Active Google Redirecting Problem

asdfghjkl · 2009/09/15

o__O
activate adobe? haha
my friend used that to try to avoid typing in the authorization code again on my computer cuz he lost it
that's odd

THANKS FOR YOUR FEEDBACK
UR GOLDEN ^^

broni · 2009/09/15

I'll be, if we fix it

asdfghjkl · 2009/09/18

None of my apps are working after I ran that
Itunes won't open
Microsoft Word is installing stuff
And I did let it run unhindered.
odd
I'll reboot my comp again.

broni · 2009/09/18

Ok...

asdfghjkl · 2009/09/18

OTL logfile created on: 9/18/2009 7:58:56 PM - Run 2
OTL by OldTimer - Version 3.0.14.0 Folder = C:\Users\AznOrigami (Leon)\Desktop
Windows Vista Enterprise Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16890)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.75 Gb Available Physical Memory | 37.77% Memory free
4.00 Gb Paging File | 2.94 Gb Available in Paging File | 73.39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 362.27 Gb Total Space | 232.72 Gb Free Space | 64.24% Space Free | Partition Type: NTFS
Drive D: | 10.34 Gb Total Space | 1.39 Gb Free Space | 13.46% Space Free | Partition Type: NTFS
Drive E: | 2.54 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AZNORIGAMILE-PC
Current User Name: AznOrigami (Leon)
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/08/17 08:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/17 09:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/06/30 09:55:40 | 02,329,224 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2009/08/11 11:01:23 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2006/10/12 19:38:04 | 00,958,464 | ---- | M] () -- C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WlanMon.exe
PRC - [2006/06/29 17:34:20 | 00,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009/09/08 21:09:42 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/03/25 17:07:22 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2008/03/25 17:07:34 | 00,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2008/03/25 17:07:36 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009/08/19 10:26:35 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/02/27 17:10:28 | 00,035,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
PRC - [2009/08/17 09:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/09/13 14:00:19 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2007/01/01 14:22:02 | 03,739,648 | ---- | M] (Google) -- C:\Users\AznOrigami (Leon)\AppData\Roaming\Google\Google Talk\googletalk.exe
PRC - [2009/07/09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2009/06/01 20:30:54 | 05,804,032 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe
PRC - [2007/07/27 11:49:46 | 00,036,864 | ---- | M] (Realtek) -- C:\Program Files\Airlink101\Airlink101 Cardbus & PCI Wireless LAN Utility\RtlService.exe
PRC - [2008/05/08 14:00:32 | 00,843,776 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\Airlink101\Airlink101 Cardbus & PCI Wireless LAN Utility\RtWlan.exe
PRC - [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2009/08/17 09:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/17 09:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/09/08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/12 09:54:52 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2009/09/15 20:35:40 | 00,514,560 | ---- | M] (OldTimer Tools) -- C:\Users\AznOrigami (Leon)\Desktop\OTL.exe
PRC - [2009/04/24 10:15:26 | 01,046,152 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\IObitUpdate.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/07/09 12:22:18 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/08/17 08:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/08/17 09:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/08/17 09:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/08/17 09:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2006/11/01 23:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2006/11/02 02:46:13 | 00,989,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/08/11 13:46:10 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2006/11/02 05:36:31 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2006/11/02 05:36:33 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/09/08 21:09:30 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])
SRV - [2009/06/01 20:30:54 | 05,804,032 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe -- (MySQL [Auto | Running])
SRV - [2006/11/02 05:36:33 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2007/07/27 11:49:46 | 00,036,864 | ---- | M] (Realtek) -- C:\Program Files\Airlink101\Airlink101 Cardbus & PCI Wireless LAN Utility\RtlService.exe -- (RealtekPCI [Auto | Running])
SRV - [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2009/08/11 11:20:26 | 00,265,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Stopped])
SRV - [2006/11/02 05:36:49 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystart.com?pr=oovoo2_0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/18 11:27:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/18 11:27:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/09/18 11:27:55 | 00,000,000 | ---D | M]

[2009/09/02 17:38:55 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/13 14:00:21 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/08/19 10:26:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/09/13 14:00:18 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/13 14:00:18 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 14:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/08/19 10:26:35 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/05/12 11:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/05/18 15:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/09/13 14:00:19 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/18 11:27:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/04/16 10:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2009/05/01 14:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2009/07/30 00:24:20 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/07/30 00:24:20 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/07/30 00:24:20 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/07/30 00:24:20 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/07/30 00:24:20 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/07/30 00:24:20 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/29 11:35:18 | 00,000,787 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (1500 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Airlink101 WLAN Monitor] C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WLANmon.exe ()
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [oovoo.exe] C:\Program Files\ooVoo\ooVoo.exe (ooVoo)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Save YouTube Video as MP3 - C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll (DVSTeam)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.167,85.255.112.72
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (C:\RECYCLER\S-1-5-21-7053377985-3338457542-858984716-1705\rundll32.exe) - C:\RECYCLER\S-1-5-21-7053377985-3338457542-858984716-1705\.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/10/27 22:34:32 | 00,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/09/18 11:31:20 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/09/18 11:29:08 | 00,000,000 | ---D | C] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/18 11:27:46 | 00,001,728 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/09/18 11:27:28 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2009/09/18 11:26:52 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/09/18 11:24:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple
[2009/09/16 20:25:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2009/09/16 15:15:49 | 00,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2009/09/16 15:14:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Sony
[2009/09/16 15:13:39 | 00,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2009/09/15 21:30:25 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2009/09/15 21:16:17 | 00,000,000 | ---D | C] -- C:\_OTL
[2009/09/15 19:39:04 | 00,000,000 | --SD | C] -- C:\c9fg56sd
[2009/09/10 19:24:39 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/09/10 19:24:28 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/09/08 22:16:10 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/09/05 15:05:38 | 00,000,000 | ---D | C] -- C:\Program Files\oovootb
[2009/09/05 15:05:28 | 00,000,549 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2009/09/05 15:05:28 | 00,000,000 | ---D | C] -- C:\Program Files\ooVoo

========== Files - Modified Within 14 Days ==========

[2009/09/18 20:00:25 | 00,000,442 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{4DBAC220-CD3C-4A65-9890-B63F35448396}.job
[2009/09/18 20:00:00 | 00,000,446 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9C48359B-21C4-4F9F-986D-76751747DC1A}.job
[2009/09/18 19:58:03 | 00,016,384 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/18 19:58:03 | 00,016,384 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/18 19:57:53 | 00,000,400 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job
[2009/09/18 19:57:45 | 00,000,394 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2009/09/18 19:57:36 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/09/18 19:57:30 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/09/18 19:57:28 | 21,384,31488 | -HS- | M] () -- C:\hiberfil.sys
[2009/09/18 11:35:30 | 00,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/09/18 11:35:30 | 00,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/09/18 11:35:30 | 00,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/09/18 11:31:20 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/09/18 11:27:46 | 00,001,728 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2009/09/05 15:05:28 | 00,000,549 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk

========== LOP Check ==========

[2009/09/18 19:57:53 | 00,000,400 | ---- | M] () -- C:\Windows\Tasks\AWC AutoSweep.job
[2009/09/18 19:57:45 | 00,000,394 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2009/09/18 19:57:36 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/09/18 14:09:55 | 00,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/09/18 20:00:25 | 00,000,442 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{4DBAC220-CD3C-4A65-9890-B63F35448396}.job
[2009/09/18 20:00:00 | 00,000,446 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{9C48359B-21C4-4F9F-986D-76751747DC1A}.job

========== Purity Check ==========

< End of report >

broni · 2009/09/18

Good

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.

This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.

Once the short scan has finished, select Complete scan.

Click the green arrow at the right, and the scan will start.

Click Yes to all if it asks if you want to cure/move the file.

When the scan has finished, in the menu, click File and choose Save report list

Save the report to your desktop. The report will be called DrWeb.csv

Close Dr.Web Cureit.

Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Download HijackThis:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
by clicking on Download HijackThis Installer
Install, and run it.
Post HijackTHis log.
Do NOT attempt to fix anything!

NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator

asdfghjkl · 2009/09/27

Hmmmmmmmm when i run drweb-cureit.exe, it starts and it takes like 3 hours to do the complete scan.... also, when i click on save report list, my computer shuts down. I went to settings, and then i told the log file to save at my documents. Is this the same? its saved as a .log.

broni · 2009/09/27

Download, and install AVP Tool.
After installation, leave all settings as they're, and simply click on Scan button.
When scan is done, and any objects are found, click on Neutralize all button.
Next, click Reports... button, then Save to file....
Save the file to know location as report.txt.
Open report.txt in Notepad, copy all content, and post it in your next reply.

asdfghjkl · 2009/09/27

uhhh can you upload it somewhere please? or should i find it
This webpage is not available.

The webpage at http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/ might be temporarily down or it may have moved permanently to a new web address.

broni · 2009/09/27

It works right now. I'm downloading it anyway, in case you have some problems.
It's pretty hefty download, over 40MB.

asdfghjkl · 2009/09/27

uh i downloaded it from another site. but it's the kaspersky virus removal tool right?
its taking a really long time to scan. I will post it with hijackthislog as soon as it finished. thanks

broni · 2009/09/27

As long, as it says AVP.exe, you should be fine.
Yes, it takes a long time.

asdfghjkl · 2009/10/01

Uhhh do I tick my C: drive too? cuz i did a scan and when i didn't tick my c drive it only took an hour. hmmmmm scanning with C: drive

broni · 2009/10/01

You should select all drives, you have.

asdfghjkl · 2009/10/03

...... i saved my virus scan as a log
first of all its 64 megabytes.... and oh yeah.... none of my internet browsers work. i don't know why. i think its because of the scan/virus. first chrome, then firefox, and now ie
:O
i can't fit the report on here, but i scanned everything.

broni · 2009/10/03

Upload the log here: http://uploadmb.com/
Post download link.

asdfghjkl · 2009/10/07

http://www.uploadmb.com/dw.php?id=1254930092
<A HREF='http://www.uploadmb.com/dw.php?id=1254930092'>cureing.txt</A>

broni · 2009/10/07

Upload following files to http://www.virustotal.com/ for security check:
- explorer.exe located @ C:\Windows
- userinit.exe and svchost.exe located @ C:\Windows\System32
Post scans results.

asdfghjkl · 2009/10/07

explorer.exe
Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.10.06 -
AhnLab-V3 5.0.0.2 2009.10.06 -
AntiVir 7.9.1.33 2009.10.06 -
Antiy-AVL 2.0.3.7 2009.10.05 -
Authentium 5.1.2.4 2009.10.06 -
Avast 4.8.1351.0 2009.10.06 -
AVG 8.5.0.420 2009.10.04 -
BitDefender 7.2 2009.10.06 -
CAT-QuickHeal 10.00 2009.10.06 -
ClamAV 0.94.1 2009.10.05 -
Comodo 2524 2009.10.06 -
DrWeb 5.0.0.12182 2009.10.06 -
eSafe 7.0.17.0 2009.10.05 -
eTrust-Vet 35.1.7053 2009.10.06 -
F-Prot 4.5.1.85 2009.10.05 -
F-Secure 8.0.14470.0 2009.10.06 -
Fortinet 3.120.0.0 2009.10.06 -
GData 19 2009.10.06 -
Ikarus T3.1.1.72.0 2009.10.06 -
Jiangmin 11.0.800 2009.10.06 -
K7AntiVirus 7.10.863 2009.10.06 -
Kaspersky 7.0.0.125 2009.10.06 -
McAfee 5762 2009.10.05 -
McAfee+Artemis 5762 2009.10.05 -
McAfee-GW-Edition 6.8.5 2009.10.06 -
Microsoft 1.5101 2009.10.06 -
NOD32 4484 2009.10.06 -
Norman 6.01.09 2009.10.06 -
nProtect 2009.1.8.0 2009.10.06 -
Panda 10.0.2.2 2009.10.05 -
PCTools 4.4.2.0 2009.10.06 -
Prevx 3.0 2009.10.06 -
Rising 21.49.22.00 2009.09.30 -
Sophos 4.45.0 2009.10.06 -
Sunbelt 3.2.1858.2 2009.10.05 -
Symantec 1.4.4.12 2009.10.06 -
TheHacker 6.5.0.2.031 2009.10.05 -
TrendMicro 8.950.0.1094 2009.10.06 -
VBA32 3.12.10.11 2009.10.05 -
ViRobot 2009.10.6.1972 2009.10.06 -
VirusBuster 4.6.5.0 2009.10.06 -

userinit.exe
Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.09.17 -
AhnLab-V3 5.0.0.2 2009.09.17 -
AntiVir 7.9.1.19 2009.09.17 -
Antiy-AVL 2.0.3.7 2009.09.17 -
Authentium 5.1.2.4 2009.09.17 -
Avast 4.8.1351.0 2009.09.17 -
AVG 8.5.0.412 2009.09.17 -
BitDefender 7.2 2009.09.17 -
CAT-QuickHeal 10.00 2009.09.17 -
ClamAV 0.94.1 2009.09.17 -
Comodo 2349 2009.09.17 -
DrWeb 5.0.0.12182 2009.09.17 -
eSafe 7.0.17.0 2009.09.17 -
eTrust-Vet 31.6.6743 2009.09.17 -
F-Prot 4.5.1.85 2009.09.17 -
F-Secure 8.0.14470.0 2009.09.17 -
Fortinet 3.120.0.0 2009.09.17 -
GData 19 2009.09.17 -
Ikarus T3.1.1.72.0 2009.09.17 -
Jiangmin 11.0.800 2009.09.17 -
K7AntiVirus 7.10.847 2009.09.17 -
Kaspersky 7.0.0.125 2009.09.17 -
McAfee 5743 2009.09.16 -
McAfee+Artemis 5743 2009.09.16 -
McAfee-GW-Edition 6.8.5 2009.09.17 -
Microsoft 1.5005 2009.09.17 -
NOD32 4434 2009.09.17 -
Norman 6.01.09 2009.09.17 -
nProtect 2009.1.8.0 2009.09.17 -
Panda 10.0.2.2 2009.09.16 -
PCTools 4.4.2.0 2009.09.17 -
Prevx 3.0 2009.09.17 -
Rising 21.47.34.00 2009.09.17 -
Sophos 4.45.0 2009.09.17 -
Sunbelt 3.2.1858.2 2009.09.17 -
Symantec 1.4.4.12 2009.09.17 -
TheHacker 6.3.4.4.404 2009.09.15 -
TrendMicro 8.950.0.1094 2009.09.17 -
VBA32 3.12.10.10 2009.09.17 -
ViRobot 2009.9.17.1941 2009.09.17 -
VirusBuster 4.6.5.0 2009.09.17 -

svchost.exe
Antivirus Version Last Update Result
a-squared 4.5.0.41 2009.10.07 -
AhnLab-V3 5.0.0.2 2009.10.06 -
AntiVir 7.9.1.33 2009.10.06 -
Antiy-AVL 2.0.3.7 2009.10.05 -
Authentium 5.1.2.4 2009.10.07 -
Avast 4.8.1351.0 2009.10.06 -
AVG 8.5.0.420 2009.10.04 -
BitDefender 7.2 2009.10.07 -
CAT-QuickHeal 10.00 2009.10.06 -
ClamAV 0.94.1 2009.10.05 -
Comodo 2524 2009.10.06 -
DrWeb 5.0.0.12182 2009.10.06 -
eSafe 7.0.17.0 2009.10.06 -
eTrust-Vet 35.1.7054 2009.10.06 -
F-Prot 4.5.1.85 2009.10.06 -
F-Secure 8.0.14470.0 2009.10.06 -
Fortinet 3.120.0.0 2009.10.06 -
GData 19 2009.10.07 -
Ikarus T3.1.1.72.0 2009.10.07 -
Jiangmin 11.0.800 2009.10.06 -
K7AntiVirus 7.10.863 2009.10.06 -
Kaspersky 7.0.0.125 2009.10.07 -
McAfee 5763 2009.10.06 -
McAfee+Artemis 5763 2009.10.06 -
McAfee-GW-Edition 6.8.5 2009.10.06 -
Microsoft 1.5101 2009.10.06 -
NOD32 4485 2009.10.06 -
Norman 6.01.09 2009.10.06 -
nProtect 2009.1.8.0 2009.10.06 -
Panda 10.0.2.2 2009.10.06 -
PCTools 4.4.2.0 2009.10.06 -
Prevx 3.0 2009.10.07 -
Rising 21.49.22.00 2009.09.30 -
Sophos 4.45.0 2009.10.07 -
Sunbelt 3.2.1858.2 2009.10.07 -
Symantec 1.4.4.12 2009.10.07 -
TheHacker 6.5.0.2.032 2009.10.06 -
TrendMicro 8.950.0.1094 2009.10.07 -
VBA32 3.12.10.11 2009.10.05 -
ViRobot 2009.10.6.1972 2009.10.06 -
VirusBuster 4.6.5.0 2009.10.06 -

I JUST NOTICED I HAD 133 GB LEFT AND I HAD 235 GB A MONTH AGO!

broni · 2009/10/07

Let's see, if you can run Combofix now.

Download fresh copy from HERE to your desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Please, never rename Combofix unless instructed.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".

Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

NOTE. If Combofix asks you to install Recovery Console, please allow it.

Close any open browsers.

WARNING: Combofix will disconnect your machine from the Internet as soon as it starts

Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.

If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

Log in or Sign up

Active Google Redirecting Problem

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Active Google Redirecting Problem

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

asdfghjkl Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches