WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Dec 17 Hijack Log - first time user of Hijack

Started by JakeIM , Dec 17 2005 09:05 AM

This topic is locked

4 replies to this topic

#1 JakeIM

New Member

New Member
2 posts

Posted 17 December 2005 - 09:05 AM

XP home
ZoneAlarm Suite
Counterspy

Logfile of HijackThis v1.99.1
Scan saved at 6:54:40 PM, on 11/20/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ActivCard\acautoreg.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\MMKeybd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Netropa\Traymon.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\Netropa\OSD.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Documents and Settings\Micah the Grump\My Documents\download\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\documents and settings\all users\reader\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [InstallNAIProduct] "E:\Vsp\setup.exe" /RUNKEY
O4 - HKLM\..\Run: [QuickPassword] C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {001000AF-2DEF-0202-10B6-DC5BA692C858} (X10NetTest Class) - http://www.x10.com/s.../X10NetTest.cab
O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - https://cs7b.instant...erxsigned42.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livesc03.righ...l/java/RntX.cab
O23 - Service: ActivCard Gold Autoregister (acautoreg) - ActivCard S.A. - C:\Program Files\Common Files\ActivCard\acautoreg.exe
O23 - Service: ActivCard Gold service (Accoca) - ActivCard - C:\Program Files\Common Files\ActivCard\accoca.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Advertisements

Register to Remove

#2 Piatan

SuperMember

Authentic Member
1,825 posts

Posted 24 December 2005 - 01:51 PM

Thanks for sending your information. We are sorry for the delay in responding. The volunteers here are swamped and unfortunately not all logs get answered as quickly as we'd like.

If you still need help with your problem, please run Hijack This again. Scan and copy the log, then post it here, in this topic .

Please use the Post Reply feature, so I will be notified.

Please advise the nature of the problem.

Please do not edit your Hijack This log in any way. We need to see the entire logfile, with no revisions.

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

#3 JakeIM

New Member

New Member
2 posts

Posted 29 December 2005 - 03:59 PM

Logfile of HijackThis v1.99.1
Scan saved at 4:57:12 PM, on 12/29/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\Program Files\Common Files\ActivCard\acautoreg.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\GEARSEC.EXE
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunThreatEngine.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\SunProtectionServer.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\MMKeybd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\Program Files\Netropa\Traymon.exe
C:\Program Files\Netropa\OSD.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Micah the Grump\My Documents\download\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\documents and settings\all users\reader\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [DellTouch] C:\WINDOWS\MMKeybd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [InstallNAIProduct] "E:\Vsp\setup.exe" /RUNKEY
O4 - HKLM\..\Run: [QuickPassword] C:\Program Files\ActivCard\ActivCard Gold\agquickp.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 02] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [SunServer] C:\Program Files\Sunbelt Software\CounterSpy\Consumer\sunserver.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - Global Startup: Zone Labs Security.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {001000AF-2DEF-0202-10B6-DC5BA692C858} (X10NetTest Class) - http://www.x10.com/s.../X10NetTest.cab
O16 - DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} (CustomerCtrl Class) - https://cs7b.instant...erxsigned42.cab
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} (PhotosCtrl Class) - http://photos.yahoo....plorer1_9us.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livesc03.righ...l/java/RntX.cab
O23 - Service: ActivCard Gold Autoregister (acautoreg) - ActivCard S.A. - C:\Program Files\Common Files\ActivCard\acautoreg.exe
O23 - Service: ActivCard Gold service (Accoca) - ActivCard - C:\Program Files\Common Files\ActivCard\accoca.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSEC.EXE
O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

#4 Piatan

SuperMember

Authentic Member
1,825 posts

Posted 29 December 2005 - 04:50 PM

Hi JakeIM

I see no actual Malware in your Hijack This logfile. However, HJT cannot see everything. You didn't mention the reason for posting, or if you are having specific problems. If so, please do not hesitate to advise me of this.

The following will provide a good general cleanup of your PC and is recommended to do once a month or so, just to check for problems.

Please use the following links to run two, or more of these online Virus Scanners and let them fix whatever they find.

If you are using any of the browsers listed just below, the following online Virus scanning site is compatable.
http://be.trendmicro...call_launch.php
If you are using any of these browsers:
Microsoft Internet Explorer
Netscape (6+)
Mozilla (1+)
Firefox (all)
Opera (7.5+)

Internet Explorer users can also use the following links.

When using Trend Micro, be sure and put a check in the box by "Auto Clean" before you do the scan. If it finds anything that it cannot clean have it delete it or make a note of the file location, so you can delete it yourself.
http://www.kaspersky...ml?id=146100010
Bitdefender and let it delete everything it finds.
TrendMicro HouseCall
eTrust AntiVirus Web Scanner
Panda ActiveScan
Note any thing that can't be fixed
Reboot when done.

And here are links to two online Trojan Scanners. Lets run one, or both of these too.

http://scan.sygatete...trojanscan.html

And here:
http://www.windowsec...com/trojanscan/

If you are unable to get or use either of the online Trojan Scanners above...........

Go here http://www.trojanhunter.com/ and download and run the free trial of Trojan Hunter.

Then, Please download and install Ad-Aware SE and Spybot S&D according to the following instructions. If you already have these programs, please make sure they are the latest version and have been updated today. Then run full systems scans as described below.

Install and how to use the NEW Ad-aware SE
http://www.bleepingc...showtutorial=48

Reboot after using Ad-Aware SE.
Download the VX cleaner plug in for Adaware. Install it, then open Adaware & go to *add-ons* & run the plug-in. If anything is found, select *clean system* & when done, reboot & run Adaware & let it finish the clean-up. Reboot again.

Would you please download the Spybot S&D program from here Spybot S&D and install it.

Select Search for updates.
Then select all available updates that are displayed in the white box.
Select a download mirror nearest your location.
Then select Download updates .
Shut down and restart Spybot.
Select the Search and destroy icon and click on Check for Problems.
Delete/fix anything that spybot lists In RED.

.

Then, please REBOOT, to allow Spybot to finish working.

Please download CCleaner from here to clean temp files from your computer.

Double click on the file to start the installation of the program.
Select your language and click OK, then next.
Read the license agreement and click I Agree.
Click next to use the default install location. Click Install then finish to complete installation.
Double click the CCleaner shortcut on the desktop to start the program.
Click Run Cleaner to run the program.
Caution : It is not recommended to use the 'Issues' tab as it is known to find legitimate items.
After it has completed it's process, click Exit.

Here are some tips, to reduce the potential for spyware infection in the future, I strongly recommend installing the following applications:

Spywareblaster <= SpywareBlaster will prevent spyware from being installed.
Spywareguard <= SpywareGuard offers realtime protection from spyware installation attempts.

To protect yourself further:

MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
Google Toolbar <= Get the free google toolbar to help stop pop up windows.

I also suggest that you delete any files from "temp", "tmp" folders. In Internet Explorer, click on "Tools" => "Internet Options" => "Delete Files" and select the box that says "Delete All Offline Content" and click on "OK" twice. Also, empty the recycle bin by right clicking on it and selecting "Empty Recycle Bin". These steps should be done on a regular basis.

And also see TonyKlein's good advice
http://castlecops.co...tlite7736-.html
So how did I get infected in the first place?

Safe surfing. :wavey:

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

#5 Piatan

SuperMember

Authentic Member
1,825 posts

Posted 16 January 2006 - 01:44 PM

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Want to help others? Join the ClassRoom and learn how.

Body Background

skin color theme