Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not trusting AV scan results. Malware or Damage?


  • This topic is locked This topic is locked
18 replies to this topic

#1 Jewel431

Jewel431

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 23 July 2011 - 10:06 PM

I have come to this forum so oftwn when looking for helpful info but have never needed to ask a question... until now. I could use advice from someone who knows if I may have a virus or malware on my pc, or if it possibly just damaged in some way.

OS: Windows 7 Home Premium(x64) SP1

Security Setup:
NOD32 Antivirus 4.2 - realtime
MalwareBytes Pro - on-demand scanning though I used to run it realtime
SuperAntiSpyware Pro - real time
Windows Firewall (with AS) (I did have COMODO Free Firewall installed for a week but uninstalled due to recent news of a COMODO security breach)
SpyBot S&D - free - on demand scanning only, no immunize/teatimer

Symptom List:

1. Upon installation of some program (.exe) files, the "Do you want to run this program" box details field has a path leading to AppData/ SPAWNWND=$/NOTIFYWND=$ with numbers after both dollar signs. But the exe file is on the desktop. Virus Scans indicated I was clean so I let that go.

2. My laptop froze up completely during a Sandboxie uninstall (just to upgrade to new version). I rebooted and looked at the event logs but was litterally locked into them. All windows were closed inside Event Log but file->Exit, clicking the x to close and even trying to end theapplication in task manager gave me the popup "all windows must be closed before exiting the event viewer" then for a couple of days, Intermittent problems trying to exit applications, even trying to click the scrollbar sometimes wouldn't work.

3. I thought I was having some browser redirects because A few sites secure sites I had visited many times before gave me a warning(addons.mozilla.org, gmail, etc.) ... something like "The website has a valid security certificate but firefox cannot verify the connection is encrypted." Not exact words but something that gave me the impression that it's says its secure but doesn't seem secure. By the way, not the "invalid certificate error."

4.When I scanned with ESET Online Scanner yesterday, I checked the "scan for potentially unwanted and unsafe programs", it found 3 unwanted/unsafe apps( Really it was just one... Checksum Verify.exe, The installation file, the program file, and the shortcut were found for a total of 3), I clicked to uninstall and delete the programs but it's still completely intact AND the eset online scan log I exported to my desktop isn't there. This probably has something to do with the Windows popup after the scan was over saying "This program may not have installed coreectly." All ESET Scanning after that doesn't even recognze ChecksumVerifiy.exe as a threat again even though I have scanned 3 more times and the program is still there. After the last ESET Online scan, I got the prompt to uninstall esetsmartinstaller upon exit, which was the first time I saw that prompt. Why after multiple scans do I all of a sudden see the prompt to uninstall it? I clicked "uninstall upon exit" but nothing happenned. I tried manually uninstalling by runnining the uninstaller in the ESET Online Scanner folder but I keep getting the msg that it has been successfully uninstalled...even though it hasn't. (Thinking back now, I actually think I get that " the program may have installed incorrectly" message more than I should. But if the program opens after install, I click "It installed correctly.")

-Event log says:
Activation context generation failed for "C:\Users\Julie\Desktop\esetsmartinstaller_enu.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

5. This morning, Windows popup now tells me SAS has been switched to compatibility mode, all of a sudden.

6. My Event Log is going crazy with errors and warnings but I don't know what they mean. I googled...still clueless.


What I have Done So Far:

After noticing clue #3 from above:

I ran full scans (as administrator), first mbam, then NOD32 in depth, then SAS...first in normal then safe mode - nothing found. But I was infected a year or 2 ago and I will never forget how hard that sucker was to find, took me over a week of scanning! So I ran Microsoft Malicious Software removal Tool(full scan) and TDSS Killer (both normal then safe mode) and finally decided to load Hitman Pro on a usb stick from a clean PC, and run it in safe mode on my laptop just to be sure. It came up clean as well.

I cleared browser cache/tmp files, blocked headers/3rd party cookies.

I'm going to have to stop here or my post will be ignored due to lengthiness. I think I have a clue as to what the problem is but thats another long explnation regarding virus scanners hanging on $Recycle.Bin S-1-5-21 for 4 minutes before moving on, unknown user S-1-5-21 with special permissions, and registry leaks in my event log. I'm not qualified to understand or explain what I am seeing! But I don't belive my AV scans.

Now yesterday and today, I notice #4, 5 and 6 of symptom list up there.


FYI - The "clean pc" I loaded Hitman on crashed a few mins later with a blue screen with the message "Windows shut down to prevent damage to your computer." That's when I realized I had used the usb in my laptop recently. Then it started freezing up every few mins. Did I spread that from my laptop? I ran mbam in safe mode on the maybe-not-so-clean pc. All it found were 2 PUM.Disabled.....not really a threat. Coincidence, probably? It's running fine now.
I don't care about the PC, I can afford a new one and what's done is done-but hopefully not bank related. Just thought that info might be useful/related.

Let me know if you need other info...I am so confused!

Edited by hamluis, 27 July 2011 - 04:40 PM.
Merged topics.

"I reject your reality and substitute my own."
- Mythbusters

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 23 July 2011 - 10:43 PM

Please post the logs from these scans:

MalwareBytes Pro - on-demand scanning though I used to run it realtime
SuperAntiSpyware Pro - real time

#3 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 24 July 2011 - 09:09 PM

I ran them again. Here are the results.

--------------------------

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7258

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

7/24/2011 12:53:10 AM
mbam-log-2011-07-24 (00-53-10).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 355753
Time elapsed: 54 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

----------------------------

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/24/2011 at 08:10 PM

Application Version : 4.55.1000

Core Rules Database Version : 7452
Trace Rules Database Version: 5264

Scan type : Complete Scan
Total Scan Time : 01:39:15

Memory items scanned : 497
Memory threats detected : 0
Registry items scanned : 12082
Registry threats detected : 0
File items scanned : 173635
File threats detected : 0


But still, nothing. My event log is still full of errors and warnings of registry leaks, custom dynamic libraries being built, and fatal errors, among other things, in Applications and System logs... for some reason access is denied(error 5) for Security logs even when logged in as admin. Don't know what the problem is. When I google fatal error 48, I see a relation to ssl certificates. I don't know what info is important and what is not so I'm sorry if I include un-needed details. But I keep refusing a certificate from spotify.com issued by comodo because as far as I know, I don't have an application on my computer with any relation to spotify and when I googled spotify and comodo, the result list was tainted with virus/malware/hacked fraudulent ssl certificates.

My browser is still giving me issues. I usually use Firefox but am checking IE, Safari, and Opera and my results are consistant across all of them. For some google result links, I click on them and am taken to an error page that tells me (firefox)"The connection was reset while the page was loading." In IE, the message is "Internet Explorer cannot display the webpage." However, if I right click and open the link in a new tab, I get the actual page, and if that doesn't work, I can copy and paste the link location to notepad then copy that back to the address bar. Between those options, it usually works, but not always. Maybe that info is useful?
"I reject your reality and substitute my own."
- Mythbusters

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 24 July 2011 - 09:37 PM

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#5 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 24 July 2011 - 11:10 PM

Thank you so much, cryptodan, for your help. I really do appreciate it.

MiniToolBox by Farbar
Ran by BossLady (administrator) on 24-07-2011 at 23:56:31
Windows 7 Home Premium Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bitty-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-23-5A-74-66-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
Physical Address. . . . . . . . . : 70-1A-04-B0-5F-B0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f9a2:d9af:9413:ddeb%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, July 24, 2011 2:09:36 PM
Lease Expires . . . . . . . . . . : Sunday, July 31, 2011 8:56:16 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 191896068
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-DE-AA-EE-70-1A-04-B0-5F-B0
DNS Servers . . . . . . . . . . . : 68.87.75.198
68.87.64.150
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{FD12E0A4-0BC6-4EA2-A0B4-295544EC2A8C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cns.summitpark.pa.pitt.comcast.net
Address: 68.87.75.198

Name: google.com
Addresses: 74.125.91.105
74.125.91.106
74.125.91.147
74.125.91.104
74.125.91.103
74.125.91.99


Pinging google.com [74.125.93.104] with 32 bytes of data:
Reply from 74.125.93.104: bytes=32 time=40ms TTL=48
Reply from 74.125.93.104: bytes=32 time=45ms TTL=48

Ping statistics for 74.125.93.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 45ms, Average = 42ms
Server: cns.summitpark.pa.pitt.comcast.net
Address: 68.87.75.198

Name: yahoo.com
Addresses: 67.195.160.76
69.147.125.65
72.30.2.43
98.137.149.56
209.191.122.70


Pinging yahoo.com [69.147.125.65] with 32 bytes of data:
Reply from 69.147.125.65: bytes=32 time=29ms TTL=51
Reply from 69.147.125.65: bytes=32 time=29ms TTL=51

Ping statistics for 69.147.125.65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 29ms, Average = 29ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 23 5a 74 66 0c ......Broadcom NetLink ™ Gigabit Ethernet
10...70 1a 04 b0 5f b0 ......Atheros AR5B93 Wireless Network Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.107 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.107 281
192.168.0.107 255.255.255.255 On-link 192.168.0.107 281
192.168.0.255 255.255.255.255 On-link 192.168.0.107 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.107 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.107 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::f9a2:d9af:9413:ddeb/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/23/2011 05:47:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 05:46:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 05:46:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 05:46:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 02:06:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 02:06:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 02:06:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/23/2011 02:03:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: SUPERAntiSpyware.exe, version: 4.55.0.1000, time stamp: 0x4e0c7f11
Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c8f9
Exception code: 0xc000041d
Fault offset: 0x00000000000cd7d8
Faulting process id: 0x83c
Faulting application start time: 0xSUPERAntiSpyware.exe0
Faulting application path: SUPERAntiSpyware.exe1
Faulting module path: SUPERAntiSpyware.exe2
Report Id: SUPERAntiSpyware.exe3

Error: (07/23/2011 01:59:56 PM) (Source: Application Hang) (User: )
Description: The program SpybotSD.exe version 1.6.2.46 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7a0

Start Time: 01cc496184f0e2f5

Termination Time: 10

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

Report Id:

Error: (07/23/2011 01:46:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/24/2011 11:52:34 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 11:50:11 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 11:50:11 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 11:42:51 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 11:10:56 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 10:45:46 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 10:42:06 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 09:04:47 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 09:02:47 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.

Error: (07/24/2011 09:00:50 PM) (Source: Schannel) (User: SYSTEM)
Description: The following fatal alert was received: 48.


Microsoft Office Sessions:
=========================
Error: (07/23/2011 05:47:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/23/2011 05:46:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe

Error: (07/23/2011 05:46:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe

Error: (07/23/2011 05:46:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe

Error: (07/23/2011 02:06:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe

Error: (07/23/2011 02:06:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe

Error: (07/23/2011 02:06:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe

Error: (07/23/2011 02:03:50 PM) (Source: Application Error)(User: )
Description: SUPERAntiSpyware.exe4.55.0.10004e0c7f11ntdll.dll6.1.7601.175144ce7c8f9c000041d00000000000cd7d883c01cc4962d4b64c68C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Windows\SYSTEM32\ntdll.dll1e0a1140-b556-11e0-8b13-00235a74660c

Error: (07/23/2011 01:59:56 PM) (Source: Application Hang)(User: )
Description: SpybotSD.exe1.6.2.467a001cc496184f0e2f510C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

Error: (07/23/2011 01:46:43 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julie\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.6.0.19140)
Adobe Community Help (Version: 3.5.23)
Adobe Creative Suite 5 Design Premium (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.52.14)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.32)
Adobe Flash Player 10 Plugin (Version: 10.1.52.14)
Adobe Flash Player 10 Plugin (Version: 10.2.152.32)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.0.1) (Version: 10.0.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AMD USB Filter Driver (Version: 1.0.11.86)
Apple Application Support (Version: 1.5.1)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.732.0)
Backup Manager Basic (Version: 2.0.0.29)
Bejeweled 3 (Version: 2.2.0.95)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full Existing (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Full New (Version: 2009.0729.2227.38498)
Catalyst Control Center Graphics Light (Version: 2009.0729.2227.38498)
Catalyst Control Center InstallProxy (Version: 2009.0729.2227.38498)
Catalyst Control Center Localization All (Version: 2009.0729.2227.38498)
ccc-core-static (Version: 2009.0729.2227.38498)
ccc-utility64 (Version: 2009.0729.2227.38498)
CCC Help Chinese Standard (Version: 2009.0729.2226.38498)
CCC Help Chinese Traditional (Version: 2009.0729.2226.38498)
CCC Help Czech (Version: 2009.0729.2226.38498)
CCC Help Danish (Version: 2009.0729.2226.38498)
CCC Help Dutch (Version: 2009.0729.2226.38498)
CCC Help English (Version: 2009.0729.2226.38498)
CCC Help Finnish (Version: 2009.0729.2226.38498)
CCC Help French (Version: 2009.0729.2226.38498)
CCC Help German (Version: 2009.0729.2226.38498)
CCC Help Greek (Version: 2009.0729.2226.38498)
CCC Help Hungarian (Version: 2009.0729.2226.38498)
CCC Help Italian (Version: 2009.0729.2226.38498)
CCC Help Japanese (Version: 2009.0729.2226.38498)
CCC Help Korean (Version: 2009.0729.2226.38498)
CCC Help Norwegian (Version: 2009.0729.2226.38498)
CCC Help Polish (Version: 2009.0729.2226.38498)
CCC Help Portuguese (Version: 2009.0729.2226.38498)
CCC Help Russian (Version: 2009.0729.2226.38498)
CCC Help Spanish (Version: 2009.0729.2226.38498)
CCC Help Swedish (Version: 2009.0729.2226.38498)
CCC Help Thai (Version: 2009.0729.2226.38498)
CCC Help Turkish (Version: 2009.0729.2226.38498)
Checksum Verify version 1.1.0 (Version: 1.1.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
CyberLink Power2Go (Version: 6.0.3108)
CyberLink PowerDVD 8 (Version: 8.0.3402)
ESET NOD32 Antivirus (Version: 4.2.71.2)
Gateway Games (Version: 1.0.2.5)
Gateway InfoCentre (Version: 3.02.3000)
Gateway MyBackup (Version: 2.0.0.29)
Gateway Power Management (Version: 4.05.3004)
Gateway Recovery Management (Version: 4.05.3006)
Gateway Registration (Version: 1.02.3006)
Gateway ScreenSaver (Version: 1.7.0730)
Gateway Updater (Version: 1.01.3017)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.4.56)
Identity Card (Version: 1.00.3003)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Launch Manager (Version: 3.0.06)
Macromedia Extension Manager (Version: 1.7.240)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 5.0 (x86 en-US) (Version: 5.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
Opera 11.50 (Version: 11.50.1074)
PDF Settings CS5 (Version: 10.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
Revo Uninstaller 1.92 (Version: 1.92)
Safari (Version: 5.33.21.1)
Sandboxie 3.56 (64-bit)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 4.55.1000)
Synaptics Pointing Device Driver (Version: 14.0.4.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update Installer for WildTangent Games App
Video Web Camera (Version: 0.5.11.1)
Welcome Center (Version: 1.00.3009)
WildTangent Games App (Gateway Games) (Version: 4.0.5.5)
Windows Live Sync (Version: 14.0.8089.726)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 3836.2 MB
Available physical RAM: 2514.26 MB
Total Pagefile: 7670.6 MB
Available Pagefile: 6342.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.7 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:453.66 GB) (Free:404.84 GB) NTFS

========================= Users: ========================================

User accounts for \\BITTY-PC

Administrator BossLady Bubble Gum
Guest Julie

========================= Minidump Files ==================================

No minidump file found

== End of log ==
"I reject your reality and substitute my own."
- Mythbusters

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 24 July 2011 - 11:28 PM

Is the redirects still happening?

#7 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 25 July 2011 - 12:20 AM

Thanks. Well I can't be sure at the moment because, as I said before, it's not all google result links. I think IE is responding better, not too sure but I'll do some random browsing and see how it works out. Firefox is giving me an untrusted connection error for any sites with a https prefix due to unknown issuer of ssl certificate, but I believe that's just because ff has issues with ESET Root Certificate. Don't know how to stop that from comming up. But I did open up Safari and googled Bank of America. When I clicked the link I got:

"Safari can’t open the page “https://sitekey.bankofamerica.com/”. The error is: “unknown error” (kCFErrorDomainWinSock:10054) Please choose Help > Report Bugs to Apple, note the error number, and describe what you did before you saw this message."

Not quite sure what's going on. I'll check back here tomorrow. Thanks for your help so far, cryptodan.
"I reject your reality and substitute my own."
- Mythbusters

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 25 July 2011 - 12:27 AM

Try not using Safari use Firefox or IE.

How is the time on your computer?

#9 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 26 July 2011 - 11:04 PM

Testing firefox was impossible due to ESET ssl certificate issues, which began when I checked the preference to "scan all ssl protocall" after my first suspicions started. Since then, I didn't get the original untrusted connection message, I got the invalid certificate error due to unknown issuer message, instead. I followed the recomended instructions to change it back to the default "do not scan ssl protocall" but couldn't get it to work. The final suggestion in the ESET forum was to do a clean install of ESET AntiVirus and reinstall firefox which I was hesitant to do because I really do think something is wrong. IE, from what I read doesn't have the same compatibility issues as firefox with the ESET Root Cert (neither does any other browser, to my knowledge) but I was still having problems when I tried to access ssl sites I had never been to. I did a clean install of ESET, I uninstalled firefox via RevoUninstaller, with moderate uninstall option, checking the box to remove all of my private data...bookmarks, passwords, etc. AND I manually deleted firefox, folders in Program files and temp directories.
After dealing with those 2, I just went ahead and uninstalled Safari and Opera. Then reinstalled firefox.
This was odd:

1. Right after the firefox uninstall, I got another popup informing me "This program may not have installed correctly" about Revo-Uninstaller, which I have used before and never had an issue with. But now it is being switched to compatibility mode? Why?

2. I always make sure to restart my computer after any uninstall/installation to be sure it's complete, but when I reinstalled firefox, my addons, bookmarks, and passwords were intact.

As of this point, I am not getting any errors or warnings in firefox or IE but I wondered if any sort of protection was actually working so I downloaded the ecair test file to test ESET and didn't get any warning that I was downloading an infected file. So I scanned the file directly with ESET which did indicate it was "infected" but there was no indication that it was quarantined nor was there ANY option to remove, clean or delete it!

I honestly think there is a link to the folder in $Recycle.Bin S-1-5-21 because I keep seeing it in my event log. I also keep seeing "users failed to log on" even though I am logging on just fine, there's eset-smartinstaller.exe and SAS errors clogging up my application log nearly every minute even though I'm not using them and why in the world is explorer.exe trying to log on to my guest account?

Logon Type: 3

Account For Which Logon Failed:
Security ID: NULL SID
Account Name: Guest
Account Domain: BITTY-PC

Failure Information:
Failure Reason: Account currently disabled.
Status: 0xc000006e
Sub Status: 0xc0000072

Process Information:
Caller Process ID: 0x6f0
Caller Process Name: C:\Windows\explorer.exe
"I reject your reality and substitute my own."
- Mythbusters

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 27 July 2011 - 04:57 AM

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic.

#11 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 27 July 2011 - 02:20 PM

I will do this. But I hava a question; Since my computer is not running slow, should I follow the steps for that page? Defrag, chkdisk, device check, etc? Or do I risk messing with whatever the cause of the odd behavior is?

Thanks. I'll get started right away on the backup step.
"I reject your reality and substitute my own."
- Mythbusters

#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 27 July 2011 - 02:22 PM

Id wait to do the other things when you get an all clean from the Malware Removal helper.

#13 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 27 July 2011 - 02:27 PM

I'm already discussing a possible infection in the "am I infected" forum but know that everyone helping is very busy, so I just figured I'd ask this here since it's a simple question.
Is it typical to see C:\Users\Public\OEM\System Restore\Burn Engine.log?

I don't see anyone who has asked this so am wonering if it's suspicious. Thank you.
"I reject your reality and substitute my own."
- Mythbusters

#14 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:04:22 AM

Posted 27 July 2011 - 02:29 PM

What kind of computer do you have?

#15 Jewel431

Jewel431
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 27 July 2011 - 02:38 PM

Wow, that was fast!
Gateway NV73
Windows 7 64bit

Is that enough info, or do you need more?
"I reject your reality and substitute my own."
- Mythbusters




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users