Warning

 

Close
Confirm Action

Are you sure you wish to do this?

Cancel Confirm
4660 Online
bravocompany bravocompany bravocompany
brownells brownells
tnvc tnvc tnvc
AR15.COM
bravocompany
My Account
bravocompany bravocompany bravocompany
brownells brownells
tnvc tnvc tnvc
RS
vortex
JRH
magpul
colt
springfield
Guns
DFC
OSIGHT
geissele
bravocompany
midwest
palmetto
GS
cz
Holosun
skd
primaryArms
aim
fightlite
silencerShop
brownells
4660 Online
Guns
JRH
geissele
GS
Holosun
fightlite
OSIGHT
palmetto
RS
colt
vortex
cz
aim
midwest
silencerShop
DFC
springfield
primaryArms
bravocompany
skd
magpul
brownells
Site News Could You Have Stopped This? Vegas Shooting Analysis with Attorneys on Retainer
Sponsor News Introducing TNVC's NEW and Exclusive Filmed SuperGain (FSG) and Chimera Panoramic Goggle Giveaway!
5/29/2011 3:55:39 AM EDT
I hope you guys can help me.

Late last night I was searching for info on Air Intakes for my Jeep,, I was watching a few YouTube videos about the Air Intakes and then I started getting these virus warnings, One warning in particular asked me to click to check the computer for viruses, I did, it found 7 but could only remove 3, to remove the other 4 I had to buy a subscription for $80.00 I believe. I closed that window and I ran my own AVG9 and during the search for viruses I probably received about 20 more warnings, some appeared to be from Windows XP, some from "Resident Shield" (?) and some others were warnings that I was running out of memory, and others that something was wrong with the hard drive and needed to reboot, I ignored all these, my AVG9, found 6 viruses, Trojan something 22 I think, and then everything went to hell. A lot of my icons on my desk top disappeared, when I clicked on Start, Programs it showed empty. Soon after that the computer went off.

After I rebooted, I was missing a lot of the icons and my program list was empty. I rebooted in safe mode and attempted to run AVG and Spy bot but it did not work, Again I rebooted with safe mode and  did a system restore and waited about 20 minutes for the SR to do it's thing. Everything seemed back to normal but really slow. I ran the AVG program again and found 4 Trojans, then Spybot found 6 ad-ware. This morning AVG found 4 more Trojans. But my problem continues.

What I have noticed so far is the following:

My computer is now very slow.
With Internet Explorer, I lost all my Favorites, Is there a way to get them back?  
When I try using Google, it searches  and lists all the results in the usual manner, but when I click on them it brings me to a totally different page, it looks like a different search engine.

This is what I have found so far, I am sure I'll find more problems, Can any of you computer gurus, help me with this? What can I do to solve this problem?

Thank you in advance.

Frank
5/30/2011 4:54:11 PM EDT
[#1]
I think you are still infected with whatever virus it is.

You may try this.  http://remove-malware.net/how-to-remove-resident-shield-new-virus-detected-popup/

5/31/2011 2:00:52 PM EDT
[#2]
Make sure the files aren't just hidden.  I had that happen on my work computer.
6/1/2011 11:13:16 AM EDT
[#3]
Quoted:
Make sure the files aren't just hidden.  I had that happen on my work computer.


They are, How do I undo that? I already went to Control Panel - Folder Option - View -  and the Show hidden Files is checked.

6/3/2011 10:17:54 PM EDT
[#4]
You need unhider.exe by a guy named grinler.

http://download.bleepingcomputer.com/grinler/unhide.exe

You also have a proxy running.

You'll want to re-register the ieproxy.dll file, and check the proxy settings for IE.

Go to Start, Run and type: msconfig.exe

Hit enter.

Click on services tab.

Hide all Microsoft services.

Look for stuff starting in places other than c:\windows and c:\windows\system32

Also, go to Start, Run and type %APPDATA% and hit enter.

Delete any funny-named files or folders.  Look in c:\documents and settings\all users\application data\ for gibberish file/folder names.

Download superantispware's portable free scanner.  http://www.superantispyware.com/portablescanner.html?tag=SAS_PORTABLEFOLDER
6/3/2011 10:26:33 PM EDT
[#5]
Quoted:
I hope you guys can help me.

Late last night I was searching for info on Air Intakes for my Jeep,, I was watching a few YouTube videos about the Air Intakes and then I started getting these virus warnings, One warning in particular asked me to click to check the computer for viruses, I did, it found 7 but could only remove 3, to remove the other 4 I had to buy a subscription for $80.00 I believe. I closed that window and I ran my own AVG9 and during the search for viruses I probably received about 20 more warnings, some appeared to be from Windows XP, some from "Resident Shield" (?) and some others were warnings that I was running out of memory, and others that something was wrong with the hard drive and needed to reboot, I ignored all these, my AVG9, found 6 viruses, Trojan something 22 I think, and then everything went to hell. A lot of my icons on my desk top disappeared, when I clicked on Start, Programs it showed empty. Soon after that the computer went off.

After I rebooted, I was missing a lot of the icons and my program list was empty. I rebooted in safe mode and attempted to run AVG and Spy bot but it did not work, Again I rebooted with safe mode and  did a system restore and waited about 20 minutes for the SR to do it's thing. Everything seemed back to normal but really slow. I ran the AVG program again and found 4 Trojans, then Spybot found 6 ad-ware. This morning AVG found 4 more Trojans. But my problem continues.

What I have noticed so far is the following:

My computer is now very slow.
With Internet Explorer, I lost all my Favorites, Is there a way to get them back?  
When I try using Google, it searches  and lists all the results in the usual manner, but when I click on them it brings me to a totally different page, it looks like a different search engine.

This is what I have found so far, I am sure I'll find more problems, Can any of you computer gurus, help me with this? What can I do to solve this problem?

Thank you in advance.

Frank


You wouldn't have this problem if you hadn't clicked on that.

You should read some of this stuff here:  http://nakedsecurity.sophos.com/2011/02/14/scareware-distribution-tactics-practical-protection-mechanisms/


6/3/2011 10:28:18 PM EDT
[#6]
There are likely 5 registry keys that have this malware running in it.

1) HKEY_CLASSES_ROOT\.exe

This is the content of a reg file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

2) HKEY_CLASSES_ROOT\exefile

This is the content of a registry file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"

3)HKEY_CURRENT_USER\Software\Classes

There should be no .exe hive or exefile hive here.

4)HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet

This is the contents of the registry file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]
@="IEXPLORE.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE]
@="Mozilla Firefox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities]
"ApplicationDescription"="Firefox delivers safe, easy web browsing. A familiar user interface, enhanced security features including protection from online identity theft, and integrated search let you get the most out of the web."
"ApplicationIcon"="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe,0"
"ApplicationName"="Firefox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\FileAssociations]
".htm"="FirefoxHTML"
".html"="FirefoxHTML"
".shtml"="FirefoxHTML"
".xht"="FirefoxHTML"
".xhtml"="FirefoxHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\StartMenu]
"StartMenuInternet"="FIREFOX.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\URLAssociations]
"ftp"="FirefoxURL"
"http"="FirefoxURL"
"https"="FirefoxURL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\DefaultIcon]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"HideIconsCommand"="\"C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe\" /HideShortcuts"
"ShowIconsCommand"="\"C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe\" /ShowShortcuts"
"ReinstallCommand"="\"C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe\" /SetAsDefaultAppGlobal"
"IconsVisible"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\properties]
@="Firefox &Options"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\properties\command]
@="\"C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe\" -preferences"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode]
@="Firefox &Safe Mode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command]
@="\"C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe\" -safe-mode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE]
@="Internet Explorer"
"LocalizedString"="@C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe,-702"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\DefaultIcon]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe,-7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"IconsVisible"=dword:00000001
"ShowIconsCommand"="\"C:\\Windows\\System32\\ie4uinit.exe\" -show"
"ReinstallCommand"="\"C:\\Windows\\System32\\ie4uinit.exe\" -reinstall"
"HideIconsCommand"="\"C:\\Windows\\System32\\ie4uinit.exe\" -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\naom]
"MUIVerb"="@C:\\Windows\\System32\\ieframe.dll,-39229"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\naom\command]
@="\"C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe\" -extoff"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"


The shell open commands for the web browsers will have the path to the virus in it, copy and paste the sections between the bold type and paste into text file (notepad.exe) or wordpad and save with .reg extension, and import into registry from safe-mode command prompt only.
6/4/2011 2:46:53 PM EDT
[#7]
THANK YOU SO MUCH!!!


Computer is up and running, so far so good. the only thing I noticed was not as before, was my Canon Utilities, I just unloaded all canon programs and reloaded them from the Canon CD. Now is working.
Even my Ipod is recognized and boots up Itunes when I plug the Ipod. I hope stays like this.

Thank you again!!!!

I'll remember, if I ever get a virus notice, log off, and run my own anti virus program. Lesson learned.
6/5/2011 7:10:48 AM EDT
[#8]
Quoted:
There are likely 5 registry keys that have this malware running in it.

1) HKEY_CLASSES_ROOT\.exe

This is the content of a reg file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

2) HKEY_CLASSES_ROOT\exefile

This is the content of a registry file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]
"HasLUAShield"=""

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser]
@="@shell32.dll,-50944"
"Extended"=""
"SuppressionPolicyEx"="{F211AA05-D4DF-4370-A2A0-9F19C09756A7}"

[HKEY_CLASSES_ROOT\exefile\shell\runasuser\command]
"DelegateExecute"="{ea72d00e-4960-42fa-ba92-7792a7944c1d}"

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers]
@="Compatibility"

[HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\Compatibility]
@="{1d27f844-3a1f-4410-85ac-14651078412d}"

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"

3)HKEY_CURRENT_USER\Software\Classes

There should be no .exe hive or exefile hive here.

4)HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet

This is the contents of the registry file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]
@="IEXPLORE.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE]
@="Mozilla Firefox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities]
"ApplicationDescription"="Firefox delivers safe, easy web browsing. A familiar user interface, enhanced security features including protection from online identity theft, and integrated search let you get the most out of the web."
"ApplicationIcon"="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe,0"
"ApplicationName"="Firefox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\FileAssociations]
".htm"="FirefoxHTML"
".html"="FirefoxHTML"
".shtml"="FirefoxHTML"
".xht"="FirefoxHTML"
".xhtml"="FirefoxHTML"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\StartMenu]
"StartMenuInternet"="FIREFOX.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\Capabilities\URLAssociations]
"ftp"="FirefoxURL"
"http"="FirefoxURL"
"https"="FirefoxURL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\DefaultIcon]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe,0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"HideIconsCommand"="\"C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe\" /HideShortcuts"
"ShowIconsCommand"="\"C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe\" /ShowShortcuts"
"ReinstallCommand"="\"C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe\" /SetAsDefaultAppGlobal"
"IconsVisible"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\properties]
@="Firefox &Options"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\properties\command]
@="\"C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe\" -preferences"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode]
@="Firefox &Safe Mode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command]
@="\"C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe\" -safe-mode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE]
@="Internet Explorer"
"LocalizedString"="@C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe,-702"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\DefaultIcon]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe,-7"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"IconsVisible"=dword:00000001
"ShowIconsCommand"="\"C:\\Windows\\System32\\ie4uinit.exe\" -show"
"ReinstallCommand"="\"C:\\Windows\\System32\\ie4uinit.exe\" -reinstall"
"HideIconsCommand"="\"C:\\Windows\\System32\\ie4uinit.exe\" -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\naom]
"MUIVerb"="@C:\\Windows\\System32\\ieframe.dll,-39229"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\naom\command]
@="\"C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe\" -extoff"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe"


The shell open commands for the web browsers will have the path to the virus in it, copy and paste the sections between the bold type and paste into text file (notepad.exe) or wordpad and save with .reg extension, and import into registry from safe-mode command prompt only.




This guy knows his stuff.....
6/6/2011 11:09:12 PM EDT
[#9]
I'd stop using Internet Explorer and start using Firefox and consider using the NoScript add-on although it's kind of a pain to use. At least at first.

Malware writers need to be staked to a fire ant hill.
Pro2A
LAPG
THBRD
blackhills
springfield
fightlite
geissele
brownells
cmmg
bravocompany
ar15com
palmetto
Faxxon
primaryArms
silencerShop
gray
SAS
ar15com
ar15com
LAPG
CA
colt