Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Definitely Infected: Google Search Redirect/Unwanted Ads


  • This topic is locked This topic is locked
9 replies to this topic

#1 downwitk

downwitk

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:39 AM

Posted 14 February 2014 - 06:57 PM

Hello, 

 

I am infected with some sort of malware or spyware. It redirects my google searches. It generates several annoying, unrelated advertisements. It's also diminishing browser speed. 

 

I've tried everything I know to fix (which isn't much) but have been unsuccessful. I've run avast boot-time scan, malwarebytes scan, and mcafee. I am out of solutions.  

 

Anyone got a solution? It would be greatly appreciated. 

 

downwitk



BC AdBot (Login to Remove)

 


#2 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:39 AM

Posted 14 February 2014 - 09:42 PM

I am also getting the following message even while visiting credible sites such as ebay. 

 

Warning!

 

Windows may have been infected.                                        

Please call 1 (855) 753 9334 for immediate support. 



#3 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:39 PM

Posted 15 February 2014 - 01:56 AM

Hello downwitk -

Can  you please help us with a few details, and a few prelim scans -

Please Copy and Paste all responses, and add any extra details to help us.

Download all programs to desktop to run them, and only take one step at a time -

 

First -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

Next -

Download MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 Click Go and copy / paste the result (Result.txt).

 

Next -

Please download and run RKill by Grinler.
A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

Please post the small log back here

 

Important: Do not reboot your computer until you complete the next step.

 

Now: Please download AdwCleaner by Xplode and save to your Desktop.
NOTE : Please close or save all work, as the computer will be Rebooted
Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button. (only once)
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. 
If you see any which you do not want removed, remove the check mark next to it. 
Next: Click on the Clean button (only once) to remove the selected items. 
You will receive a message telling you that all programs will be close so that the infections can be removed. 
Click on OK, and then OK again to confirm the reboot.
When cleaning process is complete a log (AdwCleaner[S0].txt ) of what was removed will be on your desktop. 
Please copy and the paste this log in your next post.

A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



#4 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:39 AM

Posted 15 February 2014 - 08:11 AM

After Running Security Check:

 

UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

 

 

After Running Minitoolbox:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by #$%^&*(&^%$##@ (administrator) on 15-02-2014 at 08:01:27
Running from "C:\Users\#$%$#$%$$$$$$$\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled metric=0 nud=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : %%%%%%%%%%%%%%
   Primary Dns Suffix  . . . . . . . : %%%%%%%%%5
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : %%%%%%%%%%
                                       %%%%%%
 
Ethernet adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : PAN Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : %%-%%-%%-%%-%%-%%
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . :%%-%%-%%-%%-%%-%%-%%
  DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : %%-%%-%%-%%-%%-%%-%%
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
   Physical Address. . . . . . . . . : %%-%%-%%-%%-%%-%%-%%
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9022:2498:7c60:e592%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : %%-%%-%%-%%-%%-%%-%%(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, February 15, 2014 7:37:42 AM
   Lease Expires . . . . . . . . . . : Saturday, February 15, 2014 9:37:42 AM
   Default Gateway . . . . . . . . . : %%-%%-%%-%%-%%-%%-%%
   DHCP Server . . . . . . . . . . . : %%-%%-%%-%%-%%-%%-%%
   DHCPv6 IAID . . . . . . . . . . . : 241734691
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-2D-D5-EC-D4-BE-D9-5A-BF-03
   DNS Servers . . . . . . . . . . . : fe80::2d:ac28:3796:fe90%12
                                       %%-%%-%%-%%-%%-%%-%%
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : carolina.rr.com
   Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
   Physical Address. . . . . . . . . : D4-BE-D9-5A-BF-03
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{4E9AD890-049C-487A-B159-006206913861}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{3DBD35AB-CA8E-4246-986A-1DF7A27360BF}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{EB13C966-F5F3-44AF-A6A5-89C47EC32617}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2cc1:123d:b8b4:7aab(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2cc1:123d:b8b4:7aab%14(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{0731C4A9-0715-4189-93F3-DD881E81C7FE}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.carolina.rr.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fe80::2d:ac28:3796:fe90
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging google.com [74.125.228.46] with 32 bytes of data:
Reply from 74.125.228.46: bytes=32 time=329ms TTL=54
Reply from 74.125.228.46: bytes=32 time=29ms TTL=54
 
Ping statistics for 74.125.228.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 329ms, Average = 179ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fe80::2d:ac28:3796:fe90
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=122ms TTL=48
Reply from 98.138.253.109: bytes=32 time=84ms TTL=48
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 84ms, Maximum = 122ms, Average = 103ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...02 50 41 00 00 01 ......PAN Virtual Ethernet Adapter
 16...68 94 23 31 b7 ef ......Microsoft Virtual WiFi Miniport Adapter
 13...00 ff 4e 9a d8 90 ......TAP-Win32 Adapter V9
 12...68 94 23 31 b7 ef ......DW1501 Wireless-N WLAN Half-Mini Card
 11...d4 be d9 5a bf 03 ......Intel® 82579LM Gigabit Network Connection
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.5.1    192.168.5.102     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.5.0    255.255.255.0         On-link     192.168.5.102    281
    192.168.5.102  255.255.255.255         On-link     192.168.5.102    281
    192.168.5.255  255.255.255.255         On-link     192.168.5.102    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.5.102    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.5.102    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:2cc1:123d:b8b4:7aab/128
                                    On-link
 12    281 fe80::/64                On-link
 14    306 fe80::/64                On-link
 14    306 fe80::2cc1:123d:b8b4:7aab/128
                                    On-link
 12    281 fe80::9022:2498:7c60:e592/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/15/2014 02:42:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2340
 
Error: (02/15/2014 02:42:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2340
 
Error: (02/15/2014 02:42:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/15/2014 02:42:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1279
 
Error: (02/15/2014 02:42:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1279
 
Error: (02/15/2014 02:42:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/15/2014 00:42:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2714
 
Error: (02/15/2014 00:42:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2714
 
Error: (02/15/2014 00:42:01 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/15/2014 00:42:00 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1606
 
 
System errors:
=============
Error: (02/15/2014 07:38:09 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain DOMAIN due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (02/14/2014 11:13:06 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
Error: (02/15/2014 02:42:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2340
 
Error: (02/15/2014 02:42:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2340
 
Error: (02/15/2014 02:42:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/15/2014 02:42:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1279
 
Error: (02/15/2014 02:42:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1279
 
Error: (02/15/2014 02:42:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/15/2014 00:42:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2714
 
Error: (02/15/2014 00:42:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2714
 
Error: (02/15/2014 00:42:01 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/15/2014 00:42:00 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1606
 
 
=========================== Installed Programs ============================
 
AccelerometerP11 (Version: 2.00.10.33)
Adobe Acrobat X Standard - English, Français, Deutsch (Version: 10.0.0)
Adobe AIR (Version: 3.5.0.600)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
BioAPI Framework (Version: 1.0.2)
Bonjour (Version: 3.0.0.10)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco Packet Tracer 6.0
Cisco PEAP Module (Version: 1.1.6)
Custom (Version: 01.00.00.000)
CyberLink PowerDVD 9.5 (Version: 9.5.1.5425)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Client System Update (Version: 1.2.3)
Dell ControlVault Host Components Installer (Version: 2.2.117.284)
Dell Data Protection | Access (Version: 2.2.00001.000)
Dell Edoc Viewer (Version: 1.0.0)
Dell Feature Enhancement Pack (Version: 2.1.000)
Dell Touchpad (Version: 7.1208.101.125)
DellAccess (Version: 01.00.00.149)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card Utility (Version: 5.100.235.13)
EMBASSY Client Core (Version: 01.00.00.055)
FaxFinder Client Software (Version: 2.1.0)
Gemalto (Version: 01.01.01.0000)
Google Apps Migration For Microsoft Outlook® 2.3.12.34 (Version: 2.3.12.34)
Google Apps Sync™ for Microsoft Outlook® 3.2.353.947 (Version: 3.2.353.947)
Google Chrome (Version: 34.0.1838.2)
Google Drive (Version: 1.13.5782.599)
Google Earth (Version: 7.1.2.2041)
Google Talk (remove only)
Google Update Helper (Version: 1.3.22.3)
iCloud (Version: 2.1.2.8)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Identity Protection Technology 1.2.27.0 (Version: 1.2.27.0)
Intel® Management Engine Components (Version: 7.1.50.1172)
Intel® Network Connections 16.8.45.00 (Version: 16.8.45.00)
Intel® Processor Graphics (Version: 8.15.10.2418)
iTunes (Version: 11.0.4.4)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
Junk Mail filter update (Version: 16.4.3505.0912)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Online Backup
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 12.8.908)
McAfee Virtual Technician (Version: 7.5.0.3026)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (Version: 17.0.2006.0314)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetConnect (Version: 1.1.11)
NetConnect Installer (Version: 1.1.1033)
NTRU TCG Software Stack (Version: 2.1.37)
O2Micro Flash Memory Card Windows Driver (Version: 3.0.07.23)
Office Tab FreeEdition 9.51
PC-CCID (Version: 2.0.0)
Photo Gallery (Version: 16.4.3505.0912)
PhotoShowExpress (Version: 2.0.063)
Preboot Manager (Version: 03.02.00.119)
Private Information Manager (Version: 07.00.00.059)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.6)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x86 (Version: 10.0.0)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPBA 5.9 (Version: 5.9.4.6901)
Spotify (Version: 0.9.7.16.g4b197456)
swMSM (Version: 12.0.0.1)
Trusted Drive Manager (Version: 4.5.0.136)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
WatchGuard Mobile VPN with SSL client 11.3.4
Wave Infrastructure Installer (Version: 07.03.60.0020)
Wave Support Software Installer (Version: 05.12.00.068)
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 66%
Total physical RAM: 3241.02 MB
Available physical RAM: 1091.74 MB
Total Pagefile: 6480.32 MB
Available Pagefile: 3207.24 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.89 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:452.47 GB) (Free:395.66 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\%%-%%-%%-%%-%%-%%-%%
 
Administrator            Guest                    
 
========================= Minidump Files ==================================
 
**** End of log ****
 

After Running Rkill

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/15/2014 08:04:12 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * c:\Windows\system32\srvany.exe (PID: 2328) [WD-HEUR]
 * C:\Users\%%-%%-%%-%%-%%-%%-%%\AppData\Local\Autobahn\nexdef.exe (PID: 5552) [UP-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/15/2014 08:06:18 AM
Execution time: 0 hours(s), 2 minute(s), and 6 seconds(s)
 
After Running AdwCleaner
 
# AdwCleaner v3.018 - Report created 15/02/2014 at 08:08:07
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 ProfeKssional Service Pack 1 (32 bits)
# Username : %%-%%-%%-%%-%%-%%-%%
# Running from : C:\Users\%%-%%-%%-%%-%%-%%-%%\Downloads\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\SoftwareUpdater
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\%%-%%-%%-%%-%%-%%-%%\AppData\Roaming\Mozilla\Firefox\Profiles\1nw8us1y.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\%%-%%-%%-%%-%%-%%-%%\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\%%-%%-%%-%%-%%-%%-%%\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\%%-%%-%%-%%-%%-%%-%%\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2895 octets] - [14/02/2014 21:44:03]
AdwCleaner[R1].txt - [1301 octets] - [14/02/2014 21:55:32]
AdwCleaner[R2].txt - [1152 octets] - [15/02/2014 08:08:07]
AdwCleaner[S0].txt - [2794 octets] - [14/02/2014 21:47:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1272 octets] ##########
 
 
 
THanks for your help. 
 
downwitk

Edited by downwitk, 15 February 2014 - 08:58 AM.


#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:39 PM

Posted 15 February 2014 - 06:19 PM

OK -

Please Update your Malwarebytes Anti-Malware program.

Run a Full Scan and Copy and Paste the log produced.

 

Then try this -

Download TDSSKiller and save it to your desktop.
* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.



#6 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:39 AM

Posted 16 February 2014 - 01:58 PM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.02.16.04

 

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 11.0.9600.16518

%%%%%%% ::%%%%%%%%%%%%%%5 [administrator]

 

Protection: Enabled

 

2/16/2014 12:10:25 PM

mbam-log-2014-02-16 (12-10-25).txt

 

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 438583

Time elapsed: 1 hour(s), 37 minute(s), 2 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

 

 

 

 

 

 

 

 

 

 

13:55:35.0872 0x23b8  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41

13:55:38.0834 0x23b8  ============================================================

13:55:38.0834 0x23b8  Current date / time: 2014/02/16 13:55:38.0834

13:55:38.0834 0x23b8  SystemInfo:

13:55:38.0834 0x23b8 

13:55:38.0834 0x23b8  OS Version: 6.1.7601 ServicePack: 1.0

13:55:38.0834 0x23b8  Product type: Workstation

13:55:38.0834 0x23b8  ComputerName: &&&&&&&&

13:55:38.0835 0x23b8  UserName: &&&&&&&&&&

13:55:38.0835 0x23b8  Windows directory: C:\Windows

13:55:38.0835 0x23b8  System windows directory: C:\Windows

13:55:38.0835 0x23b8  Processor architecture: Intel x86

13:55:38.0835 0x23b8  Number of processors: 4

13:55:38.0835 0x23b8  Page size: 0x1000

13:55:38.0835 0x23b8  Boot type: Normal boot

13:55:38.0835 0x23b8  ============================================================

13:55:39.0066 0x23b8  KLMD registered as C:\Windows\system32\drivers\39311550.sys

13:55:39.0364 0x23b8  System UUID: {1CF112CC-4095-FD70-EB1C-DC77DA58491D}

13:55:40.0251 0x23b8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:55:40.0253 0x23b8  ============================================================

13:55:40.0253 0x23b8  \Device\Harddisk0\DR0:

13:55:40.0253 0x23b8  MBR partitions:

13:55:40.0253 0x23b8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A80000

13:55:40.0253 0x23b8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A94000, BlocksNum 0x388F0000

13:55:40.0253 0x23b8  ============================================================

13:55:40.0286 0x23b8  C: <-> \Device\Harddisk0\DR0\Partition2

13:55:40.0286 0x23b8  ============================================================

13:55:40.0286 0x23b8  Initialize success

13:55:40.0286 0x23b8  ============================================================

13:55:50.0560 0x0cac  ============================================================

13:55:50.0560 0x0cac  Scan started

13:55:50.0560 0x0cac  Mode: Manual;

13:55:50.0560 0x0cac  ============================================================

13:55:50.0560 0x0cac  KSN ping started

13:55:53.0214 0x0cac  KSN ping finished: true

13:55:53.0390 0x0cac  ================ Scan system memory ========================

13:55:53.0390 0x0cac  System memory - ok

13:55:53.0392 0x0cac  ================ Scan services =============================

13:55:53.0615 0x0cac  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

13:55:53.0619 0x0cac  1394ohci - ok

13:55:53.0671 0x0cac  [ EDC50031D6AB9180B3B3BD1C547C7D0A, E9AB4DDF6CF64974C5DE217BCABD232A9612621527B484E1FC7B4317A49FBB05 ] Acceler         C:\Windows\system32\DRIVERS\accelern.sys

13:55:53.0673 0x0cac  Acceler - ok

13:55:53.0701 0x0cac  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys

13:55:53.0710 0x0cac  ACPI - ok

13:55:53.0718 0x0cac  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

13:55:53.0719 0x0cac  AcpiPmi - ok

13:55:53.0769 0x0cac  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

13:55:53.0779 0x0cac  AdobeFlashPlayerUpdateSvc - ok

13:55:53.0801 0x0cac  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

13:55:53.0815 0x0cac  adp94xx - ok

13:55:53.0858 0x0cac  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys

13:55:53.0867 0x0cac  adpahci - ok

13:55:53.0880 0x0cac  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys

13:55:53.0884 0x0cac  adpu320 - ok

13:55:53.0922 0x0cac  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

13:55:53.0925 0x0cac  AeLookupSvc - ok

13:55:53.0968 0x0cac  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Program Files\IDT\WDM\aestsrv.exe

13:55:53.0971 0x0cac  AESTFilters - ok

13:55:54.0025 0x0cac  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys

13:55:54.0035 0x0cac  AFD - ok

13:55:54.0067 0x0cac  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys

13:55:54.0070 0x0cac  agp440 - ok

13:55:54.0096 0x0cac  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

13:55:54.0099 0x0cac  aic78xx - ok



#7 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:39 PM

Posted 16 February 2014 - 03:38 PM

Hi -

Has anything at all changed since you started these scans ??

 

Do you still get all of the same messages and problems ??

 

Please just put Owner if you wish to cover these entries, rather than mixed items -
UserName: &&&&&&&&&&
%%%%%%% ::%%%%%%%%%%%%%%5 [administrator]
C:\Users\%%-%%-%%-%%-%%-%%-%%
User accounts for \\%%-%%-%%-%%-%%-%%-%%
Ran by #$%^&*(&^%$##@ (administrator)
C:\Users\#$%$#$%$$$$$$$\Downloads


Edited by noknojon, 16 February 2014 - 03:48 PM.


#8 downwitk

downwitk
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:39 AM

Posted 16 February 2014 - 04:28 PM

Duly noted.

 

No it doesn't appear anything has changed. I still have the same issues. When I do a google search in chrome and hover over a result, the page begins jumping around. It also generates weird search results/ads as often unrelated to the search.

 

Computer performance seems to be diminished as well. I've probably run 8-10 scans now and none of haved the issue.

 

downwitk



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:39 PM

Posted 17 February 2014 - 03:04 AM

Hello -

The problem seems well hidden, and we can only run basic tools in this area.

You do need further help in the Experts Forum Area -

 

Please follow the instructions in THIS PREP GUIDE starting at Step #6.

Note :If you cannot complete a step, skip it and continue.

 

Once the proper logs are created, make a NEW TOPIC and post it to Virus, Trojan, Spyware, and Malware Removal Logs. Not back Here.

 

Please use Copy / Paste for your answers (as you have been doing).

 

If Help Bot responds to your post, please follow its Step #1 and the Malware Response team will be notified.



#10 hamluis

hamluis

    Moderator


  • Moderator
  • 55,874 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:39 AM

Posted 21 February 2014 - 04:35 PM

MRL topic at http://www.bleepingcomputer.com/forums/t/524674/google-search-redirectwebsite-redirect-issues/ .

 

OP receiving assistance currently.

 

To prevent confusion, this topic is now closed.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users