Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Malware and Proxy server running - cant remove - Please Help [Solved]

Proxy server malware proxy server malware proxy

  • This topic is locked This topic is locked
24 replies to this topic

#16 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 29 October 2014 - 06:57 PM

That file is fine. Personally I would uninstall HitmanPro

 

 

Download ComboFix from one of these locations:
 
 
 
* IMPORTANT !!! Save ComboFix.exe to your Desktop
 
 
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link  for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.
  •  
  • Double click on ComboFix.exe & follow the prompts.
  •  
     
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. 
  •  
     
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  •  
     
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
     
     

    RC1.png

     
     
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    RC2-1.png

     
    Click on Yes, to continue scanning for malware.
     
    When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.
     
    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

      Advertisements

    Register to Remove


    #17 hondaspeed05

    hondaspeed05

      New Member

    • Authentic Member
    • Pip
    • 15 posts

    Posted 29 October 2014 - 08:04 PM

    ComboFix 14-10-29.01 - Megan325 10/29/2014  21:28:51.1.4 - x64
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4000.2385 [GMT -4:00]
    Running from: c:\users\Megan325\Desktop\ComboFix.exe
    AV: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
    SP: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo
    c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\background.html
    c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\content.js
    c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\h0xupEaF.js
    c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\lsdb.js
    c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\manifest.json
    c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo
    c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\background.html
    c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\content.js
    c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\h0xupEaF.js
    c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\lsdb.js
    c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\manifest.json
    c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo
    c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\background.html
    c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\content.js
    c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\h0xupEaF.js
    c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\lsdb.js
    c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\manifest.json
    c:\users\Megan325\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo
    c:\users\Megan325\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\background.html
    c:\users\Megan325\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\content.js
    c:\users\Megan325\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\h0xupEaF.js
    c:\users\Megan325\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\lsdb.js
    c:\users\Megan325\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\manifest.json
    c:\users\Megan325\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo
    c:\users\Megan325\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\background.html
    c:\users\Megan325\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\content.js
    c:\users\Megan325\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\h0xupEaF.js
    c:\users\Megan325\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\lsdb.js
    c:\users\Megan325\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kpdjchidlgodmjomhnaoaednbojlbjlo\2.0\manifest.json
    c:\users\Megan325\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_anmjbcpapldonjdblbhcpffjokakiffn_0.localstorage
    c:\users\Megan325\AppData\Local\Google\Chrome\User Data\Default\Preferences
    c:\users\Megan325\g2mdlhlpx.exe
    c:\windows\msvcr71.dll
    c:\windows\SysWow64\bszip.dll
    D:\install.exe
    .
    .
    (((((((((((((((((((((((((   Files Created from 2014-09-28 to 2014-10-30  )))))))))))))))))))))))))))))))
    .
    .
    2014-10-30 01:40 . 2014-10-30 01:40    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2014-10-30 01:37 . 2014-10-30 01:37    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FF15DB4-FD30-4C79-8974-66631F33D6AD}\offreg.dll
    2014-10-30 00:24 . 2014-10-14 19:59    11627712    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FF15DB4-FD30-4C79-8974-66631F33D6AD}\mpengine.dll
    2014-10-29 00:04 . 2014-10-30 00:23    129752    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-10-29 00:04 . 2014-10-29 00:04    --------    d-----w-    c:\program files (x86)\Malwarebytes Anti-Malware
    2014-10-29 00:04 . 2014-10-01 15:11    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
    2014-10-29 00:04 . 2014-10-01 15:11    93400    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
    2014-10-29 00:04 . 2014-10-01 15:11    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
    2014-10-28 02:14 . 2014-10-28 23:57    --------    d-----w-    C:\FRST
    2014-10-28 01:01 . 2014-10-28 01:01    12872    ----a-w-    c:\windows\system32\bootdelete.exe
    2014-10-28 00:30 . 2014-10-28 00:30    --------    d-----w-    c:\users\Megan325\AppData\Local\ElevatedDiagnostics
    2014-10-15 00:12 . 2014-07-07 02:06    206848    ----a-w-    c:\windows\system32\mfps.dll
    2014-10-15 00:11 . 2014-09-18 02:00    3241472    ----a-w-    c:\windows\system32\msi.dll
    2014-10-15 00:11 . 2014-09-18 01:32    2363904    ----a-w-    c:\windows\SysWow64\msi.dll
    2014-10-11 20:44 . 2010-08-30 12:34    536576    ----a-w-    c:\windows\SysWow64\sqlite3.dll
    2014-10-11 20:43 . 2014-10-28 00:35    --------    d-----w-    C:\AdwCleaner
    2014-10-11 17:07 . 2014-10-11 17:07    241248    ----a-w-    c:\windows\system32\drivers\72488640.sys
    2014-10-11 16:52 . 2014-10-11 16:52    --------    d-----w-    c:\users\Megan325\AppData\Roaming\AVAST Software
    2014-10-11 16:50 . 2014-10-11 16:50    93568    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
    2014-10-11 16:50 . 2014-10-11 16:50    92008    ----a-w-    c:\windows\system32\drivers\aswStm.sys
    2014-10-11 16:50 . 2014-10-11 16:50    79184    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
    2014-10-11 16:50 . 2014-10-11 16:50    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
    2014-10-11 16:50 . 2014-10-11 16:50    426848    ----a-w-    c:\windows\system32\drivers\aswSP.sys
    2014-10-11 16:50 . 2014-10-11 16:50    29208    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
    2014-10-11 16:50 . 2014-10-11 16:50    224896    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
    2014-10-11 16:50 . 2014-10-11 16:50    1041168    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
    2014-10-11 16:50 . 2014-10-11 16:50    307344    ----a-w-    c:\windows\system32\aswBoot.exe
    2014-10-11 16:50 . 2014-10-11 16:50    43152    ----a-w-    c:\windows\avastSS.scr
    2014-10-11 16:49 . 2014-10-11 16:49    --------    d-----w-    c:\program files\AVAST Software
    2014-10-11 16:48 . 2014-10-11 16:49    --------    d-----w-    c:\programdata\AVAST Software
    2014-10-10 03:40 . 2014-10-10 03:40    --------    d-----w-    c:\users\Megan325\AppData\Local\Macromedia
    2014-10-10 03:40 . 2014-10-10 03:40    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-10-10 03:40 . 2014-10-10 03:40    701104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2014-10-10 03:40 . 2014-10-10 03:40    --------    d-----w-    c:\windows\system32\Macromed
    2014-10-02 02:54 . 2014-10-02 03:33    --------    d-----w-    c:\programdata\HitmanPro
    2014-10-02 02:53 . 2014-10-02 19:53    278152    ------w-    c:\windows\system32\MpSigStub.exe
    2014-10-01 00:15 . 2014-10-01 00:15    --------    d-----w-    c:\program files (x86)\Techsnab
    2014-10-01 00:10 . 2014-09-25 02:08    371712    ----a-w-    c:\windows\system32\qdvd.dll
    2014-10-01 00:10 . 2014-09-25 01:40    519680    ----a-w-    c:\windows\SysWow64\qdvd.dll
    2014-09-30 02:35 . 2014-09-30 02:35    5    ----a-w-    c:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-10-30 00:14 . 2012-12-28 13:09    380    ----a-w-    c:\users\Megan325\AppData\Roaming\sp_data.sys
    2014-10-16 00:12 . 2013-01-13 22:29    103265616    ----a-w-    c:\windows\system32\MRT.exe
    2014-10-10 21:56 . 2014-09-05 21:56    70144    ----a-w-    c:\windows\SysWow64\tasks.dll
    2014-09-09 22:11 . 2014-09-24 12:10    2048    ----a-w-    c:\windows\system32\tzres.dll
    2014-09-09 21:47 . 2014-09-24 12:10    2048    ----a-w-    c:\windows\SysWow64\tzres.dll
    2014-09-06 22:43 . 2014-09-06 22:43    98216    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2014-08-27 23:23 . 2011-03-29 02:36    23256    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2014-08-23 02:07 . 2014-08-27 23:30    404480    ----a-w-    c:\windows\system32\gdi32.dll
    2014-08-23 01:45 . 2014-08-27 23:30    311808    ----a-w-    c:\windows\SysWow64\gdi32.dll
    2014-08-01 11:53 . 2014-09-22 12:36    1031168    ----a-w-    c:\windows\system32\TSWorkspace.dll
    2014-08-01 11:35 . 2014-09-22 12:36    793600    ----a-w-    c:\windows\SysWow64\TSWorkspace.dll
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HP Officejet Pro 8620 (NET)"="c:\program files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" [2013-09-11 3485728]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
    "ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-03-06 3331312]
    "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
    "SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
    "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-23 318080]
    "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-25 174720]
    "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
    "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
    "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-03 43816]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-08 152392]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    CineForm Status.lnk - c:\program files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe [2014-1-29 144384]
    FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe -d [2012-4-22 12862]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
    R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
    R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
    R3 aswVmm;aswVmm;c:\users\Megan325\AppData\Local\Temp\aswVmm.sys;c:\users\Megan325\AppData\Local\Temp\aswVmm.sys [x]
    R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
    R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
    R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
    R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
    R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
    R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
    S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
    S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
    S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
    S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
    S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
    S2 DigiTraceSSSvc;DigiTrace Supervisor Master Server Service;c:\program files (x86)\Pentair Thermal Management\DigiTrace Supervisor Master Server\SupervisorServer.exe;c:\program files (x86)\Pentair Thermal Management\DigiTrace Supervisor Master Server\SupervisorServer.exe [x]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
    S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
    S3 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - HITMANPRO37
    *Deregistered* - hitmanpro37
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-08-17 15:27    1104200    ----a-w-    c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-10-30 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-3273618889-1627324363-2844995654-1001.job
    - c:\users\Megan325\AppData\Local\Citrix\GoToMeeting\1865\g2mupdate.exe [2014-10-29 00:44]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2014-10-11 16:50    634872    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
    @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
    [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
    2011-05-25 07:09    227840    ----a-w-    c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
    @="{64174815-8D98-4CE6-8646-4C039977D808}"
    [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
    2011-05-25 07:09    227840    ----a-w-    c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2011-10-26 1654992]
    "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-10-04 213824]
    "Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2011-08-02 416992]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-03 167704]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-11-03 392472]
    "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    uInternet Settings,ProxyOverride = ;192.168.*.*
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Megan325\AppData\Roaming\Mozilla\Firefox\Profiles\qfh3wg8k.default\
    FF - prefs.js: browser.startup.homepage - google.com
    FF - prefs.js: network.proxy.type - 0
    FF - ExtSQL: 2014-10-01 23:09; firefox-hotfix@mozilla.org; c:\users\Megan325\AppData\Roaming\Mozilla\Firefox\Profiles\qfh3wg8k.default\extensions\firefox-hotfix@mozilla.org.xpi
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKCU-Run-HLBackupScheduler - c:\program files\Verizon Cloud\Verizon Cloud Service.exe
    SafeBoot-92664554.sys
    HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
    Toolbar-Locked - (no file)
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
    AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2014-10-29  21:54:05
    ComboFix-quarantined-files.txt  2014-10-30 01:54
    .
    Pre-Run: 56,251,449,344 bytes free
    Post-Run: 55,490,691,072 bytes free
    .
    - - End Of File - - EC4406616049BCE526CA29AA8B11326F
     



    #18 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 30 October 2014 - 05:16 AM

    Looks like some entries where removed, lets do this

     

    ESET Online Scanner
    I'd like us to scan your machine with ESET OnlineScan
     
    *Note
    It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.
     
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
  • scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as
  • ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png
  • Please make sure you include the following items in your next post:
    The log that was produced after running ESET Online Scanner.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #19 hondaspeed05

    hondaspeed05

      New Member

    • Authentic Member
    • Pip
    • 15 posts

    Posted 31 October 2014 - 04:57 AM

    here it is: 

     

    C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe    a variant of Win32/Techsnab.A potentially unwanted application
    C:\Program Files (x86)\Techsnab\Chrome Launcher\chromelauncher.dll    a variant of Win32/Techsnab.A potentially unwanted application
    C:\Program Files (x86)\Techsnab\Chrome Launcher\chromelauncher.exe    a variant of Win32/Techsnab.A potentially unwanted application
    C:\Program Files (x86)\Techsnab\Chrome Launcher\chromelauncherx64.dll    a variant of Win32/Techsnab.A potentially unwanted application
    C:\Program Files (x86)\Techsnab\Chrome Launcher\chromelauncherx64.exe    a variant of Win32/Techsnab.A potentially unwanted application
    C:\Program Files (x86)\Techsnab\Chrome Launcher\tasks.dll    a variant of Win32/Techsnab.A potentially unwanted application
     



    #20 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 31 October 2014 - 06:12 AM

    Some bad stuff, this should take care of it

     

     
    Open notepad (Start --> All Programs --> Accessories --> Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as FRST or FRST64 as fixlist.txt. (it has to be right next to FRST or FRST64) either in a directory you saved FRST or FRST64 or on your desktop if thats where you saved it.
    You can use your mouse to drag Fixlist right next to FRST or FRST64, either above or below it but not on top of it.
     
    Start
    CloseProcesses:
    C:\Program Files (x86)\Techsnab
    Hosts:
    EmptyTemp:
    End
    
     
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
     
    Then open FRST or FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #21 hondaspeed05

    hondaspeed05

      New Member

    • Authentic Member
    • Pip
    • 15 posts

    Posted 31 October 2014 - 11:00 AM

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2014 01
    Ran by Megan325 at 2014-10-31 12:49:33 Run:2
    Running from C:\Users\Megan325\Desktop\computer fix
    Loaded Profile: Megan325 (Available profiles: Megan325)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    C:\Program Files (x86)\Techsnab
    Hosts:
    EmptyTemp:
    End
    *****************

    Processes closed successfully.
    C:\Program Files (x86)\Techsnab => Moved successfully.
    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 59.7 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog ====



    #22 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 31 October 2014 - 11:48 AM

    How is your system behaving now ??



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #23 hondaspeed05

    hondaspeed05

      New Member

    • Authentic Member
    • Pip
    • 15 posts

    Posted 31 October 2014 - 12:37 PM

    So far, so good.  only issue is that the wireless keeps turning off everytime it restarts.

     

    Also, do you have a reccomendation for anti-virus and anti-spyware programs??



    #24 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 31 October 2014 - 01:23 PM

    :thumbup:

     

    What I would do is post in our Networking forum for help with your wireless connection, there more in tune to help you with this

    http://forums.whatth...p?showforum=128

     

    Trend Micro Titanium Internet Security 2012 <-- Looks like your version is a few years old, I would update it.  If you want a free AV I have Microsoft Security Essentials on my system and its running with no problems

    http://www.microsoft...ls.aspx?id=5201

     

    You should only have one AV running, with AV software more is not better, more than one can hamper system performance, you need just one, keep it updated and run regular scans so if you decide to to with MSE than you need to uninstall Trendmicro

     

    As far as Anti Malware, the best in my opinion is the Pro Version of Malwarebytes, it will help block known bad websites, the cost is minimal but this of course is up to you

     

     

    Double click on AdwCleaner.exe to run the tool again.
    •  
    • Click on the Uninstall button.
    • Click Yes when asked are you sure you want to uninstall.
    • Both AdwCleaner.exe, its folder and all logs will be removed.
     
     
     
    ==========================================================
     
     
    Please download DelFix and save the file to your Desktop.
     
    •  
    • Windows XP Double Click DelFix.exe to run the program. 
    • Windows Vista > Win 7 > Win 8 Right Click on DelFix.exe and select RUN AS ADMINISTRATOR 
    • Place a checkmark next to the following items
     
    •  
    • Activate UAC
    • Remove Disinfection Tools
    • Create registry backup
    • Reset System Settings
     
     
    Click the Run button
     
    This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually
     
     
     
    ==========================================================
     
     
     
    •  
    How did I get infected in the first place ?    
    Read these links and find out how to prevent getting infected again.
     
     
     
    Safe Surfn
    Ken

     



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #25 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 03 November 2014 - 05:05 AM

    Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

    If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

    Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
    and start a New Topic.

     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

      Advertisements

    Register to Remove

    Related Topics




    Also tagged with one or more of these keywords: Proxy server malware, proxy server, malware, proxy

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users