Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer's running really slow/Zinaps7 rogue spyware scanner [CLOS

Started by ridiculous , Jul 13 2008 12:40 PM

  • This topic is locked This topic is locked

#1
ridiculous
Posted 13 July 2008 - 12:40 PM

ridiculous

    New Member

  • Member
  • Pip
  • 5 posts
So I have two problems that may or may not be interrelated. One is that my computer is running excruciatingly slow. Internet speeds are absolutely fine, but if i want to open a file or search through my computer it freezes constantly or otherwise progresses annoyingly slow. The other is that i've been infected with Zinaps 7 rogue spyware scanner, and I need to get rid of it. It used run automatically when I turned my computer on, but I went into msconfig and disabled it from the list of programs to be run automatically. So now it doesn't "do" anything visually, but undoubtedly it's still there and doing "something."

HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:40:09 PM, on 7/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates.insta...e...;l=1033&K=Z
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Movie Maker\propryprehd.html


Thanks for your help
  • 0

Advertisements

#2
fenzodahl512
Posted 14 July 2008 - 08:52 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, my name is fenzodahl512 and welcome to Geekstogo.. Please do the following....


Please download RogueRemover by RubberDucky.

  • Double-click rr-free-setup.exe to begin installing the program.
  • Follow the setup instructions for installation.
  • Double-click the RogueRemover icon on your desktop.
  • Once the program runs, select Check for Updates.
  • When prompted, select Check for Updates.
  • If prompted again, click Download to receive the latest updates.
  • When completed, close the update window.
  • Next, click Scan
  • If it detects anything, select to remove all objects found.
  • Close RogueRemover




NEXT


Please download Deckard's System Scanner (DSS) from HERE or HERE and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • Please let your firewall allow the scanning/downloading process.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.



Regards
fenzodahl512
  • 0

#3
ridiculous
Posted 14 July 2008 - 10:12 AM

ridiculous

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Thanks, Fenzodahl512

I have done what you asked, and i've attached main.txt and extra.txt below. Rogue Remover, however, did not catch anything. Zinaps is relatively recent, i think, and maybe it couldn't find it. The program is still there, i checked. I also went through the "must read this before posting HJT" and did the panda active scan, and the results are down there as well. For some reason the rogue isn't showing up in much of anything...


Thank you

Attached Files


  • 0

#4
fenzodahl512
Posted 14 July 2008 - 11:09 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, thanks for the reply.. Please do not attach the log unless requested.. Please just post the log here as it is..


Firstly, tell me what do you know about this folder.. C:\Program Files\ZyX


Please do the following...


Please uninstall Viewpoint Media Player from your computer..



Please go to Start >> Run and type or copy/paste the following in the run box: "%userprofile%\desktop\dss.exe" /daft . Then press Enter
  • Click on the Scan button.
  • Select everything it is displaying there
  • Click the Fix button.
  • Then rescan with DAFT again - it should say now that "All associations are OK"
  • Close DAFT if you receive that message. This means that it is fixed now.




NEXT


We need to get rid of some of the services running on your machine. To do this, copy (Ctrl +C) and paste (Ctrl +V) the text in the code box below to Notepad.

@echo off
sc stop "Viewpoint Manager Service"
sc delete "Viewpoint Manager Service"
exit

Save it to your desktop as File name: Service.bat
Save as type: All Files

Once done, double click Service.bat to run it. A command window will open briefly, then close. This is quite normal.

If you do not sure how to make a batch file, please visit HERE for the tutorial.




NEXT


Please re-open HijackThis and click on Do a system scan only. Check the boxes next to all the entries listed below.

R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O3 - Toolbar: (no name) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - (no file)
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKCU\..\Run: [Zinaps7] "C:\Documents and Settings\Byakugan\Application Data\Zinaps7\Zinaps7.exe" /MIN

Now close all windows other than HijackThis, then click Fix checked. Close HijackThis.




NEXT


Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    [kill explorer]
C:\Documents and Settings\Byakugan\Application Data\zeokc.exe
C:\Program Files\Viewpoint
C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~e5d141.tmp
C:\Program Files\AskTBar
C:\Documents and Settings\Byakugan\Application Data\Zinaps7
EmptyTemp
purity
[start explorer]
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the light Yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.



Please post the following logs in your next reply..

1. OTMoveIt2
2. a fresh Deckard System Scanner (after OTMoveIt2 step)


Regards
fenzodahl512
  • 0

#5
ridiculous
Posted 16 July 2008 - 12:47 PM

ridiculous

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
C:\Program Files\ZyX is a file that goes with Daemon tools. In any case, I know what it is and its safe.

I've done everything, and there are the two logs:

OTMoveIt2 log:
Explorer killed successfully
C:\Documents and Settings\Byakugan\Application Data\zeokc.exe moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\UserShell\AOL9Plus moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\UserShell\AOL9 moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\UserShell moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\NewComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\DownloadedComponents moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player\Components moved successfully.
C:\Program Files\Viewpoint\Viewpoint Media Player moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology moved successfully.
C:\Program Files\Viewpoint\Common moved successfully.
C:\Program Files\Viewpoint moved successfully.
File/Folder C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~e5d141.tmp not found.
C:\Program Files\AskTBar\SrchAstt\1.bin moved successfully.
C:\Program Files\AskTBar\SrchAstt moved successfully.
C:\Program Files\AskTBar\bar\Settings moved successfully.
C:\Program Files\AskTBar\bar\History moved successfully.
C:\Program Files\AskTBar\bar\Cache moved successfully.
C:\Program Files\AskTBar\bar\2.bin moved successfully.
C:\Program Files\AskTBar\bar\1.bin moved successfully.
C:\Program Files\AskTBar\bar moved successfully.
C:\Program Files\AskTBar moved successfully.
File/Folder C:\Documents and Settings\Byakugan\Application Data\Zinaps7 not found.
< EmptyTemp >
File delete failed. C:\DOCUME~1\Byakugan\LOCALS~1\Temp\JET677E.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DF167.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DF1A7C.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DFC2D0.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DFC73F.tmp scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07162008_142431

Files moved on Reboot...
File C:\DOCUME~1\Byakugan\LOCALS~1\Temp\JET677E.tmp not found!
C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DF167.tmp moved successfully.
C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DF1A7C.tmp moved successfully.
File C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DFC2D0.tmp not found!
File C:\DOCUME~1\Byakugan\LOCALS~1\Temp\~DFC73F.tmp not found!

________________________________________________________________________________
______________




DSS log:
Deckard's System Scanner v20071014.68
Run by Byakugan on 2008-07-16 14:33:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Byakugan.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:33:04 PM, on 7/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\MUSICM~1\MUSICM~3\MMDiag.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mim.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Byakugan\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Byakugan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates.insta...e...;l=1033&K=Z
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DellTransferAgent] "C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload....GPlugin9USA.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Movie Maker\propryprehd.html

--
End of file - 7524 bytes

-- Files created between 2008-06-16 and 2008-07-16 -----------------------------

2008-07-16 14:06:53 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-07-14 11:48:59 0 d-------- C:\Program Files\RogueRemover FREE
2008-07-13 18:07:30 0 d-------- C:\Program Files\ZyX
2008-07-13 17:55:35 0 d-------- C:\Program Files\Panda Security
2008-07-13 17:43:09 0 d-------- C:\Documents and Settings\Byakugan\Application Data\Malwarebytes
2008-07-13 17:43:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-13 17:43:03 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-13 17:42:38 0 d-------- C:\Program Files\Common Files\Download Manager
2008-07-13 14:39:40 0 d-------- C:\Program Files\Trend Micro
2008-07-13 01:23:09 0 d-------- C:\Program Files\directx
2008-07-13 01:21:54 0 d-------- C:\Program Files\Colors
2008-07-13 00:09:57 0 d-------- C:\Program Files\DAEMON Tools Toolbar
2008-07-13 00:09:54 0 d-------- C:\Program Files\DAEMON Tools Lite
2008-07-12 21:24:15 717296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-12 21:24:10 0 d-------- C:\Documents and Settings\Byakugan\Application Data\DAEMON Tools
2008-07-11 12:51:37 0 d-------- C:\[Peebles] (Comic Megaplus Vol.37) Be Your Girl (Sorimura Yoji)
2008-06-29 23:59:24 0 d-------- C:\Documents and Settings\Dad\Application Data\acccore


-- Find3M Report ---------------------------------------------------------------

2008-07-16 14:32:32 0 d-------- C:\Documents and Settings\Byakugan\Application Data\Skype
2008-07-16 14:26:55 384 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000005-00000000-00000004-00001102-00000004-20061102}.dat
2008-07-16 14:26:55 384 --a------ C:\WINDOWS\system32\DVCState-{00000005-00000000-00000004-00001102-00000004-20061102}.dat
2008-07-16 14:09:26 0 d-------- C:\Program Files\AIM6
2008-07-15 22:15:33 0 d-------- C:\Program Files\Free Music Zilla
2008-07-13 17:42:38 0 d-------- C:\Program Files\Common Files
2008-06-28 23:14:29 0 d-------- C:\Documents and Settings\Byakugan\Application Data\NewzToolz
2008-06-22 22:00:01 0 d-------- C:\Documents and Settings\Byakugan\Application Data\Mozilla
2008-06-21 11:53:09 0 d-------- C:\Program Files\lolifox
2008-06-16 16:51:15 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-01 15:19:11 0 --ahs---- C:\Documents and Settings\Byakugan\Application Data\0000000000CHEV1.dat
2008-06-01 13:56:50 33 --a------ C:\Documents and Settings\Byakugan\Application Data\install.ini
2008-06-01 13:53:33 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-01 13:47:15 0 d-------- C:\Documents and Settings\Byakugan\Application Data\AdobeUM
2008-05-23 17:47:02 0 d-------- C:\Program Files\FLV Player


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"= C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [07/08/2008 11:59 AM 683464]

[-HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}]
[HKEY_CLASSES_ROOT\DTToolbar.ToolBandObj]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 06:24 AM]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [05/10/2005 04:04 PM]
"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe" [05/10/2005 04:04 PM]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [07/07/2006 07:14 PM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [07/27/2004 05:50 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [07/27/2004 05:50 PM]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [07/07/2006 07:15 PM]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [04/25/2005 09:50 AM]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [02/23/2005 05:19 PM]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [09/17/2003 11:43 AM]
"CTHelper"="CTHELPER.EXE" [03/11/2004 10:50 AM C:\WINDOWS\SYSTEM32\CTHELPER.EXE]
"CTDVDDET"="C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE" [06/18/2003 02:00 AM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [03/29/2005 10:05 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [04/01/2008 06:16 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" []
"DellTransferAgent"="C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe" [11/13/2007 05:46 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 06:00 AM]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/01/2008 01:53 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [03/25/2008 04:21 PM]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [07/08/2008 12:22 PM]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" []
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [08/06/2007 12:43 PM]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"AIM"="C:\Program Files\AIM\aim.exe" []

C:\Documents and Settings\Byakugan\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 2:04:12 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - C:\Program Files\America Online 9.0\aoltray.exe [7/7/2005 10:54:00 PM]
DESKTOP.INI [8/10/2004 2:04:12 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 1:01:04 AM]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= C:\Program Files\Movie Maker\propryprehd.html
FriendlyName=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [06/01/2008 01:53 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"DSBrokerService"=3 (0x3)
"Ati HotKey Poller"=2 (0x2)
"AOL ACS"=2 (0x2)
"SymWSC"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SBService"=2 (0x2)
"navapsvc"=2 (0x2)
"ccSetMgr"=2 (0x2)
"ccPwdSvc"=3 (0x3)
"ccProxy"=2 (0x2)
"ccEvtMgr"=2 (0x2)


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21d3a51d-a138-11dc-a8bb-0014a501684f}]
AutoRun\command- J:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2008-07-16 14:33:27 ------------

Thanks.
  • 0

#6
fenzodahl512
Posted 16 July 2008 - 01:08 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.



Tell me about your computer behaviour...


Regards
fenzodahl512
  • 0

#7
ridiculous
Posted 17 July 2008 - 02:31 PM

ridiculous

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
while this sounds odd, I cannot...find the "save as text" button... All I see is the "stop scan" icon. It does, however, say "error on page" in the script on the bottom bar of the window.

Oddly, the computer has spells. As in, sometimes it runs quickly, and other times it drags. Its not a ram problem, i have enough of that.

What could it be?

Edited by ridiculous, 17 July 2008 - 02:59 PM.

  • 0

#8
fenzodahl512
Posted 17 July 2008 - 02:46 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Erm... Lets do this then....


Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic



About your slow computer problems.. Please read an excellent article by miekiemoes :Help! My computer is slow!
  • 0

#9
ridiculous
Posted 22 July 2008 - 06:23 PM

ridiculous

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Ok, I've got the log.

# version=4
# OnlineScanner.ocx=1.0.0.56
# OnlineScannerDLLA.dll=1, 0, 0, 51
# OnlineScannerDLLW.dll=1, 0, 0, 51
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=3289 (20080722)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=7304aa60a42f774bbb23ba6a1cfa0f33
# end=finished
# remove_checked=true
# unwanted_checked=true
# utc_time=2008-07-23 12:02:42
# local_time=2008-07-22 08:02:42 (-0500, Eastern Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=263587
# found=17
# scan_time=4780
C:\Program Files\PopsMedia\na.exe probably a variant of Win32/BHO trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\Program Files\Trend Micro\HijackThis\backups\backup-20080716-142055-539.dll Win32/Toolbar.MyWebSearch application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\catchme2007-07-04_130951.95.zip Win32/Rootkit.Agent.EQ trojan (deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\catchme2007-07-04_130951.95.zip »ZIP »core.sys Win32/Rootkit.Agent.EQ trojan (error while cleaning - operation unavailable for this type of object - error while deleting - operation unavailable for this type of object - was a part of the deleted object) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\Common Files\DriveCleaner Free\dcsm.exe.vir probably a variant of Win32/Adware.RogueApp application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe.vir Win32/Adware.DriveCleaner application (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\WinPop\UnInstall.exe.vir probably a variant of Win32/Small trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\retadpu1000106.exe.vir Win32/TrojanDownloader.Agent.BLS trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\retadpu2000219.exe.vir Win32/TrojanDownloader.Agent.BLS trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\awtqr.dll.vir Win32/Adware.Virtumonde.FP application (unable to clean - deleted) 00000000000000000000000000000000
C:\WINDOWS\SYSTEM32\U2\mwspasrt83122.exe probably a variant of Win32/TrojanDownloader.Agent trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\WINDOWS\SYSTEM32\U3\w73r.exe Win32/TrojanDownloader.Small.EQN trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\_OTMoveIt\MovedFiles\07162008_142431\Documents and Settings\Byakugan\Application Data\zeokc.exe Win32/TrojanDownloader.FakeAlert.DU trojan (unable to clean - deleted) 00000000000000000000000000000000
C:\_OTMoveIt\MovedFiles\07162008_142431\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL Win32/Toolbar.AskSBar application (unable to clean - deleted) 00000000000000000000000000000000
C:\_OTMoveIt\MovedFiles\07162008_142431\Program Files\AskTBar\bar\2.bin\A5POPSWT.DLL Win32/Toolbar.AskSBar application (unable to clean - deleted) 00000000000000000000000000000000
C:\_OTMoveIt\MovedFiles\07162008_142431\Program Files\AskTBar\bar\2.bin\ASKTBAR.DLL Win32/Toolbar.AskSBar application (unable to clean - deleted) 00000000000000000000000000000000
C:\_OTMoveIt\MovedFiles\07162008_142431\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL Win32/Toolbar.MyWebSearch application (unable to clean - deleted) 00000000000000000000000000000000


Thanks.
  • 0

#10
fenzodahl512
Posted 23 July 2008 - 05:57 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
That's looks good.. Please post me a fresh DSS log for my final review.. Tell me about your computer behaviour..


fenzodahl512
  • 0

#11
fenzodahl512
Posted 29 July 2008 - 04:58 PM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP