D3-4E43-9F34-56079DF3D974}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{EB0B5503-8898-4B63-A766-0EF49D17D54A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{377E2A93-9B5A-4605-82C8-B53B6C8BE8DF}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{5C5E2C21-88EF-448D-AEF5-0C531E5C9D49}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"TCP Query User{337AD810-3832-45EA-A42A-B82E9F64BB5E}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{91FE3B37-64E2-46A9-82DC-1267AC9F03A8}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{BC3D0816-78E1-4F00-B8FC-234B66F099F5}"= UDP:15859:BitComet 15859 TCP
"{FBAC6AF4-8FFC-44F2-A49E-1AFD4524C918}"= TCP:15859:BitComet 15859 UDP
"TCP Query User{91678696-C3F5-4D4F-B25A-AC1948327461}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{A0D0FBF2-755E-453A-A869-67DDCE099566}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{2F2D543A-CD18-4030-96BF-EF08AD7A0534}"= UDP:15859:BitComet 15859 TCP
"{CDE25A6A-F1E5-4953-81DE-3A011752DF1F}"= TCP:15859:BitComet 15859 UDP
"TCP Query User{37D12D28-8C93-4690-A5FE-FCDEC40C25B6}C:\\program files\\bitcomet\\plugin_emule\\plugin_emule.exe"= UDP:C:\program files\bitcomet\plugin_emule\plugin_emule.exe:eMule plugin host for BitComet
"UDP Query User{F788E30C-1CF2-4582-A232-0F83795E6E59}C:\\program files\\bitcomet\\plugin_emule\\plugin_emule.exe"= TCP:C:\program files\bitcomet\plugin_emule\plugin_emule.exe:eMule plugin host for BitComet
"{DD00F7BC-9148-4AB1-B18F-AA7D6B9ACFDB}"= UDP:13073:BitComet 13073 TCP(ED2K)
"{1EE68F32-F674-42EC-B2DC-105C645E117F}"= TCP:13073:BitComet 13073 UDP(ED2K)
"{6ABC80B7-8A82-495A-B00E-C1712CC16A29}"= UDP:27150:BitComet 27150 TCP(ED2K)
"{37EC6338-DB84-46E0-9540-ECD6BA12AC11}"= TCP:27150:BitComet 27150 UDP(ED2K)
"TCP Query User{5646A4B6-692B-4393-B632-FFABE6CEE727}C:\\program files\\bitcomet\\plugin_emule\\plugin_emule.exe"= UDP:C:\program files\bitcomet\plugin_emule\plugin_emule.exe:eMule plugin host for BitComet
"UDP Query User{5C0FB2CD-0906-4A11-810B-BA63735F56DD}C:\\program files\\bitcomet\\plugin_emule\\plugin_emule.exe"= TCP:C:\program files\bitcomet\plugin_emule\plugin_emule.exe:eMule plugin host for BitComet
"{806B626C-6AFD-4B09-95AC-95C4713203FE}"= UDP:27150:BitComet 27150 TCP(ED2K)
"{40D12829-17A1-420F-9923-6B2CE1DD08DD}"= TCP:27150:BitComet 27150 UDP(ED2K)
"TCP Query User{5FB071E3-2716-45FC-A404-0BE8ABDF75EA}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"UDP Query User{05830D9D-0E1A-4B5C-98A0-F6823CD79D72}C:\\program files\\common files\\nero\\nero web\\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer
"TCP Query User{4624EF5E-D1BA-45B5-AD1D-0E8E0E9BEEF0}C:\\program files\\nero\\nero8\\nero mediahome\\nmmediaserver.exe"= UDP:C:\program files\nero\nero8\nero mediahome\nmmediaserver.exe:Nero MediaHome
"UDP Query User{9BBB0584-21E1-4F3B-A33F-C1D08552092A}C:\\program files\\nero\\nero8\\nero mediahome\\nmmediaserver.exe"= TCP:C:\program files\nero\nero8\nero mediahome\nmmediaserver.exe:Nero MediaHome
"{88C43B77-AC82-4D0B-94DD-278EC4F0A535}"= UDP:9775:BitComet 9775 TCP
"{E6A457F5-E4D7-484F-83EA-B1D224D656B9}"= TCP:9775:BitComet 9775 UDP
"TCP Query User{39A9CE08-0910-432E-B3B6-DE7C95B3B421}C:\\program files\\macromedia\\dreamweaver 8\\dreamweaver.exe"= UDP:C:\program files\macromedia\dreamweaver 8\dreamweaver.exe:Dreamweaver 8
"UDP Query User{0C80599E-1596-47AB-A94B-F56B59D65B17}C:\\program files\\macromedia\\dreamweaver 8\\dreamweaver.exe"= TCP:C:\program files\macromedia\dreamweaver 8\dreamweaver.exe:Dreamweaver 8

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ []
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R3 netr73;Linksys Compact Wireless-G USB Adapter Driver for Vista;C:\Windows\system32\DRIVERS\WUSB54GCx86.sys [2007-03-12 10:12]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-08 09:35]
S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-11-16 18:34]
S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-11-16 18:34]
S3 Radialpoint Security Services;TELUS eProtect;C:\Windows\system32\dllhost.exe [2006-11-02 02:45]
S4 AADTLLBDOF;AADTLLBDOF;C:\Users\Mark\AppData\Local\Temp\AADTLLBDOF.exe []
S4 BNLCNHVAHL;BNLCNHVAHL;C:\Users\Mark\AppData\Local\Temp\BNLCNHVAHL.exe []
S4 CAKJYAQGU;CAKJYAQGU;C:\Users\Mark\AppData\Local\Temp\CAKJYAQGU.exe []
S4 KEQTWV;KEQTWV;C:\Users\Mark\AppData\Local\Temp\KEQTWV.exe []
S4 McciCMService;McciCMService;"C:\Program Files\Common Files\Motive\McciCMService.exe" [2008-02-29 15:16]
S4 PB;PB;C:\Users\Mark\AppData\Local\Temp\PB.exe []
S4 PKSYZKQJTNAPPTYTSU;PKSYZKQJTNAPPTYTSU;C:\Users\Mark\AppData\Local\Temp\PKSYZKQJTNAPPTYTSU.exe []
S4 SFP;SFP;C:\Users\Mark\AppData\Local\Temp\SFP.exe []
S4 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-03-11 12:44]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
GPSvcGroup REG_MULTI_SZ GPSvc

.
Contents of the 'Scheduled Tasks' folder
"2008-05-30 23:36:37 C:\Windows\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 10:08:54
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
C:\Windows\System32\audiodg.exe
C:\Program Files\TELUS\TELUS eProtect\Fws.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.exe
C:\Program Files\TELUS\eProtect Advisor\TEPAComHandler.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\logishrd\LVCOMSER\LVComSer.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\TELUS\TELUS eProtect\rpsupdaterr.exe
C:\Windows\System32\wbem\WMIADAP.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
.
**************************************************************************
.
Completion time: 2008-06-03 10:16:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-03 17:14:45

Pre-Run: 197,841,678,336 bytes free
Post-Run: 198,051,610,624 bytes free

313 --- E O F --- 2008-05-30 19:12:40

BC AdBot (Login to Remove)

 


#2 markm1862

markm1862
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:50 PM

Posted 03 June 2008 - 12:39 PM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:12 AM, on 03/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TELUS\TELUS eProtect\Fws.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\TELUS\eProtect Advisor\TEPA.exe
C:\Program Files\TELUS\TELUS eProtect\RPS.exe
C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\TELUS\eProtect Advisor\TEPAComHandler.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\TELUS\TELUS eProtect\rpsupdaterR.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\notepad.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mytelus.com/new_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\TELUS\TELUS eProtect\pkR.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [TEPA.exe] "C:\Program Files\TELUS\eProtect Advisor\TEPA.exe" /AUTORUN
O4 - HKLM\..\Run: [TELUS eProtect] "C:\Program Files\TELUS\TELUS eProtect\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\TELUS\TELUS eProtect\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TELUS_McciTrayApp] C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\RunOnce: [IndexCleaner] "C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/...u/wlscctrl2.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: TELUS eProtect Update Service (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\TELUS\TELUS eProtect\rpsupdaterR.exe
O23 - Service: TELUS eProtect Firewall (RP_FWS) - TELUS - C:\Program Files\TELUS\TELUS eProtect\Fws.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 9280 bytes

#3 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:50 AM

Posted 01 July 2008 - 05:34 AM

Welcome to the BleepingComputer Forums. Since it has been a few days, please post a new HijackThis log. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#4 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:50 AM

Posted 08 July 2008 - 10:23 AM

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users