Inactive Trojan.generic In Archive, can't Delete,can't find its location

broni · 2009/12/29

Very good

Amor · 2009/12/30

Hiya Broni, here's the Malware scan Log, Surprisingly its all clean !

Malwarebytes' Anti-Malware 1.42
Database version: 3454
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/30/2009 11:49:28 AM
mbam-log-2009-12-30 (11-49-28).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 166718
Time elapsed: 3 hour(s), 4 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Amor · 2009/12/30

The HijackThis Log, await your reply thanks Broni

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:34 AM, on 12/30/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
D:\Program Files\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\carpserv.exe
D:\Program Files\BitDefender 2009\bdagent.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Hotspot Shield\bin\openvpnas.exe
D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.themoscowtimes.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender 2009\bdagent.exe "
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender 2009\IEShow.exe "
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1260938856913
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2029C8D4-C8B7-46FA-96BA-AB6D6105020F}: NameServer = 212.188.4.10,195.34.32.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B07F3AE-0325-46DD-89ED-73200BA7D76F}: NameServer = 195.34.32.116 212.188.4.10
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SASWINLO.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Program Files\BitDefender 2009\vsserv.exe

--
End of file - 6216 bytes

broni · 2009/12/30

Just for a good measure....

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Doubleclick the drweb-cureit.exe file and click Scan to run express scan. Click OK in pop-up window to allow scan.

This will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it. This is only a short scan.

Once the short scan has finished, select Complete scan.

Click the green arrow at the right, and the scan will start.

Click Yes to all if it asks if you want to cure/move the file.

When the scan has finished, in the menu, click File and choose Save report list

Save the report to your desktop. The report will be called DrWeb.csv

Close Dr.Web Cureit.

Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.

Copy and paste that log in the next reply. You can use Notepad to open the DrWeb.cvs report.

NOTE. During the scan, pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Post fresh HijackThis log as well.

Amor · 2009/12/31

Hey Broni, i am doing the full scan, please find below the Short Scan results.

Process in memory: C:\WINDOWS\Explorer.EXE:276;;Trojan.Winlock.569;Eradicated.;
Process in memory: C:\WINDOWS\Explorer.EXE:276;;Trojan.Winlock.569;Eradicated.;
Process in memory: C:\WINDOWS\Explorer.EXE:276;;Trojan.Winlock.569;Eradicated.;
Process in memory: C:\WINDOWS\Explorer.EXE:276;;Trojan.Winlock.569;Eradicated.;
vjocx.dll;C:\WINDOWS\system32\Nagasoft;Probably DLOADER.Trojan;Incurable.Deleted.;
vjocx.dll;c:\windows\system32\nagasoft;Probably DLOADER.Trojan;Invalid path to file ;

I think this should be it but U r right , the Full scan would seal this. Many Thanks again!, Ur valuable help is highly appreciated!

A very Happy & Prosperous New Year to ya !

broni · 2009/12/31

Same to you

Amor · 2010/01/01

Hi Broni, PLease find below the Dr Web Complete Scan Log , I restarted the Comp as U instructred after the nearly 11 Hours of Scan !, tried runing Hijack this thrice but not able to , says not responding and crashes, any more steps needed ? Plz lemme know Thanks dude.

Process in memory: C:\WINDOWS\system32\spoolsv.exe:332;;Trojan.Winlock.569;Eradicated.;
Process in memory: C:\WINDOWS\system32\spoolsv.exe:332;;Trojan.Winlock.569;Eradicated.;
Process in memory: C:\WINDOWS\system32\spoolsv.exe:332;;Trojan.Winlock.569;Eradicated.;
Process in memory: C:\WINDOWS\system32\spoolsv.exe:332;;Trojan.Winlock.569;Eradicated.;
A0008805.dll;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP19;Probably DLOADER.Trojan;Incurable.Deleted.;
A0008820.dll;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP19;Probably DLOADER.Trojan;Incurable.Deleted.;
MFEX-221.DAT;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP19\snapshot;Probably DLOADER.Trojan;Incurable.Deleted.;
A0027528.bat;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47;Probably BATCH.Virus;Incurable.Deleted.;
A0027706.bat;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47;Probably BATCH.Virus;Incurable.Deleted.;
A0027787.bat;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47;Probably BATCH.Virus;Incurable.Deleted.;
A0027879.bat;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47;Probably BATCH.Virus;Incurable.Deleted.;
A0027995.exe\32788R22FWJFW\List-C.bat;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47\A0027995.exe;Probably BATCH.Virus;;
A0027995.exe;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47;Archive contains infected objects;Moved.;
A0028031.bat;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP47;Probably BATCH.Virus;Incurable.Deleted.;
A0028154.dll;C:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP48;Probably DLOADER.Trojan;Incurable.Deleted.;
vjocx.dll;C:\WINDOWS\system32\Nagasoft;Probably DLOADER.Trojan;Incurable.Deleted.;
vjocx.exe\vjocx.dll;C:\WINDOWS\system32\Nagasoft\vjocx.exe;Probably DLOADER.Trojan;;
vjocx.exe;C:\WINDOWS\system32\Nagasoft;Archive contains infected objects;Moved.;
spvod_player-en.exe/vjocx.exe\vjocx.dll;D:\Program Files\spvod_player-en.exe/vjocx.exe;Probably DLOADER.Trojan;;
vjocx.exe;D:\Program Files;Archive contains infected objects;;
spvod_player-en.exe;D:\Program Files;Archive contains infected objects;Moved.;
vexcast.exe\vjocx.dll;D:\Program Files\vexcast.exe;Probably DLOADER.Trojan;;
vexcast.exe;D:\Program Files;Archive contains infected objects;Moved.;
A0029246.exe/vjocx.exe\vjocx.dll;D:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP49\A0029246.exe/vjocx.exe;Probably DLOADER.Trojan;;
vjocx.exe;D:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP49;Archive contains infected objects;;
A0029246.exe;D:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP49;Archive contains infected objects;Moved.;
A0029247.exe\vjocx.dll;D:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP49\A0029247.exe;Probably DLOADER.Trojan;;
A0029247.exe;D:\System Volume Information\_restore{F82AFAE5-FE1B-4AA8-93C7-3D628A6D8C2A}\RP49;Archive contains infected objects;Moved.;

broni · 2010/01/01

Try to uninstall HJT and download fresh copy.

Amor · 2010/01/02

Hey Broni ! tried running earlier the Hijack this Log , with different names, reinstalled but no avail, then noticed has lot of cr*& in the laptop,Bitdefender protection got disabled, so decided to do a Clean Windows Install!

Everything works fine like a fiddle now !

Thanks again, this has been a good learning experience, will be well aware from now on

Chao Amigo

------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:20:26 AM, on 1/3/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
D:\Program Files\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\BitDefender 2009\seccenter.exe
D:\Program Files\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Amor\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Program Files\BitDefender 2009\IEToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BDAgent] "D:\Program Files\BitDefender 2009\bdagent.exe "
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "D:\Program Files\BitDefender 2009\IEShow.exe "
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Mozilla Firefox.lnk = D:\Program Files\firefox.exe
O4 - Startup: STREAM.lnk = ?
O4 - Global Startup: Google Calendar Sync.lnk = D:\Program Files\Google Calendar Sync\GoogleCalendarSync.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262404238650
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{272C7A97-9A9C-4A0E-9504-3B14597C7E37}: NameServer = 212.188.4.10,195.34.32.116
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C375B57-CD13-4F2B-B898-7E8675969EC2}: NameServer = 195.34.32.116 212.188.4.10
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Program Files\BitDefender 2009\vsserv.exe

--
End of file - 4756 bytes

broni · 2010/01/02

Oh well, since you reinstalled Windows, there is nothing for me to check
Good luck

Log in or Sign up

Inactive Trojan.generic In Archive, can't Delete,can't find its location

broni Moderator Malware Analyst

Amor Inactive Thread Starter

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Inactive Trojan.generic In Archive, can't Delete,can't find its location

broni Moderator Malware Analyst

Amor Inactive Thread Starter

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Amor Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches