Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Closed Topic
 
Topic Tools
  #1  
Old February 11th, 2011, 01:27 PM
slimdread slimdread is offline
Member
 
Join Date: Sep 2005
Posts: 47
Angry malware savetubevideo.com

hi,
Need help removing these worm, it keeps redirecting my mozilla browers to this url;

www.landing.savetubevideo.com/

Cant any body suggest ways of getting rid of this problem

Thanks

Last edited by Jintan; February 21st, 2011 at 09:50 AM. Reason: neutralized link
  #2  
Old February 12th, 2011, 07:17 AM
touch's Avatar
touch touch is offline
Malware Removal Team
 
Join Date: Jan 2007
O/S: Windows XP Pro
Posts: 3,595
Hello slimdread


Download Ccleaner: Here
Click on ->
“Download
Latest Version”

Once installed, run CCleaner click the Windows tab
Select the following:
Internet Explorer:
Temp Internet
History
Recently Typed URLs
Delete Index.dat files

System:
Empty Recycle Bin
Temporary Files
Memory Dumps
Chkdsk File Fragments
Then click Run Cleaner (bottom right) then Exit


Please download Malwarebytes' Anti-Malware: Here
to your desktop.

Double-click mbam-setup and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.

NB. If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Click: Here
to download HJTinstall.exe
Save HJTinstall.exe to your desktop.
Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\Hijack This.
Click I accept
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.

Post hijackthis log along with Malwarebytes' Anti-Malware log, and tell how things are running ?
  #3  
Old February 14th, 2011, 10:09 AM
slimdread slimdread is offline
Member
 
Join Date: Sep 2005
Posts: 47
Quote:
Originally Posted by touch View Post
Hello slimdread


Download Ccleaner: Here
Click on ->
“Download
Latest Version”

Once installed, run CCleaner click the Windows tab
Select the following:
Internet Explorer:
Temp Internet
History
Recently Typed URLs
Delete Index.dat files

System:
Empty Recycle Bin
Temporary Files
Memory Dumps
Chkdsk File Fragments
Then click Run Cleaner (bottom right) then Exit


Please download Malwarebytes' Anti-Malware: Here
to your desktop.

Double-click mbam-setup and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. Please save it to a convenient location.

NB. If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Click: Here
to download HJTinstall.exe
Save HJTinstall.exe to your desktop.
Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\Hijack This.
Click I accept
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.

Post hijackthis log along with Malwarebytes' Anti-Malware log, and tell how things are running ?
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:03:23 AM, on 14/02/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Hi,

I have run ccleaner like u recommended and malware byte. This is the log file of hijackthis;

Running processes:
D:\WINDOWS\System32\smss.exe
D:\PROGRA~1\AVG\AVG10\avgchsvx.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\vcsFPService.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\idt\wdm\STacSV.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
D:\WINDOWS\System32\accelerometerST.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Program Files\AVG\AVG10\avgtray.exe
D:\Program Files\LSI SoftModem\agrsmsvc.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\AVG\AVG10\avgwdsvc.exe
D:\Program Files\Quest Software\Benchmark Factory for Databases\Repository\MySQL\bin\mysqld-max-nt.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
D:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
D:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
D:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
D:\Program Files\AVG\AVG10\avgnsx.exe
D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
D:\Program Files\Quest Software\Toad for Oracle\toad.exe
D:\PROGRA~1\AVG\AVG10\avgrsx.exe
D:\Program Files\AVG\AVG10\avgcsrvx.exe
D:\Program Files\Google\Google Talk\googletalk.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\WINDOWS\system32\notepad.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 10.150.141.21:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O1 - Hosts: 195.39.188.197 Telco104
O1 - Hosts: 41.187.84.38 epm.its.ws
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - D:\Program Files\Softonic-Eng7\tbSof0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingle Instance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - D:\Program Files\Softonic-Eng7\tbSof0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\ConduitEngin0.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - D:\Program Files\DVDVideoSoftTB\tbDVDV.dll
O4 - HKLM\..\Run: [IMSS] "D:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [IAAnotif] D:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] D:\WINDOWS\System32\accelerometerST.exe
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] D:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Free YouTube Download - D:\Documents and Settings\Anthony\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1289609005468
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - D:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: BMFMySQL - Unknown owner - D:\Program Files\Quest Software\Benchmark Factory for Databases\Repository\MySQL\bin\mysqld-max-nt.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - D:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - D:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - d:\program files\idt\wdm\STacSV.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - D:\WINDOWS\system32\vcsFPService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11693 bytes


BR
  #4  
Old February 15th, 2011, 06:18 AM
touch's Avatar
touch touch is offline
Malware Removal Team
 
Join Date: Jan 2007
O/S: Windows XP Pro
Posts: 3,595
You were also supposed to post malwarebyte log

Please post it, along with DDS log files.

Please download DDS: Here

If you are using Firefox, go to the toolbar and click File. Then go down to Save As & click.
Then save it on the desktop. Save as dds.scr
Save as Type : All files


to your Desktop and doubleclick on DDs.scr to run it.
If your security software includes script blocking features, please disable these before you run this utility.


When the scan has finished, two logs will open.
Copy and paste both reports in this topic.
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.
  #5  
Old February 16th, 2011, 10:57 AM
slimdread slimdread is offline
Member
 
Join Date: Sep 2005
Posts: 47
Sorry about that, Find below the logs as required. I attached the very first log for the Malware and today's log. I think that would give you a clear

=========================

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5740

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/02/2011 12:27:08 PM
mbam-log-2011-02-11 (12-27-08).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 221279
Time elapsed: 31 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{D7BE8ED1-B138-48FD-BB22-9779A39130B1} (Redir.GSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
d:\program files\savetubevideo.com (Adware.SkyLab) -> Quarantined and deleted successfully.
d:\program files\savetubevideo.com\savetubevideo (Adware.SkyLab) -> Quarantined and deleted successfully.
d:\program files\savetubevideo.com\savetubevideo\FF (Adware.SkyLab) -> Quarantined and deleted successfully.

Files Infected:
d:\documents and settings\Anthony\my documents\Doc\ITS\FBkup\idm ultraedit v15.20.0.1022 incl. keymaker-zwt\Keygen.exe (Malware.Tool) -> Quarantined and deleted successfully.
d:\Tools\idm ultraedit v15.20.0.1022 incl. keymaker-zwt\idm ultraedit v15.20.0.1022 incl. keymaker-zwt\Keygen.exe (Malware.Tool) -> Quarantined and deleted successfully.
d:\program files\savetubevideo.com\savetubevideo\FF\tmp (Adware.SkyLab) -> Quarantined and deleted successfully.


=====Malware Log===========

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5740

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16/02/2011 10:51:50 AM
mbam-log-2011-02-16 (10-51-50).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 218516
Time elapsed: 31 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


=========================


=====DDS log:==============
DDS (Ver_10-12-12.01) - NTFSx86
Run by Anthony at 10:23:08.43 on 16/02/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.1676 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

D:\PROGRA~1\AVG\AVG10\avgchsvx.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
D:\WINDOWS\system32\vcsFPService.exe
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
d:\program files\idt\wdm\STacSV.exe
svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
D:\WINDOWS\System32\accelerometerST.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Program Files\AVG\AVG10\avgtray.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
D:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
D:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
D:\Program Files\LSI SoftModem\agrsmsvc.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Program Files\AVG\AVG10\avgwdsvc.exe
D:\Program Files\Quest Software\Benchmark Factory for Databases\Repository\MySQL\bin\mysqld-max-nt.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
D:\WINDOWS\system32\svchost.exe -k imgsvc
D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
D:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
D:\Program Files\AVG\AVG10\avgnsx.exe
D:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
D:\PROGRA~1\AVG\AVG10\avgrsx.exe
D:\Program Files\AVG\AVG10\avgcsrvx.exe
D:\Program Files\Quest Software\Toad for Oracle\toad.exe
D:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Google Talk\googletalk.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\WINDOWS\system32\NOTEPAD.EXE
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Program Files\Microsoft Office\Office12\EXCEL.EXE
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
C:\Program Files\ExtraPutty 0.22\Bin\putty.exe
C:\Program Files\ExtraPutty 0.22\Bin\putty.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\oracle\product\10.2.0\client_3\BIN\sqlplusw.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Anthony\My Documents\Downloads\dds.pif

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 10.150.141.21:8080
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - d:\program files\dvdvideosofttb\tbDVDV.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngin0.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - d:\program files\avg\avg10\avgssie.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - d:\program files\softonic-eng7\tbSof0.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - d:\program files\dvdvideosofttb\tbDVDV.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - d:\program files\google\googletoolbar1.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - d:\progra~1\yahoo!\companion\installs\cpn\YTSingle Instance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - d:\program files\google\googletoolbar1.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - d:\program files\softonic-eng7\tbSof0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngin0.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - d:\program files\dvdvideosofttb\tbDVDV.dll
uRun: [Google Update] "d:\documents and settings\anthony\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
mRun: [IMSS] "d:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
mRun: [IAAnotif] d:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [AccelerometerSysTrayApplet] d:\windows\system32\accelerometerST.exe
mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] d:\program files\avg\avg10\avgtray.exe
mRun: [iTunesHelper] "d:\program files\itunes\iTunesHelper.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\blu eto~1.lnk - d:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\vpn cli~1.lnk - d:\windows\installer\{ccbaa1f7-e5e1-48b2-9ed9-a79c6a37ce78}\Icon3E5562ED7.ico
IE: Free YouTube Download - d:\documents and settings\anthony\application data\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - d:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: its.ws\epm
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1289609005468
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF}
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - d:\program files\avg\avg10\avgpp.dll
Handler: qrev - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - d:\progra~1\quests~1\toadfo~1\RNetPin.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\progra~1\micros~2\office12\GRA8E1~1.DLL
Hosts: 10.5.104.20 Meds
Hosts: 195.39.188.197 Telco104
Hosts: 10.160.141.34 tabtst
Hosts: 10.160.141.35 trntst
Hosts: 10.160.147.50 trnt1

Note: multiple HOSTS entries found. Please refer to Attach.txt

================= FIREFOX ===================

FF - ProfilePath - d:\docume~1\anthony\applic~1\mozilla\firefox\profi les\idqx4b36.default\
FF - prefs.js: browser.search.selectedEngine - GoogleFeed.net
FF - prefs.js: browser.startup.homepage - hxxp://en-US.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://www.veerboo.com/results.php?q=
FF - prefs.js: network.proxy.http - 10.50.56.6
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 1
FF - plugin: d:\documents and settings\anthony\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dl l
FF - plugin: d:\program files\mozilla firefox\plugins\NPJinit13122.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - Extension: Firefox (default): {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

============= SERVICES / DRIVERS ===============

R0 AVGIDSEH;AVGIDSEH;d:\windows\system32\drivers\AVGI DSEH.sys [2010-9-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver;d:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064]
R1 Avgldx86;AVG AVI Loader Driver;d:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;d:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384]
R1 Avgtdix;AVG TDI Driver;d:\windows\system32\drivers\avgtdix.sys [2010-9-7 299984]
R2 AVGIDSAgent;AVGIDSAgent;d:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-1-6 6128720]
R2 avgwd;AVG WatchDog;d:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400]
R2 BMFMySQL;BMFMySQL;d:\program files\quest software\benchmark factory for databases\repository\mysql\bin\mysqld-max-nt.exe [2005-10-22 4431872]
R2 UNS;Intel(R) Management & Security Application User Notification Service;d:\program files\intel\intel(r) management engine components\uns\UNS.EXE [2010-11-12 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;d:\windows\system32\vcsFPService.exe [2009-10-21 1639728]
R3 AESTAud;AE Audio Service;d:\windows\system32\drivers\AESTAud.sys [2010-11-12 113664]
R3 AVGIDSDriver;AVGIDSDriver;d:\windows\system32\driv ers\AVGIDSDriver.sys [2010-8-19 123472]
R3 AVGIDSFilter;AVGIDSFilter;d:\windows\system32\driv ers\AVGIDSFilter.sys [2010-8-19 30288]
R3 AVGIDSShim;AVGIDSShim;d:\windows\system32\drivers\ AVGIDSShim.sys [2010-8-19 26192]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;d:\windows\system32\drivers\e1k5132.sys [2010-11-12 166568]
R3 IFXTPM;IFXTPM;d:\windows\system32\drivers\ifxtpm.s ys [2010-11-12 44800]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;d:\windows\system32\drivers\nvhda32.sys [2010-11-12 57320]
R3 rismc32;RICOH Smart Card Reader;d:\windows\system32\drivers\rismc32.sys [2010-11-12 49152]
R4 MBAMSwissArmy;MBAMSwissArmy;d:\windows\system32\dr ivers\mbamswissarmy.sys [2011-2-11 38224]
S0 is3srv;is3srv;d:\windows\system32\drivers\is3srv.s ys --> d:\windows\system32\drivers\is3srv.sys [?]
S0 szkg5;szkg5;d:\windows\system32\drivers\szkg.sys --> d:\windows\system32\drivers\szkg.sys [?]
S0 szkgfs;szkgfs;d:\windows\system32\drivers\szkgfs.s ys --> d:\windows\system32\drivers\szkgfs.sys [?]
S3 Com4QLBEx;Com4QLBEx;d:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2010-11-12 228408]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;d:\windows\system32\drivers\PTDMBus.sys [2010-12-29 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;d:\windows\system32\drivers\PTDMMdm.sys [2010-12-29 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;d:\windows\system32\drivers\PTDMVsp.sys [2010-12-29 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;d:\windows\system32\drivers\PTDMWWAN.sys [2010-12-29 59520]
S3 vsdatant;vsdatant;d:\windows\system32\vsdatant.sys [2005-1-26 280344]

=============== File Associations ===============

.txt=UltraEdit.txt

=============== Created Last 30 ================

2011-02-16 18:22:44 -------- d--h--w- d:\windows\PIF
2011-02-14 17:36:36 -------- d-----w- d:\program files\CCleaner
2011-02-14 17:35:41 -------- d-----w- d:\program files\Trend Micro
2011-02-11 19:35:17 -------- d-----w- d:\docume~1\anthony\applic~1\Malwarebytes
2011-02-11 19:35:14 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2011-02-11 19:35:14 -------- d-----w- d:\docume~1\alluse~1\applic~1\Malwarebytes
2011-02-11 19:35:11 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2011-02-11 19:35:11 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2011-02-11 19:19:14 -------- d-----w- d:\program files\Trojan Remover
2011-02-11 17:37:45 -------- d-----w- d:\docume~1\alluse~1\applic~1\STOPzilla!
2011-02-10 18:56:31 -------- d-----w- d:\docume~1\anthony\applic~1\DVDVideoSoft
2011-02-10 03:42:34 -------- d-----w- d:\docume~1\anthony\locals~1\applic~1\DVDVideoSoft TB
2011-02-10 03:42:33 -------- d-----w- d:\program files\DVDVideoSoftTB
2011-02-10 03:42:20 -------- d-----w- d:\docume~1\anthony\applic~1\DVDVideoSoftIEHelpers
2011-02-10 03:42:08 -------- d-----w- d:\program files\common files\DVDVideoSoft
2011-02-10 03:42:07 -------- d-----w- d:\program files\DVDVideoSoft
2011-01-28 20:06:13 -------- d-sh--w- d:\documents and settings\anthony\IECompatCache
2011-01-28 06:09:08 -------- d-----w- d:\program files\YouTube Downloader
2011-01-28 05:41:07 -------- d-----w- d:\program files\K-Lite Codec Pack

==================== Find3M ====================

2010-11-22 17:41:35 0 ----a-w- d:\windows\system32\ConduitEngine.tmp

============= FINISH: 10:29:06.62 ===============
  #6  
Old February 17th, 2011, 01:03 PM
touch's Avatar
touch touch is offline
Malware Removal Team
 
Join Date: Jan 2007
O/S: Windows XP Pro
Posts: 3,595
Quote:
d:\Tools\idm ultraedit v15.20.0.1022 incl. keymaker-zwt\idm ultraedit v15.20.0.1022 incl. keymaker-zwt\Keygen.exe
I'm sorry, but we do not support piracy. Due to the fact that your malwarebyte logfile clearly shows you have atleast one known crack/keygen, we will not help you.

When you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.
Closed Topic

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
malware? unforgiven1977 Malware Removal 17 July 4th, 2015 10:17 AM
Can Malwarebytes Anti Malware actually get rid of malware such as Windows System? dwilliams1578 Malware Removal 2 June 4th, 2011 09:39 AM
AVG keeps blocking "UK9.exe" malware, Firefox keeps redirecting to malware. Vulpix Malware Removal 5 March 2nd, 2010 03:00 AM
Malware? Bremang Malware Removal 1 October 16th, 2008 08:12 PM
291 Malware even though.... just lost Malware Removal 2 May 29th, 2005 01:32 AM


All times are GMT +1. The time now is 05:52 PM.