Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

VIRUS ALERT! by the clock (HJT LOG) [CLOSED]

Started by SILVER101 , Jul 15 2008 11:41 AM

  • This topic is locked This topic is locked

#1
SILVER101
Posted 15 July 2008 - 11:41 AM

SILVER101

    New Member

  • Member
  • Pip
  • 1 posts
Okay, I admit I was dl torrents and now Im in some trouble. I had my many virus protection programs running. As soon as I ran a recently dl program. All my vp programs went nuts! It stopped most of them but my search, control panel, run and my comp are missing. So, im in desperate need of some help. Thnx in advanced.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Diana\Application Data\inst.exe
C:\WINDOWS\erem.exe
C:\WINDOWS\SYSTEM32\fhiPoUvw.ini
C:\WINDOWS\SYSTEM32\fhiPoUvw.ini2
C:\WINDOWS\SYSTEM32\svevsbly.ini
C:\WINDOWS\system32\ylbsvevs.dll
.
---- Previous Run -------
.
C:\WINDOWS\gpefaowr.exe
C:\WINDOWS\system32\oeminfo.ini

.
((((((((((((((((((((((((( Files Created from 2008-06-14 to 2008-07-14 )))))))))))))))))))))))))))))))
.

2008-07-13 17:26 . 2008-07-13 17:26 116,864 --a------ C:\WINDOWS\SYSTEM32\mmmghb.dll
2008-07-13 17:26 . 2008-07-13 17:26 116,864 --a------ C:\WINDOWS\SYSTEM32\hjjcbnwq.dll
2008-07-11 11:27 . 2008-07-11 11:27 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-11 09:46 . 2008-07-11 09:46 321,792 --a------ C:\WINDOWS\SYSTEM32\wvUoPihf.dll
2008-07-10 11:32 . 2008-07-10 11:32 <DIR> d-------- C:\Program Files\SymNetDrv
2008-07-10 00:34 . 2008-07-10 11:33 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-07-10 00:34 . 2008-07-11 09:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-07-10 00:17 . 2008-05-07 16:46 215,144 -ra------ C:\WINDOWS\patchw32.dll
2008-07-10 00:13 . 2008-05-07 16:46 215,144 -ra------ C:\WINDOWS\pw32a.dll
2008-07-09 17:07 . 2008-07-09 17:07 29,568 --a------ C:\WINDOWS\SYSTEM32\xxywWnKA.dll
2008-07-09 17:05 . 2008-07-14 09:14 <DIR> d--h----- C:\$AVG8.VAULT$
2008-07-09 16:28 . 2008-07-11 10:53 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-09 16:19 . 2008-07-09 16:19 <DIR> d-------- C:\Program Files\CardRecovery
2008-07-09 11:41 . 2008-07-09 11:41 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\Nero
2008-07-09 11:34 . 2008-07-09 11:34 <DIR> d-------- C:\Program Files\Nero
2008-07-09 11:34 . 2008-07-09 11:37 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-07-09 11:34 . 2008-07-09 11:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-07-09 02:56 . 2008-07-11 16:43 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\Avg
2008-07-09 02:56 . 2008-07-09 02:56 <DIR> d-------- C:\Program Files\AVG
2008-07-09 02:56 . 2008-07-09 02:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-09 02:56 . 2008-07-09 02:56 96,520 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys
2008-07-09 02:56 . 2008-07-09 02:56 10,520 --a------ C:\WINDOWS\SYSTEM32\avgrsstx.dll
2008-07-09 02:41 . 2008-07-09 02:42 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-07-09 02:41 . 2008-07-09 02:41 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\SUPERAntiSpyware.com
2008-07-09 02:41 . 2008-07-09 02:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-09 02:40 . 2008-07-09 02:40 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-09 02:10 . 2008-07-09 02:10 <DIR> d-------- C:\Program Files\VSO
2008-07-09 02:10 . 2008-07-09 02:18 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\Vso
2008-07-09 02:10 . 2004-05-04 11:53 1,645,320 --a------ C:\WINDOWS\gdiplus.dll
2008-07-09 02:10 . 2006-05-20 16:16 1,184,984 --a------ C:\WINDOWS\SYSTEM32\wvc1dmod.dll
2008-07-09 02:10 . 2006-05-11 19:21 626,688 --a------ C:\WINDOWS\SYSTEM32\vp7vfw.dll
2008-07-09 02:10 . 2006-09-29 12:24 217,127 --a------ C:\WINDOWS\SYSTEM32\drv43260.dll
2008-07-09 02:10 . 2006-09-29 12:25 208,935 --a------ C:\WINDOWS\SYSTEM32\drv33260.dll
2008-07-09 02:10 . 2006-09-29 12:26 176,165 --a------ C:\WINDOWS\SYSTEM32\drv23260.dll
2008-07-09 02:10 . 2007-03-18 20:37 65,602 --a------ C:\WINDOWS\SYSTEM32\cook3260.dll
2008-07-09 02:10 . 2008-07-09 02:10 47,360 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\pcouffin.sys
2008-07-09 02:10 . 2008-07-09 02:10 47,360 --a------ C:\Documents and Settings\Diana\Application Data\pcouffin.sys
2008-07-09 01:39 . 2008-07-09 01:39 <DIR> d-------- C:\DVDFabDecrypter_Temp
2008-07-09 01:31 . 2008-07-09 01:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-07-08 23:46 . 2008-07-08 23:46 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\Apple Computer
2008-07-08 11:01 . 2008-07-08 11:01 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\Leadertech
2008-07-07 23:26 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\SYSTEM32\msonpmon.dll
2008-07-07 23:22 . 2008-07-07 23:22 <DIR> d-------- C:\Program Files\MSBuild
2008-07-07 23:22 . 2008-07-07 23:22 <DIR> d-------- C:\Program Files\Microsoft Works
2008-07-07 23:16 . 2008-07-07 23:16 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-07-07 23:11 . 2008-07-07 23:11 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-07-07 23:08 . 2008-07-07 23:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-07 23:07 . 2008-07-07 23:07 <DIR> dr-h----- C:\MSOCache
2008-07-07 16:05 . 2008-07-09 11:26 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\uTorrent
2008-07-07 15:16 . 2004-08-04 01:08 31,616 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbccgp.sys
2008-07-07 15:16 . 2004-08-04 01:08 31,616 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\usbccgp.sys
2008-07-06 15:20 . 2008-07-06 15:21 <DIR> d-------- C:\Program Files\DVDFab Decrypter
2008-07-03 00:06 . 2008-07-03 00:06 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\DivX
2008-07-03 00:02 . 2008-07-03 00:02 45,056 --a------ C:\WINDOWS\NCUNINST.EXE
2008-07-03 00:01 . 2008-07-03 00:01 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2008-07-02 13:00 . 2006-08-21 02:14 128,896 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\fltmgr.sys
2008-07-02 13:00 . 2006-08-21 02:14 23,040 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\fltmc.exe
2008-07-02 13:00 . 2006-08-21 05:21 16,896 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\fltlib.dll
2008-07-02 12:56 . 2008-07-02 12:56 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-07-02 11:25 . 2008-07-04 11:06 <DIR> d-------- C:\Program Files\Ares
2008-07-02 11:24 . 2008-07-02 11:24 2 --a------ C:\WINDOWS\msoffice.ini
2008-07-02 09:44 . 2008-07-02 09:44 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-02 09:22 . 2008-06-13 06:10 272,128 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\bthport.sys
2008-07-02 09:21 . 2007-07-09 06:09 584,192 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\rpcrt4.dll
2008-07-02 08:46 . 2008-07-02 09:09 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\LimeWire
2008-07-02 08:45 . 2008-07-02 09:12 <DIR> d-------- C:\Program Files\LimeWire
2008-07-02 08:32 . 2008-07-02 08:39 <DIR> d-------- C:\Documents and Settings\Diana\Shared
2008-07-02 08:32 . 2008-07-02 08:35 <DIR> d-------- C:\Documents and Settings\Diana\Incomplete
2008-07-02 08:29 . 2008-07-02 08:42 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\MP3Rocket
2008-07-02 08:22 . 2007-03-14 00:04 69,632 --a------ C:\WINDOWS\SYSTEM32\javacpl.cpl
2008-07-02 08:19 . 2008-07-02 08:19 <DIR> d-------- C:\Program Files\AskSBar
2008-07-01 20:01 . 2008-07-01 20:01 <DIR> d-------- C:\Program Files\Xvid
2008-07-01 20:01 . 2008-04-27 08:33 765,952 --a------ C:\WINDOWS\SYSTEM32\xvidcore.dll
2008-07-01 20:01 . 2008-04-27 08:35 180,224 --a------ C:\WINDOWS\SYSTEM32\xvidvfw.dll
2008-07-01 20:01 . 2007-06-28 16:55 77,824 --a------ C:\WINDOWS\SYSTEM32\xvid.ax
2008-07-01 19:53 . 2008-06-10 17:07 129,784 --------- C:\WINDOWS\SYSTEM32\pxafs.dll
2008-07-01 19:53 . 2008-06-10 17:07 120,056 --------- C:\WINDOWS\SYSTEM32\pxcpyi64.exe
2008-07-01 19:53 . 2008-06-10 17:07 118,520 --------- C:\WINDOWS\SYSTEM32\pxinsi64.exe
2008-07-01 19:53 . 2008-06-10 17:07 9,464 --------- C:\WINDOWS\SYSTEM32\DRIVERS\cdralw2k.sys
2008-07-01 19:53 . 2008-06-10 17:07 9,336 --------- C:\WINDOWS\SYSTEM32\DRIVERS\cdr4_xp.sys
2008-07-01 19:52 . 2008-07-01 19:54 <DIR> d-------- C:\Program Files\DivX
2008-07-01 19:04 . 2008-07-01 19:04 <DIR> d-------- C:\Program Files\QuickTime
2008-07-01 19:04 . 2008-07-01 19:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-07-01 19:03 . 2008-07-01 19:03 <DIR> d-------- C:\Program Files\Apple Software Update
2008-07-01 19:03 . 2008-07-01 19:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-07-01 15:24 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\SYSTEM32\wmpns.dll
2008-07-01 15:22 . 2008-07-01 15:22 <DIR> d-------- C:\WINDOWS\provisioning
2008-07-01 15:22 . 2008-07-01 15:22 <DIR> d-------- C:\WINDOWS\peernet
2008-07-01 15:20 . 2008-07-01 15:20 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-07-01 15:12 . 2008-07-01 15:12 <DIR> d-------- C:\WINDOWS\EHome
2008-07-01 14:49 . 2005-09-20 07:31 135,168 --a------ C:\WINDOWS\SYSTEM32\igfxres.dll
2008-07-01 12:32 . 2002-04-15 19:11 67,866 --------- C:\WINDOWS\SYSTEM32\DRIVERS\netwlan5.img
2008-07-01 12:32 . 2004-08-03 22:56 11,776 --------- C:\WINDOWS\SYSTEM32\spnpinst.exe
2008-07-01 12:32 . 2004-08-02 12:20 7,208 --------- C:\WINDOWS\SYSTEM32\secupd.sig
2008-07-01 12:32 . 2004-08-02 12:20 4,569 --------- C:\WINDOWS\SYSTEM32\secupd.dat
2008-07-01 12:06 . 2005-10-20 15:20 1,082,368 --a------ C:\WINDOWS\SYSTEM32\esent.dll
2008-07-01 11:50 . 2008-07-08 22:12 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-07-01 11:50 . 2005-06-28 08:21 22,752 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.exe
2008-07-01 11:49 . 2008-07-01 11:49 <DIR> d-------- C:\WINDOWS\SYSTEM32\bits
2008-07-01 11:48 . 2004-08-04 00:56 351,232 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll
2008-07-01 11:48 . 2004-08-04 00:56 18,944 --a------ C:\WINDOWS\SYSTEM32\qmgrprxy.dll
2008-07-01 11:48 . 2004-08-04 00:56 8,192 --------- C:\WINDOWS\SYSTEM32\bitsprx2.dll
2008-07-01 11:48 . 2004-08-04 00:56 7,168 --------- C:\WINDOWS\SYSTEM32\bitsprx3.dll
2008-07-01 11:43 . 2007-07-30 17:19 549,720 --a------ C:\WINDOWS\SYSTEM32\wuapi.dll
2008-07-01 11:43 . 2007-07-30 17:19 325,976 --a------ C:\WINDOWS\SYSTEM32\wucltui.dll
2008-07-01 11:43 . 2007-07-30 17:19 216,408 --a------ C:\WINDOWS\SYSTEM32\wuaucpl.cpl
2008-07-01 11:43 . 2007-07-30 17:19 43,352 --a------ C:\WINDOWS\SYSTEM32\wups2.dll
2008-07-01 11:43 . 2007-07-30 17:18 34,136 --a------ C:\WINDOWS\SYSTEM32\wucltui.dll.mui
2008-07-01 11:43 . 2007-07-30 17:18 33,624 --a------ C:\WINDOWS\SYSTEM32\wups.dll
2008-07-01 11:43 . 2007-07-30 17:19 25,944 --a------ C:\WINDOWS\SYSTEM32\wuaucpl.cpl.mui
2008-07-01 11:43 . 2007-07-30 17:19 25,944 --a------ C:\WINDOWS\SYSTEM32\wuapi.dll.mui
2008-07-01 11:43 . 2007-07-30 17:18 20,312 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll.mui
2008-07-01 11:34 . 2008-07-01 11:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-01 11:34 . 2008-07-01 11:34 1,409 --a------ C:\WINDOWS\QTFont.for
2008-06-30 12:33 . 2008-06-30 12:33 <DIR> d-------- C:\Documents and Settings\Diana\Application Data\Corel
2008-06-30 09:48 . 2008-06-30 09:48 <DIR> d--h----- C:\WINDOWS\PIF
2008-06-30 08:45 . 2007-03-21 18:39 1,060,864 --a------ C:\WINDOWS\SYSTEM32\MFC71.DLL
2008-06-30 08:45 . 2007-03-21 18:33 503,808 --a------ C:\WINDOWS\SYSTEM32\MSVCP71.DLL
2008-06-30 08:45 . 2007-03-21 18:33 348,160 --a------ C:\WINDOWS\SYSTEM32\MSVCR71.DLL
2008-06-30 08:44 . 2008-07-10 11:33 <DIR> d----c--- C:\WINDOWS\SYSTEM32\DRVSTORE
2008-06-30 08:44 . 2008-05-07 12:30 137,952 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\symsnap.sys
2008-06-30 08:44 . 2008-01-19 18:12 128,104 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WimFltr.sys
2008-06-30 08:44 . 2008-05-07 16:44 107,368 --a------ C:\WINDOWS\SYSTEM32\GEARAspi.dll
2008-06-30 08:44 . 2008-01-19 17:45 38,112 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\v2imount.sys
2008-06-30 08:44 . 2008-05-07 16:44 16,168 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-10 18:33 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-07-02 18:25 --------- d-----w C:\Program Files\Common Files\AOL
2008-07-02 18:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL

2008-07-02 15:22 --------- d-----w C:\Program Files\Java
2008-06-30 16:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 00:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4FE60D8-8E2C-421D-97D9-B5DC751C37D6}]
2008-07-11 09:46 321792 --a------ C:\WINDOWS\system32\wvUoPihf.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ededece8-776e-4e26-bfcc-1129680da62e}]
2008-07-13 17:26 116864 --a------ C:\WINDOWS\system32\mmmghb.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.EXE" [2004-10-13 09:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-13 12:43 1510640]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2005-07-29 10:37 218232]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-07-07 09:42 2156368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 01:43 83608]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2004-04-11 18:15 290816]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-03-14 23:04 122933]
"UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-18 23:01 110592]
"RealTray"="C:\Program Files\Real\RealPlayer\RealPlay.exe" [2004-09-18 13:11 26112]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 08:50 413696]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2004-12-22 17:45 71280]
"URLLSTCK.exe"="C:\Program Files\Norton Internet Security\UrlLstCk.exe" [2004-03-23 13:48 70800]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2004-04-19 12:45 53248]
"MMTray"="C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe" [2004-04-19 12:45 131072]
"DwlClient"="c:\Program Files\Common Files\Dell\EUSW\Support.exe" [2004-05-27 18:05 323584]
"Norton Ghost 14.0"="C:\Program Files\Norton Ghost\Agent\VProTray.exe" [2008-05-07 17:13 2245984]
"igfxtray"="C:\WINDOWS\System32\igfxtray.exe" [2005-09-20 07:35 94208]
"igfxhkcmd"="C:\WINDOWS\System32\hkcmd.exe" [2005-09-20 07:32 77824]
"igfxpers"="C:\WINDOWS\System32\igfxpers.exe" [2005-09-20 07:36 114688]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-09 02:56 1232152]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2004-09-18 13:08:05 24576]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Documents and Settings\\Diana\\My Documents\\utorrent.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 16:20]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-09 02:56]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 16:16]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-09 02:56]
R3 SymSnapService;SymSnapService;C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe [2008-05-07 12:30]
S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;C:\WINDOWS\System32\dllhost.exe [2004-08-04 00:56]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4685c71e-465a-11dd-84d2-00038a000015}]
\Shell\AutoRun\command - F:\wd_windows_tools\WDSetup.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-07-02 02:03:44 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-07-10 07:07:14 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Diana.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeh/task:
.
- - - - ORPHANS REMOVED - - - -

BHO-{684BFE7F-F5B2-4AB3-A95E-EB5036A2D286} - C:\WINDOWS\system32\khfGwUnl.dll
BHO-{B905546D-474A-4CBF-9A86-7E81AD7BA286} - (no file)
BHO-{CCDB657F-17BE-4732-BAC9-712C6737A75E} - (no file)
BHO-{E5E8F588-014C-4DFD-9BB2-A9607ADCAFAA} - (no file)
HKCU-Run-ares - C:\Program Files\Ares\Ares.exe
ShellExecuteHooks-{684BFE7F-F5B2-4AB3-A95E-EB5036A2D286} - C:\WINDOWS\system32\khfGwUnl.dll
SSODL-fdxbameg-{D6AEE138-A13E-4DD8-B55A-2BFEB68F0426} - C:\WINDOWS\fdxbameg.dll
SSODL-fsrpknov-{B0FA8836-41E9-4DE6-8797-1D94CBEA8DAA} - C:\WINDOWS\fsrpknov.dll
Notify-khfGwUnl - khfGwUnl.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-14 11:21:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPROXY.EXE
C:\Program Files\Common Files\Symantec Shared\CCSETMGR.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE
C:\WINDOWS\SYSTEM32\cmd.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\WINDOWS\SYSTEM32\wdfmgr.exe
C:\Program Files\Common Files\Symantec Shared\CCEVTMGR.EXE
C:\WINDOWS\SYSTEM32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\SoftwareDistribution\Download\dc09fcd8de87c9c2c40c26a528850011\update\Update.exe
.
**************************************************************************
.
Completion time: 2008-07-14 11:37:22 - machine was rebooted [Diana]
ComboFix-quarantined-files.txt 2008-07-14 18:35:35

Pre-Run: 13,111,615,488 bytes free
Post-Run: 14,035,263,488 bytes free

280 --- E O F --- 2008-07-04 20:03:06

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
I also have this from combo fix if its any help.

Completion time: 2008-07-14 11:37:22 - machine was rebooted [Diana]
ComboFix-quarantined-files.txt 2008-07-14 18:35:35

Pre-Run: 13,111,615,488 bytes free
Post-Run: 14,035,263,488 bytes free

280 --- E O F --- 2008-07-04 20:03:06

mellow.gif mellow.gif mellow.gif mellow.gif huh.gif happy.gif huh.gif mellow.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39, on 7/14/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Norton Ghost\Agent\VProTray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
c:\Program Files\Dell\Support\Alert\bin\NotifyAlert.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\SoftwareDistribution\Download\0eee9353a41e1ffb7bc4207f5acf499f\update\update.exe
C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: (no name) - {E4FE60D8-8E2C-421D-97D9-B5DC751C37D6} - C:\WINDOWS\system32\wvUoPihf.dll
O2 - BHO: {e26ad086-9211-ccfb-62e4-e6778ecedede} - {ededece8-776e-4e26-bfcc-1129680da62e} - C:\WINDOWS\system32\mmmghb.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [DwlClient] c:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [Norton Ghost 14.0] "C:\Program Files\Norton Ghost\Agent\VProTray.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmat...enWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1214937739578
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

--
End of file - 10829 bytes

Edited by SILVER101, 15 July 2008 - 12:48 PM.

  • 0

Advertisements

#2
fenzodahl512
Posted 16 July 2008 - 11:34 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Hello, my name is fenzodahl512 and welcome to Geekstogo.. Please do the following....



I will need you to temporarily disable these following programs prior to our fix.. Please re-enable them back after performing all steps given..

1. Avast4 Antivirus
2. Norton AntiVirus
3. AVG8

Please visit HERE if you do not know how...




1. Please open Notepad
  • Click Start, then Run
  • Type notepad.exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

KillAll::

File::
C:\WINDOWS\SYSTEM32\mmmghb.dll
C:\WINDOWS\SYSTEM32\hjjcbnwq.dll
C:\WINDOWS\SYSTEM32\wvUoPihf.dll
C:\WINDOWS\SYSTEM32\xxywWnKA.dll

Folder::
C:\Program Files\AskSBar

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4FE60D8-8E2C-421D-97D9-B5DC751C37D6}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ededece8-776e-4e26-bfcc-1129680da62e}]

3. Save the above as CFScript.txt

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


5. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
  • A new HijackThis log.



Regards
fenzodahl512
  • 0

#3
fenzodahl512
Posted 23 July 2008 - 10:14 AM

fenzodahl512

  • Malware Removal
  • 9,863 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP