Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Same issues as Google Redirect

Started by Chip Wicked , Jun 30 2011 10:23 AM

  • This topic is locked This topic is locked

#1
Chip Wicked
Posted 30 June 2011 - 10:23 AM

Chip Wicked

    New Member

  • Member
  • Pip
  • 1 posts
I have the same issues as Google Redirect. When the virus first presented itself, you couldn't run any new programs including anti-virus. After some putzing around I was able to get Norton antivirus to run...but it said it only scanned one file? More putzing ( I honestly don't remember what I did) I was able to get Norton AV fully launched and ran a complete system scam which turned up approx 16 items that were either deleted or quarantined.

Everything seemed to to be fine after that until I needed to use Google...You enter your criteria and Google will return the results, but clicking a link yields one of two results; nothing, or redirect to a random advertisement (axe body wash lately).

So there we have it. Somebody went to all this trouble to make sure I know about axe body wash :-) Thanks for any assistance.

Here is the OTL log.

OTL logfile created on: 6/30/2011 11:03:59 AM - Run 2
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop\Fix Computer Stuff
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 55.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 5.00 Gb Free Space | 6.70% Space Free | Partition Type: NTFS
Drive E: | 29.79 Gb Total Space | 0.21 Gb Free Space | 0.72% Space Free | Partition Type: FAT32
Drive G: | 435.96 Gb Total Space | 379.53 Gb Free Space | 87.06% Space Free | Partition Type: NTFS

Computer Name: CRAIGLAPTOP | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Documents and Settings\Administrator\Desktop\Fix Computer Stuff\OTL(3).exe (OldTimer Tools)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\SAGE\SAGEim\SAGEim.exe (Quick Technologies Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Symantec\Rtvscan.exe (Symantec Corporation)
PRC - C:\Symantec\DefWatch.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Administrator\Application Data\cleanddm.dll (Microsoft Corporation)
MOD - C:\Documents and Settings\Administrator\Desktop\Fix Computer Stuff\OTL(3).exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\okijenon.dll ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (PuranDefrag) -- C:\WINDOWS\System32\PuranDefragS.exe (Puran Software)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (LkWebLink) -- C:\Documents and Settings\Administrator\My Documents\Inter-Tel\Collaboration Client 2.0\lkWebLink.exe (Mitel Networks Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corp.)
SRV - (SavRoam) -- C:\Symantec\SavRoam.exe (symantec)
SRV - (Symantec AntiVirus) -- C:\Symantec\Rtvscan.exe (Symantec Corporation)
SRV - (DefWatch) -- C:\Symantec\DefWatch.exe (Symantec Corporation)
SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation)
SRV - (ccPwdSvc) -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation)
SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation)


========== Driver Services (SafeList) ==========

DRV - (UIUSys) -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (Lbd) -- C:\WINDOWS\System32\DRIVERS\Lbd.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (cpuz130) -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys File not found
DRV - (catchme) -- C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys File not found
DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110627.004\navex15.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110627.004\naveng.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (NETw5x32) Intel® -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider)
DRV - (guardian2) -- C:\WINDOWS\system32\drivers\oz776.sys (O2Micro)
DRV - (TcUsb) -- C:\WINDOWS\system32\drivers\tcusb.sys (UPEK Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\WINDOWS\system32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (SAVRTPEL) -- C:\Symantec\Savrtpel.sys (Symantec Corporation)
DRV - (SAVRT) -- C:\Symantec\savrt.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (UPATC) -- C:\WINDOWS\system32\drivers\upatc.sys (SCM Microsystems Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2269050
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.7
FF - prefs.js..keyword.URL: "http://search.condui...d=CT2269050&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/04/29 10:48:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{801765CB-4D9D-4293-9496-8CE6DC896FB5}: C:\Documents and Settings\Administrator\Local Settings\Application Data\{801765CB-4D9D-4293-9496-8CE6DC896FB5}\ [2011/06/24 17:41:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{96E2D22A-BD57-430F-B384-F55A14DA5674}: C:\Documents and Settings\Administrator\Local Settings\Application Data\{96E2D22A-BD57-430F-B384-F55A14DA5674}\ [2011/06/24 21:49:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{45AF535A-581B-46EA-9A8A-4388420ED4EA}: C:\Documents and Settings\Administrator\Local Settings\Application Data\{45AF535A-581B-46EA-9A8A-4388420ED4EA}\ [2011/06/24 21:50:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{59259B6A-4C29-48B0-837F-14F32DB2CDC6}: C:\Documents and Settings\Administrator\Local Settings\Application Data\{59259B6A-4C29-48B0-837F-14F32DB2CDC6}\ [2011/06/30 10:55:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{FC9E03B3-B3D7-4C0B-83D0-F5DC4288ADC8}: C:\Documents and Settings\Administrator\Local Settings\Application Data\{FC9E03B3-B3D7-4C0B-83D0-F5DC4288ADC8}\ [2011/06/30 10:56:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 20:09:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/29 10:48:49 | 000,000,000 | ---D | M]

[2009/03/22 14:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2011/06/27 15:21:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions
[2010/12/27 10:50:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/24 17:09:14 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/09/17 14:56:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/04/08 13:01:31 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2011/04/12 23:25:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions\[email protected]
[2009/08/16 17:39:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\extensions\[email protected]
[2010/04/08 21:03:36 | 000,000,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\jex0afce.default\searchplugins\conduit.xml
[2011/04/07 13:50:33 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/04 16:49:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/06/23 20:09:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/08/04 16:48:52 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/24 02:42:31 | 000,000,919 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 184.107.64.187 www.google.com
O1 - Hosts: 209.172.56.118 search.yahoo.com
O1 - Hosts: 209.172.56.118 www.bing.com
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files\DVDVideoSoft\prxtbDVD2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Hvarevuqanale] C:\WINDOWS\okijenon.DLL ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Jmumupu] C:\WINDOWS\odents0.DLL (madshi.net)
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\SAGEim.lnk = C:\Program Files\SAGE\SAGEim\SAGEim.exe (Quick Technologies Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM95\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.mac...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/19 23:05:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/30 10:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{FC9E03B3-B3D7-4C0B-83D0-F5DC4288ADC8}
[2011/06/30 10:55:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{59259B6A-4C29-48B0-837F-14F32DB2CDC6}
[2011/06/24 23:19:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\PriceGong
[2011/06/24 23:19:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Conduit
[2011/06/24 23:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DVDVideoSoftTB
[2011/06/24 23:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ConduitEngine
[2011/06/24 23:19:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DVDVideoSoft
[2011/06/24 21:50:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{45AF535A-581B-46EA-9A8A-4388420ED4EA}
[2011/06/24 21:49:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{96E2D22A-BD57-430F-B384-F55A14DA5674}
[2011/06/24 17:41:46 | 000,544,768 | ---- | C] (iT Systems) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\gwjaxu.exe
[2011/06/24 17:41:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{801765CB-4D9D-4293-9496-8CE6DC896FB5}
[2011/06/16 15:38:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo - Images
[2011/06/02 08:17:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.bitrock
[2010/11/22 12:30:35 | 010,314,080 | ---- | C] (Qsc) -- C:\Program Files\Setup_GBS_Ex.exe
[6 C:\Documents and Settings\Administrator\Desktop\*.tmp files -> C:\Documents and Settings\Administrator\Desktop\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/30 10:59:19 | 000,445,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/30 10:59:19 | 000,073,158 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/30 10:55:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/30 10:55:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-220523388-838170752-725345543-500.job
[2011/06/30 10:54:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/30 04:21:58 | 000,271,360 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\archive.pst
[2011/06/30 00:10:22 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Gfesi.dat
[2011/06/30 00:10:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Hwaxujidifemeyu.bin
[2011/06/28 17:33:44 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-838170752-725345543-500.job
[2011/06/28 17:26:52 | 006,238,208 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo.QBW
[2011/06/28 17:26:52 | 001,245,184 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo.QBW.TLG
[2011/06/28 17:26:52 | 000,000,368 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo.QBW.ND
[2011/06/28 14:10:38 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Weekly Special.doc
[2011/06/28 11:29:23 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/28 10:02:51 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011/06/28 09:55:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/06/27 14:36:31 | 000,288,768 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\asi 37567 - Master Pricing - ai Flash Drives.xls
[2011/06/27 09:57:33 | 000,002,377 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Microsoft Office Outlook 2003.lnk
[2011/06/24 21:58:24 | 000,109,819 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2011/06/24 17:46:21 | 000,254,976 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\quick reference acct numbers.doc
[2011/06/24 17:41:46 | 000,544,768 | ---- | M] (iT Systems) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\gwjaxu.exe
[2011/06/22 13:48:44 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Data proof with AUTORUN.doc
[2011/06/16 15:19:57 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Pre-Load Fees.xls
[2011/06/16 11:31:37 | 008,941,568 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\Axiom Industries, Inc..QBW
[2011/06/16 11:31:37 | 000,720,896 | R--- | M] () -- C:\Documents and Settings\Administrator\Desktop\Axiom Industries, Inc..QBW.TLG
[2011/06/16 09:12:22 | 000,000,608 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2011/06/16 08:54:58 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Metric to Standard Conversion.xls
[2011/06/16 08:46:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/15 20:32:56 | 000,473,006 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\scan0001.jpg
[2011/06/10 13:29:42 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Proof and Invoice.doc
[2011/06/10 09:56:12 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Quote Blank.doc
[2011/06/07 11:54:23 | 001,464,320 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Reteck USB Price List 20110607-US.xls
[2011/05/31 15:38:41 | 001,194,077 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\codedpricing.pdf
[6 C:\Documents and Settings\Administrator\Desktop\*.tmp files -> C:\Documents and Settings\Administrator\Desktop\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/28 14:05:29 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Weekly Special.doc
[2011/06/24 17:41:30 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Gfesi.dat
[2011/06/24 17:41:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Hwaxujidifemeyu.bin
[2011/06/22 13:26:52 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Data proof with AUTORUN.doc
[2011/06/16 11:33:47 | 001,245,184 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo.QBW.TLG
[2011/06/16 11:33:47 | 000,000,368 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo.QBW.ND
[2011/06/16 11:33:46 | 006,238,208 | R--- | C] () -- C:\Documents and Settings\Administrator\Desktop\Griffin Promo.QBW
[2011/06/15 20:33:03 | 000,473,006 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\scan0001.jpg
[2011/06/10 09:55:15 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Quote Blank.doc
[2011/06/07 11:16:50 | 001,464,320 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Reteck USB Price List 20110607-US.xls
[2011/06/07 10:14:18 | 000,271,360 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\archive.pst
[2011/05/31 15:38:41 | 001,194,077 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\codedpricing.pdf
[2010/12/06 12:50:19 | 004,619,896 | ---- | C] () -- C:\Program Files\mail-merge.exe
[2010/12/06 12:50:19 | 000,025,600 | ---- | C] () -- C:\Program Files\License.msg
[2010/12/06 12:50:19 | 000,021,504 | ---- | C] () -- C:\Program Files\License 2.msg
[2010/11/22 12:30:35 | 000,000,535 | ---- | C] () -- C:\Program Files\README.TXT
[2010/11/11 17:17:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2010/07/15 22:06:24 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010/07/15 22:06:22 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010/07/15 22:06:22 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/07/15 22:06:22 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/07/15 22:06:20 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/07/04 02:30:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/01/25 09:47:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2009/10/09 11:09:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2009/10/01 14:18:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009/07/11 00:04:53 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/07/11 00:04:52 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/01 14:20:30 | 000,000,069 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2009/06/30 12:19:37 | 000,002,143 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2009/03/21 04:40:11 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2009/03/20 00:50:40 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/03/20 00:50:40 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/03/20 00:50:39 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/03/20 00:50:38 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/03/20 00:04:09 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/03/19 15:57:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 07:00:00 | 000,270,336 | ---- | C] () -- C:\WINDOWS\okijenon.dll
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2000/03/18 13:28:36 | 000,072,704 | ---- | C] () -- C:\WINDOWS\System32\sgctlb32.dll
[1999/05/11 11:26:32 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\SGPLIB32.DLL
[1999/01/04 13:25:00 | 000,375,296 | ---- | C] () -- C:\WINDOWS\System32\tx32.dll
[1998/11/04 02:20:00 | 000,000,202 | ---- | C] () -- C:\WINDOWS\System32\Ic32.ini

========== LOP Check ==========

[2009/06/30 12:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Aim
[2009/10/09 11:08:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Citrix
[2010/12/06 14:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DS Development
[2010/12/06 14:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DSDevelopment
[2011/05/11 13:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
[2011/05/11 13:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers
[2010/06/15 16:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Facebook
[2009/11/03 16:34:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Genie-Soft
[2009/10/09 11:17:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICAClient
[2009/03/20 00:10:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InterVideo
[2010/09/29 15:57:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\iScreensaver
[2010/02/25 13:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Opera
[2011/06/28 16:25:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PriceGong
[2009/06/30 17:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Research In Motion
[2010/02/12 09:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2010/12/06 14:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DS Development
[2010/06/01 10:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/26 11:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/08/20 10:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/15 15:00:13 | 000,000,428 | ---- | M] () -- C:\WINDOWS\Tasks\GBM - Easy Layout Backup Job-Full.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 30 June 2011 - 01:00 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there - this may and I repeat may be an easy one. On completion of the runs could you check for redirects

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O4 - HKLM..\Run: [Hvarevuqanale] C:\WINDOWS\okijenon.DLL ()
    O4 - HKCU..\Run: [Jmumupu] C:\WINDOWS\odents0.DLL (madshi.net)
    [2011/06/24 23:19:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\PriceGong
    [2011/06/24 17:41:46 | 000,544,768 | ---- | C] (iT Systems) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\gwjaxu.exe
    [2011/06/30 00:10:22 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Gfesi.dat
    [2011/06/30 00:10:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Hwaxujidifemeyu.bin

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download aswMBR.exe ( 1.8mb ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image

AND FINALLY

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#3
Essexboy
Posted 04 July 2011 - 11:26 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP