Jump to content

Trojan Dorkbot Ed


Recommended Posts

A full scan reported Trojan Dorkbot Ed but wondering if this is a false positive.

Below is log from MBAM afetr full scan. Then attach.txt and dds.txt contents.

Thank you.

 

MBAM Log

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.13.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
tisteven :: TISTEVEN-GB [administrator]

Protection: Enabled

13/02/2014 12:56:52
mbam-log-2014-02-13 (12-56-52).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 567942
Time elapsed: 1 hour(s), 57 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\ORACLE\PRIMAVERA RISK ANALYSIS\PROCESSKILLER.EXE (Trojan.Dorkbot.ED) -> Data: 1 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Program Files (x86)\Oracle\Primavera Risk Analysis\ProcessKiller.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Oracle\Primavera Risk Analysis\StopSupportLogger.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Oracle\Primavera Risk Analysis\RiskRegister\LoadArmRisks.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Oracle\Primavera Risk Analysis\RiskRegister\ReportBuilder.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Oracle\Primavera Risk Analysis\RiskRegister\ReportManager.exe (Trojan.Dorkbot.ED) -> Quarantined and deleted successfully.
C:\ProgramData\Oracle\MyDesktopHolding\unlicensed\global\mydesktop\windows\oracle-mydesktop-4.0.1.0-w32.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\ProgramData\Oracle\MyDesktopHolding\unlicensed\global\mydesktop\windows\pluginvmdetect_2.0.0.0.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

(end)
 

 

Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 30/11/2012 05:29:08
System Uptime: 14/02/2014 09:29:19 (8 hours ago)
.
Motherboard: Dell Inc. |  | 0P1XMK
Processor: Intel® Core i5-3320M CPU @ 2.60GHz | SOCKET 0 | 2601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 160 GiB total, 24.235 GiB free.
D: is FIXED (NTFS) - 297 GiB total, 248.056 GiB free.
F: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Dell Wireless 380 Bluetooth 4.0 Module
Device ID: USB\VID_413C&PID_8197\20689D62E9E4
Manufacturer: Broadcom
Name: Dell Wireless 380 Bluetooth 4.0 Module
PNP Device ID: USB\VID_413C&PID_8197\20689D62E9E4
Service: BTHUSB
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: USB Video Device
Device ID: USB\VID_0C45&PID_648B&MI_00\7&15BCEF06&0&0000
Manufacturer: Microsoft
Name: Integrated Webcam
PNP Device ID: USB\VID_0C45&PID_648B&MI_00\7&15BCEF06&0&0000
Service: usbvideo
.
==== System Restore Points ===================
.
RP149: 18/01/2014 15:12:22 - Windows Update
RP150: 18/01/2014 22:56:17 - Windows Update
RP151: 26/01/2014 09:52:13 - Scheduled Checkpoint
RP152: 08/02/2014 10:18:08 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 3 (SP3)
7-Zip 4.65 (x64 edition)
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader XI (11.0.06)
Adobe SVG Viewer 3.0
Advanced Audio FX Engine
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Balsamiq Mockups For Desktop
BlueGriffon version 1.7.2
Bonjour
calibre 64bit
Camtasia Studio 7
CDBurnerXP
Cisco AnyConnect VPN Client
Cisco Jabber Video for TelePresence
Cisco WebEx Meetings
CMD Prompt Here as Administrator PowerToy v1.0.2 (Uninstall only)
CMD Prompt Here PowerToy v1.0.3 (Uninstall only)
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
Dell Client System Update
Dell Feature Enhancement Pack
Dell Touchpad
Dell Webcam Central
Development Base Image
DHTML Editing Component
Dino-Lite 4xx Driver
Dropbox
Flickr Uploadr 3.2.1
GIMP 2.8.10
GnuWin32: Gawk-3.1.6-1
Google Chrome
Google Drive
Google Update Helper
Google+ Auto Backup
GoToMeeting 5.5.0.1133
HandBrake 0.9.9.1
IDT Audio
Intel® Processor Graphics
Java 7 Update 45
Java 7 Update 45 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 17
Java SE Development Kit 7 Update 17 (64-bit)
Java SE Development Kit 7 Update 21
Java 6 Update 65
Java 6 Update 65 (64-bit)
Java SE Development Kit 6 Update 38
Java SE Development Kit 6 Update 38 (64-bit)
Live! Cam Avatar Creator
Lucidor
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Agent
McAfee Host Intrusion Prevention
McAfee SiteAdvisor Enterprise Plus
McAfee VirusScan Enterprise
Mercurial 2.4.1 (x64)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Visio Viewer 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visio Viewer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Mozilla Firefox 24.3.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Recording Player
Node.js
Oracle Beehive Conferencing
Oracle Beehive Extensions for Outlook
Oracle Beehive for Outlook
Oracle Content Server - Desktop Integration Suite
Oracle Crystal Ball (32-bit)
Oracle Data Protection 1.8.0.0
Oracle Database 11g Express Edition
Oracle Online Assistance
Oracle Open Office 3.3
Picasa 3
Pidgin
prerequisite
Primavera P6 Professional R8.2
Primavera Risk Analysis
PrimoPDF
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition
SketchUp 8
Skype™ 6.11
Splashtop Software Updater
Splashtop Streamer
TeamViewer 8
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WIDCOMM Bluetooth Software
.
==== Event Viewer Messages From Past Week ========
.
14/02/2014 09:18:01, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
14/02/2014 09:16:27, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the OracleXETNSListener service to connect.
13/02/2014 15:18:14, Error: Service Control Manager [7038]  - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
13/02/2014 15:18:14, Error: Service Control Manager [7038]  - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
13/02/2014 15:18:14, Error: Service Control Manager [7000]  - The Network List Service service failed to start due to the following error:  The service did not start due to a logon failure.
13/02/2014 15:18:14, Error: Service Control Manager [7000]  - The Diagnostic Service Host service failed to start due to the following error:  The service did not start due to a logon failure.
13/02/2014 15:18:14, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}
13/02/2014 15:18:14, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
13/02/2014 15:18:13, Error: Service Control Manager [7043]  - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
13/02/2014 15:18:13, Error: Service Control Manager [7038]  - The TermService service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error:  The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
13/02/2014 15:18:13, Error: Service Control Manager [7024]  - The OracleDBConsoleorcl service terminated with service-specific error The system cannot find the file specified..
13/02/2014 15:18:13, Error: Service Control Manager [7000]  - The Remote Desktop Services service failed to start due to the following error:  The service did not start due to a logon failure.
13/02/2014 10:11:19, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
13/02/2014 10:08:05, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 8 service to connect.
13/02/2014 10:08:05, Error: Service Control Manager [7000]  - The TeamViewer 8 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/02/2014 19:02:52, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dell Feature Enhancement Pack Service service to connect.
12/02/2014 19:02:52, Error: Service Control Manager [7000]  - The Dell Feature Enhancement Pack Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/02/2014 12:19:29, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the btwdins service.
.
==== End Of File ===========================
 

dds.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.45.2
Run by tisteven at 17:10:40 on 2014-02-14
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8066.3595 [GMT 0:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Host Intrusion Prevention Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\McAfee\Host Intrusion Prevention\FireSvc.exe
C:\Program Files (x86)\McAfee\Host Intrusion Prevention\HIPSCore\x64\HIPSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Windows\system32\mfevtps.exe
C:\ProgramData\Oracle\MyDesktop\MyDesktopService.exe
C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
C:\windows\system32\o2flash.exe
D:\app\tisteven\product\11.2.0\dbhome_1\bin\nmesrvc.exe
D:\app\tisteven\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe
d:\app\tisteven\product\11.2.0\dbhome_1\bin\ORACLE.EXE
d:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE
D:\app\tisteven\product\11.2.0\dbhome_1\perl\bin\perl.exe
D:\app\tisteven\product\11.2.0\dbhome_1\bin\emagent.exe
C:\ProgramData\Oracle\MyDesktop\MyDesktopQOS.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\SERVER\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\rundll32.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
C:\Windows\vsnp2std.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\tisteven\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
C:\Program Files (x86)\McAfee\Host Intrusion Prevention\FireTray.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Users\tisteven\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
D:\Dropbox\PureText.exe
C:\Program Files\DellTPad\Apntex.exe
C:\windows\System32\mobsync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\app\tisteven\product\11.2.0\dbhome_1\jdk\bin\java.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank

uProxyOverride = files.us.oracle.com;oab.uk.oracle.com;*.oraclecorp.com;*.oracleads.com;*.oracle.com;*.oracleportal.com;*.local;<local>
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\jre1.7.0_45\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20131024181857.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Java\jre1.7.0_45\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Cisco Movi] "C:\Program Files (x86)\Cisco\Movi\movi.exe" /logon
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Google+ Auto Backup] "C:\Users\tisteven\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
mRun: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
mRun: [McAfee Host Intrusion Prevention Tray] "C:\Program Files (x86)\McAfee\Host Intrusion Prevention\FireTray.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [shStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
dRunOnce: [MoviConfig] C:\ProgramData\Oracle\BaseImage\config\cfg_cisco_movi.exe /SS=YES
StartupFolder: C:\Users\tisteven\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\tisteven\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\tisteven\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PURETE~1.LNK - D:\Dropbox\PureText.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: ClearRecentProgForNewUserInStartMenu = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: LocalAccountTokenFilterPolicy = dword:1
mPolicies-System: HideFastUserSwitching = dword:1
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}







DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: NameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{9252D2AE-B42D-48C9-8BC0-E7B9BD88182D} : DHCPNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{9252D2AE-B42D-48C9-8BC0-E7B9BD88182D}\244584572633D2854583D4 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9252D2AE-B42D-48C9-8BC0-E7B9BD88182D}\244584572643D235052584 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9252D2AE-B42D-48C9-8BC0-E7B9BD88182D}\244584572653D275933533 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{9252D2AE-B42D-48C9-8BC0-E7B9BD88182D}\35F6C656023597374756D63702 : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{9252D2AE-B42D-48C9-8BC0-E7B9BD88182D}\E4545564F503641334 : DHCPNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli GDSPassw C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.7.0_45\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20131024181857.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.7.0_45\bin\jp2ssv.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [DFEPApplication] C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
x64-Run: [snp2std] C:\windows\vsnp2std.exe





x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\tisteven\AppData\Roaming\Mozilla\Firefox\Profiles\dcm4ef5z.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 2
FF - plugin: C:\Java\jre1.7.0_45\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Java\jre1.7.0_45\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Users\tisteven\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\tisteven\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-11-30 16152]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2012-5-23 673624]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2013-10-9 305280]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\windows\System32\drivers\stdcfltn.sys [2012-11-30 22128]
R2 DFEPService;Dell Feature Enhancement Pack Service;C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-5-8 2279960]
R2 enterceptAgent;McAfee Host Intrusion Prevention Service;C:\Program Files (x86)\McAfee\Host Intrusion Prevention\FireSvc.exe [2010-6-15 1498224]
R2 hips;McAfee HIPSCore Service;C:\Program Files (x86)\McAfee\Host Intrusion Prevention\HIPSCore\x64\HIPSvc.exe [2012-5-23 39840]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-13 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-13 701512]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2011-5-12 324928]
R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2011-5-19 120128]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2013-10-9 202376]
R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [2012-8-14 210056]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2012-5-23 170440]
R2 MyDesktopWindows;MyDesktopService;C:\ProgramData\Oracle\MyDesktop\mydesktopservice.exe [2013-7-5 5364224]
R2 OracleOraDb11g_home1TNSListener;OracleOraDb11g_home1TNSListener;D:\app\tisteven\product\11.2.0\dbhome_1\BIN\TNSLSNR  --> D:\app\tisteven\product\11.2.0\dbhome_1\BIN\TNSLSNR  [?]
R2 OracleServiceORCL;OracleServiceORCL;d:\app\tisteven\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL --> d:\app\tisteven\product\11.2.0\dbhome_1\bin\ORACLE.EXE ORCL [?]
R2 OracleServiceXE;OracleServiceXE;d:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE --> d:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE XE [?]
R2 QOSMyDesktop;QOS MyDesktop;C:\ProgramData\Oracle\MyDesktop\MyDesktopQOS.exe [2009-10-13 470016]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-9-2 790368]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-8-7 609056]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-8-13 5087584]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2012-6-19 645088]
R3 cvusbdrv;Dell ControlVault;C:\windows\System32\drivers\cvusbdrv.sys [2012-11-30 45672]
R3 FirehkMP;FirehkMP;C:\windows\System32\drivers\firehk.sys [2012-5-23 56648]
R3 HIPK;McAfee Inc. HIPK;C:\windows\System32\drivers\HIPK.sys [2012-5-23 138904]
R3 HIPPSK;McAfee Inc. HIPPSK;C:\windows\System32\drivers\HIPPSK.sys [2012-5-23 45424]
R3 HIPQK;McAfee Inc. HIPQK;C:\windows\System32\drivers\HIPQK.sys [2012-5-23 40152]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-11-30 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-11-30 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-11-30 788760]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-2-13 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2013-10-9 282736]
R3 O2SDJRDR;O2SDJRDR;C:\windows\System32\drivers\o2sdjw7x64.sys [2012-11-30 84712]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\windows\System32\drivers\ST_ACCEL.sys [2012-11-30 68208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 OracleXETNSListener;OracleXETNSListener;D:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE [2011-8-27 512000]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\windows\System32\drivers\bcbtums.sys [2012-11-30 135720]
S3 btwampfl;btwampfl Bluetooth filter driver;C:\windows\System32\drivers\btwampfl.sys [2012-11-30 615464]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2012-11-30 39976]
S3 CompFilter64;UVCCompositeFilter;C:\windows\System32\drivers\lvbflt64.sys [2011-12-15 25632]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-11-30 172704]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Firehk;McAfee NDIS Intermediate Filter;C:\windows\System32\drivers\firehk.sys [2012-5-23 56648]
S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\drivers\lvrs64.sys [2011-12-15 351392]
S3 LVUVC64;Logitech HD Webcam C510(UVC);C:\windows\System32\drivers\lvuvc64.sys [2011-12-15 4862368]
S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\drivers\mferkdet.sys [2013-10-9 101200]
S3 OracleOraDb11g_home1ClrAgent;OracleOraDb11g_home1ClrAgent;D:\app\tisteven\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS="EXTPROC_DLLS=ONLY:D:\app\tisteven\product\11.2.0\dbhome_1\bin\oraclr11.dll" --> D:\app\tisteven\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe agent_sid=CLRExtProc max_dispatchers=2 tcp_dispatchers=0 max_task_threads=6 max_sessions=25 ENVS=EXTPROC_DLLS=ONLY:D:\app\tisteven\product\11.2.0\dbhome_1\bin\oraclr11.dll [?]
S3 OracleVssWriterORCL;Oracle ORCL VSS Writer Service;d:\app\tisteven\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL --> d:\app\tisteven\product\11.2.0\dbhome_1\bin\OraVSSW.exe ORCL [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-10-26 19456]
S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-10-26 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-10-26 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-5-9 1255736]
S4 OracleJobSchedulerORCL;OracleJobSchedulerORCL;d:\app\tisteven\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL --> d:\app\tisteven\product\11.2.0\dbhome_1\Bin\extjob.exe ORCL [?]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE;d:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE --> d:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe XE [?]
.
=============== File Associations ===============
.
FileExt: .vbe: VBEFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .vbs: VBSFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2]
FileExt: .js: JSFile=C:\windows\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .jse: JSEFile=C:\windows\System32\CScript.exe "%1" %* [default=Open2]
FileExt: .wsf: WSFFile="C:\windows\System32\CScript.exe" "%1" %* [default=Open2]
.
=============== Created Last 30 ================
.
2014-02-13 15:16:29    47080    ----a-w-    C:\windows\System32\HIPIS0e011b51.dll
2014-02-13 15:16:29    40328    ----a-w-    C:\windows\SysWow64\HIPIS0e011b51.dll
2014-02-13 12:42:53    --------    d-----w-    C:\Users\tisteven\AppData\Roaming\Malwarebytes
2014-02-13 12:42:42    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-02-13 12:42:40    25928    ----a-w-    C:\windows\System32\drivers\mbam.sys
2014-02-13 12:42:40    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-26 14:29:57    --------    d-----w-    C:\Users\tisteven\AppData\Roaming\Flickr
2014-01-26 14:29:57    --------    d-----w-    C:\Users\tisteven\AppData\Local\Flickr
2014-01-26 14:29:22    --------    d-----w-    C:\Program Files (x86)\Flickr Uploadr
2014-01-18 15:01:17    53248    ----a-w-    C:\windows\System32\drivers\usbehci.sys
2014-01-18 15:01:17    325120    ----a-w-    C:\windows\System32\drivers\usbport.sys
2014-01-18 15:01:16    99840    ----a-w-    C:\windows\System32\drivers\usbccgp.sys
2014-01-18 15:01:16    7808    ----a-w-    C:\windows\System32\drivers\usbd.sys
2014-01-18 15:01:16    343040    ----a-w-    C:\windows\System32\drivers\usbhub.sys
2014-01-18 15:01:16    30720    ----a-w-    C:\windows\System32\drivers\usbuhci.sys
2014-01-18 15:01:16    25600    ----a-w-    C:\windows\System32\drivers\usbohci.sys
2014-01-18 14:45:19    3156480    ----a-w-    C:\windows\System32\win32k.sys
.
==================== Find3M  ====================
.
2014-02-10 09:48:46    71048    ----a-w-    C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-10 09:48:46    692616    ----a-w-    C:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 23:39:00    141472    ----a-w-    C:\windows\SysWow64\KevlarSigs.dll
2014-01-06 19:23:36    4558848    ----a-w-    C:\windows\SysWow64\GPhotos.scr
2013-12-18 10:38:16    108968    ----a-w-    C:\windows\System32\WindowsAccessBridge-64.dll
.
============= FINISH: 17:11:26.19 ===============
 

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.