Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 2010


  • This topic is locked This topic is locked
10 replies to this topic

#1 Austin_01

Austin_01

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 14 September 2009 - 06:40 PM

I think I got hit by a fake program An Antivirus 2010 program and Total security windows Pop up constantly. I can not run any malware programs against it. I have tired enabling all of my anti virus programs but no luck they will not run. I can not get them to run from the programs menu or off the task bar. I run Windows Xp and have also tired running in safe mode with no luck.

I am an amateur as far as computers are concerned. But am a quick learner, the computer has more then a few problems but is my life line I would really appreciate some help in being able to use the system again. :thumbsup:

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:58 AM

Posted 14 September 2009 - 07:38 PM

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 Austin_01

Austin_01
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 14 September 2009 - 10:39 PM

Thanks for the quick response,

I have installed rootrepeal I am running in safe mode and received the following notification upon opening
Could not read the boot sector. Try Adjusting the disk access level in the options dialog.
After 4 Oks the program will open
As directed I selected reports and checked all the boxes and scanned. It initializes for about a minute and then just shuts down the system entirely.

Open to other suggestions please.

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:58 AM

Posted 14 September 2009 - 11:12 PM

  • Please download System Repair Engineer from here
  • Unzip/extract sreng2.zip to a folder on your desktop
  • Double-click on SREngLdr.EXE to launch System Repair Engineer
  • Click the Smart Scan Icon
  • Click Scan
  • Wait for the scan to finish
  • Click on the Save Reports button
  • Save it to your desktop, using the recommended name of SREngLOG.log
  • Close System Repair Engineer
  • Use notepad to open the SREngLOG.log file
  • Copy & paste the contents of that file as a reply to this topic
  • Note: The log may be long, and you may need several posts to post all of it
  • If you are using a custom HOSTS file, please leave out the HOSTS File section, as it will make the log far too long

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Austin_01

Austin_01
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 15 September 2009 - 04:22 PM

This seemed to work just fine here is the log:

[code=auto:0]

2009-09-15,15:19:36

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<NVIEW><rundll32.exe nview.dll,nViewLoadHook> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Microsoft Update Machine><svohost.exe> [N/A]
<A00F109915.exe><C:\DOCUME~1\Owner\LOCALS~1\Temp\_A00F109915.exe> [File is missing]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<hpsysdrv><c:\windows\system\hpsysdrv.exe> [Hewlett-Packard Company]
<HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<CamMonitor><c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe> []
<Share-to-Web Namespace Daemon><c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe> [Hewlett-Packard]
<KBD><C:\HP\KBD\KBD.EXE> [Hewlett-Packard Company]
<StorageGuard><"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r> [Sonic Solutions]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<Recguard><C:\WINDOWS\SMINST\RECGUARD.EXE> []
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Publisher]
<nwiz><nwiz.exe /installquiet /keeploaded /nodetect> [(Verified)Microsoft Windows Publisher]
<PS2><C:\WINDOWS\system32\ps2.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<AlcxMonitor><ALCXMNTR.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<FaxCenterServer><"C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s> [(Verified)"Lexmark International, Inc."]
<Microsoft Update Machine><svohost.exe> [N/A]
<lxdimon.exe><"C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"> [(Verified)"Lexmark International, Inc."]
<lxdiamon><"C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"> [(Verified)"Lexmark International, Inc."]
<wohamuvudo><Rundll32.exe "C:\WINDOWS\System32\yabusavu.dll",s> [File is missing]
<983120ec><rundll32.exe "C:\WINDOWS\System32\pedejelo.dll",b> [File is missing]
<CPM9b021370><Rundll32.exe "c:\windows\system32\farakive.dll",a> [File is missing]
<Eyaduligej><rundll32.exe "C:\WINDOWS\Tqugoqeziwakeco.dll",e> [File is missing]
<Hsanesifiziwesif><rundll32.exe "C:\WINDOWS\Gfajipugoforeqon.dat",e> [File is missing]
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.]
<iTunesHelper><"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.]
<SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<NeroCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [File is missing]
<Antivirus Pro 2010><"C:\Program Files\AntivirusPro_2010\AntivirusPro_2010.exe" /hide> [File is missing]
<17498434><C:\Documents and Settings\All Users\Application Data\17498434\17498434.exe> []
<braviax><braviax.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<winlogn><C:\WINDOWS\System32\winlogn.exe> [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,> [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><cru629.dat> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Publisher]
<WebCheck><%SystemRoot%\System32\webcheck.dll> [(Verified)Microsoft Windows Publisher]
<SysTray><C:\WINDOWS\System32\stobject.dll> [(Verified)Microsoft Windows Publisher]
<SSODL><c:\windows\system32\farakive.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\98312043530]
<WinlogonNotify: 98312043530><C:\WINDOWS\System32\dbnetlib32.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OPXPGina]
<WinlogonNotify: OPXPGina><C:\Program Files\Softex\OmniPass\opxpgina.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32]
<WinlogonNotify: WinCtrl32><WinCtrl32.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c002C5C6]
<WinlogonNotify: __c002C5C6><C:\WINDOWS\System32\__c002C5C6.dat> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\System32\browseui.dll> [(Verified)Microsoft Windows Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\System32\browseui.dll> [(Verified)Microsoft Windows Publisher]
<{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}><c:\windows\system32\farakive.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4b218e3e-bc98-4770-93d3-2731b9329278}]
<Internet Explorer><%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
<Fax><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\System32\logon.scr> [(Verified)Microsoft Windows Publisher]

==================================
Startup Folders
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Updates from HP]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk --> C:\PROGRA~1\UPDATE~1\137903\Program\BACKWE~1.EXE [N/A]><N>
[OpenOffice.org 3.1]
<C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk --> C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [N/A]><N>
[runit_32]
<C:\Documents and Settings\Owner\Start Menu\Programs\Startup\runit_32.lnk --> C:\PROGRA~1\runit\runit_32.exe [BB Inc]><N>
[spamsubtract]
<C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk --> C:\PROGRA~1\INTERM~1\SPAMSU~1\SPAMSU~1.EXE [interMute, Inc.]><N>




==================================
Startup Folders
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[Updates from HP]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk --> C:\PROGRA~1\UPDATE~1\137903\Program\BACKWE~1.EXE [N/A]><N>
[OpenOffice.org 3.1]
<C:\Documents and Settings\Owner\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk --> C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [N/A]><N>
[runit_32]
<C:\Documents and Settings\Owner\Start Menu\Programs\Startup\runit_32.lnk --> C:\PROGRA~1\runit\runit_32.exe [BB Inc]><N>
[spamsubtract]
<C:\Documents and Settings\Owner\Start Menu\Programs\Startup\spamsubtract.lnk --> C:\PROGRA~1\INTERM~1\SPAMSU~1\SPAMSU~1.EXE [interMute, Inc.]><N>

==================================
Services
[Apple Mobile Device / Apple Mobile Device][Stopped/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>
[Application Management / AppMgmt][Stopped/Manual Start]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Bonjour Service / Bonjour Service][Stopped/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[iPod Service / iPod Service][Stopped/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[Java Quick Starter / JavaQuickStarterService][Stopped/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[lxdiCATSCustConnectService / lxdiCATSCustConnectService][Stopped/Auto Start]
<C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe><Lexmark International, Inc.>
[lxdi_device / lxdi_device][Stopped/Auto Start]
<C:\WINDOWS\system32\lxdicoms.exe -service><>
[NVIDIA Driver Helper Service / NVSvc][Stopped/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Softex OmniPass Service / omniserv][Stopped/Auto Start]
<C:\Program Files\Softex\OmniPass\Omniserv.exe><N/A>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[drvmcdb / drvmcdb][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\drvmcdb.sys><VERITAS Software, Inc.>
[fasttx2k / fasttx2k][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]
<system32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[ialm / ialm][Stopped/Manual Start]
<System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[Lucent Modem Driver / ltmodem5][Stopped/Manual Start]
<System32\DRIVERS\ltmdmnt.sys><LT>
[nv / nv][Stopped/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Ps2 / Ps2][Stopped/Manual Start]
<System32\DRIVERS\PS2.sys><Hewlett-Packard Company>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[rootrepeal / rootrepeal][Stopped/System Start]
<2 - The system cannot find the file specified.
><N/A>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[S3Psddr / S3Psddr][Stopped/Manual Start]
<System32\DRIVERS\s3gnbm.sys><S3 Graphics, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[SiS315 / SiS315][Stopped/Manual Start]
<System32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiS AGP Filter / SISAGP][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[Apple Mobile USB Driver / USBAAPL][Stopped/Manual Start]
<System32\Drivers\usbaapl.sys><Apple, Inc.>
[VIA AGP Filter / viaagp1][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[Winml25 / Winml25][Running/Boot Start]
<\SystemRoot\System32\Drivers\Winml25.sys><N/A>
[Intel® Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Stopped/Manual Start]
<system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel® Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Stopped/Manual Start]
<system32\drivers\ialmkchw.sys><Intel Corporation>

#6 Austin_01

Austin_01
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 15 September 2009 - 04:23 PM

==================================
Browser Add-ons
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[hp toolkit]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} <C:\HP\EXPLOREBAR\HPTOOLKT.DLL, Hewlett-Packard Company>
[]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} <, >
[Bullseye Tool Bar]
{6226BA26-C017-4007-928C-DE9715C6FA67} <C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll, >
[Java Plug-in 1.6.0_13]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_13]
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_13]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_13.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, (Signed) >
[]
{166B1BCA-3F9C-11CF-8075-444553540000} <, >
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[AVG Safe Search]
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} <C:\Program Files\AVG\AVG8\avgssie.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{5D476899-D62D-4CFE-84A6-97C07A3BEDE8} <C:\WINDOWS\System32\tehayela.dll, N/A>
[Bullseye Tool Bar]
{6226BA26-C017-4007-928C-DE9715C6FA67} <C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll, >
[]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, (Signed) Microsoft Corporation>
[]
{A057A204-BACC-4D26-9990-79A187E2698E} <, >
[]
{A3BC75A2-1F87-4686-AA43-5347D756017C} <, >
[hp toolkit]
{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} <C:\HP\EXPLOREBAR\HPTOOLKT.DLL, Hewlett-Packard Company>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, (Signed) N/A>
[]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} <, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[iTunesDetector Class]
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} <C:\Program Files\iTunes\ITDetector.ocx, (Signed) Apple Inc.>
[TBSB09835 Class]
{D97FC677-694D-4A75-AC89-A5B85C2BCFED} <C:\Program Files\IEToolbar\Bullseye Tool Bar\lw.dll, >
[Java™ Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[]
{F28C1F38-41A4-4BEC-8CA3-F7D34EABDFA3} <C:\WINDOWS\System32\ewwngu.dll, N/A>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >

==================================
Running Processes
[PID: 424 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 448 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Softex\OmniPass\opxpgina.dll] [N/A, ]
[C:\WINDOWS\system32\WinCtrl32.dll] [N/A, ]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[PID: 492 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 664 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[\\?\globalroot\systemroot\system32\UACqkukorimja.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtaoukgxivs.dll] [N/A, ]
[PID: 772 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\UACqkukorimja.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtaoukgxivs.dll] [N/A, ]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 980 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\UACqkukorimja.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtaoukgxivs.dll] [N/A, ]
[C:\WINDOWS\System32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[PID: 1072 / NETWORK SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\UACqkukorimja.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtaoukgxivs.dll] [N/A, ]
[C:\WINDOWS\System32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[PID: 1188 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\UACqkukorimja.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACtaoukgxivs.dll] [N/A, ]
[PID: 1448 / SYSTEM][C:\Program Files\Softex\OmniPass\OPXPApp.exe] [N/A, ]
[C:\Program Files\Softex\OmniPass\GINASTUB.dll] [N/A, ]
[C:\Program Files\Softex\OmniPass\sftxtgp.dll] [Windows ® 2000 DDK provider, 5.00.2128.1]
[C:\Program Files\Softex\OmniPass\Secur32.dll] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1764 / Owner][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\kbiwkmsclrrhie.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACavtlaqeerw.dll] [N/A, ]
[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll] [Sun Microsystems, Inc., 3.01]
[C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll] [STLport Consulting, Inc., 4.5.2003.0120]
[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1, 2, 0, 0]
[C:\Program Files\Softex\OmniPass\opshelle.dll] [Softex Incorporated, 1, 0, 0, 1]
[C:\Program Files\Softex\OmniPass\OPComm.dll] [, 1, 0, 0, 1]
[C:\Program Files\Softex\OmniPass\OPFScure.dll] [Softex Incorporated, 1, 0, 0, 1]
[PID: 300 / Owner][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.0.14]
[C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.0.14]
[C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.6.10]
[C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.7.5]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.3.1]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.7.5]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.7.5]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.0.14]
[\\?\globalroot\systemroot\system32\kbiwkmsclrrhie.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACqkukorimja.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.0.14]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.0.14]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.3.1 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.75]
[PID: 516 / Owner][C:\WINDOWS\system32\spider.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3780 / Owner][C:\Program Files\Internet Explorer\Iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\kbiwkmsclrrhie.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACavtlaqeerw.dll] [N/A, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[PID: 3864 / Owner][C:\Program Files\Internet Explorer\Iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[\\?\globalroot\systemroot\system32\kbiwkmsclrrhie.dll] [N/A, ]
[\\?\globalroot\systemroot\system32\UACavtlaqeerw.dll] [N/A, ]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 3968 / Owner][C:\Documents and Settings\Owner\Desktop\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279]
[PID: 4020 / Owner][C:\Documents and Settings\Owner\Desktop\sreng2\SREd49c3329.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\Documents and Settings\Owner\Desktop\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\WINDOWS\system32\SpSubLSP.dll] [interMute, Inc., 2,0,0,45]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
SpamSubtract over [MSAFD Tcpip [TCP/IP]]
SpSubLSP.dll(interMute, Inc., SpamSubtract Layered Service Provider)
SpamSubtract over [MSAFD Tcpip [UDP/IP]]
SpSubLSP.dll(interMute, Inc., SpamSubtract Layered Service Provider)
SpamSubtract over [MSAFD Tcpip [RAW/IP]]
SpSubLSP.dll(interMute, Inc., SpamSubtract Layered Service Provider)
SpamSubtract over [RSVP UDP Service Provider]
SpSubLSP.dll(interMute, Inc., SpamSubtract Layered Service Provider)
SpamSubtract over [RSVP TCP Service Provider]
SpSubLSP.dll(interMute, Inc., SpamSubtract Layered Service Provider)
SpamSubtract
SpSubLSP.dll(interMute, Inc., SpamSubtract Layered Service Provider)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeDebugPrivilege [PID = 3968, C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\SRENG2\SRENGLDR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3968, C:\DOCUMENTS AND SETTINGS\OWNER\DESKTOP\SRENG2\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] {BB65B0FB-5712-401b-B616-E69AC55E2757}.job
C:\WINDOWS\TEMP\b.exe
[Enabled] {7B02EF0B-A410-4938-8480-9BA26420A627}.job
C:\WINDOWS\TEMP\c.exe
[Enabled] AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe

==================================
Windows Security Update Check
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

#7 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:58 AM

Posted 15 September 2009 - 04:26 PM

I think it's time to head on over to the HijackThis forum for a closer look.

Preparation Guide for use before posting a HijackThis Log

Go straight to Step 6. If you cannot get a DDS log just post your System Repair Engineer log.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#8 Austin_01

Austin_01
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 15 September 2009 - 04:30 PM

How do I go about making my first post then do I just follow the instruction in Step 6 and start fresh?

#9 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:58 AM

Posted 15 September 2009 - 04:43 PM

Yes that is correct. Start at Step 6. If you cannot get a DDS log just post your System Repair Engineer log.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#10 Austin_01

Austin_01
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:58 PM

Posted 15 September 2009 - 05:36 PM

Thanks for all your help...I appreciate it generally how long does it take before you get some advice on how to deal with your particular problem.

#11 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,807 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:58 PM

Posted 18 September 2009 - 10:28 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/257847/malware-antispyware-2010-and-total-security/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days, up to two weeks perhaps less, to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users