Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Porn Hijacker + iSearch Toolbar?

Started by Harvey , Dec 10 2004 09:22 PM

  • Please log in to reply

#1
Harvey
Posted 10 December 2004 - 09:22 PM

Harvey

    New Member

  • Member
  • Pip
  • 6 posts
Spybot tells me I have a Porn Hijacker but it cannot remove it as it is active in memory.
Spybot only says Porn Hijacker
<$REG_APPID>
HKEY_CLASSES_ROOT\AppID

It also had isearch toolbar there and removed it (it looks like temporarily as it has come back each time)
When I click on reg value it opens Regedit but it is at the top of the tree rather than at the selected key.

Ad-Aware finds nothing. I have done my amateur best searching manually but can see nothing obvious anywhere. Have included my HJT log file in the hope someone here can see something I am missing

I removed the entry: R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = =%3D but it keeps magically reappearing

Have run CWShredder v2.10 and it shows that
CWS.Svhosts32 REMOVED
CWS.Therealsearch REMOVED

Rerun CWShredder and it shows the same thing each time I run it (does this mean it is finding it each time or just a record of one removal?)


Logfile of HijackThis v1.98.2
Scan saved at 1:43:17 PM, on 11/12/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TINY PERSONAL FIREWALL\PERSFW.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SM56HLPR.EXE
C:\WINDOWS\SYSTEM\WF2K.EXE
C:\PROGRAM FILES\UTILITIES\VET\VETTRAY.EXE
C:\PROGRAM FILES\UTILITIES\VET\VETMSG.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\XREMINDER PRO\XREMIND.EXE
D:\PROGRAM FILES\CHAMELEON CLOCK\CHAMCLOCK.EXE
C:\PROGRAM FILES\RESTORE DESKTOP\RESTOREDESKTOP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.broadband.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pcworld.idg.com.au
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = =%3D
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tpg.com.au:3128
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRAM FILES\POPUPCOP\POPUPCOP.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [WinFast_2K] C:\WINDOWS\SYSTEM\WF2K.EXE
O4 - HKLM\..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\UTILIT~1\VET\VETTRAY.EXE
O4 - HKLM\..\Run: [Vet Alert] C:\PROGRA~1\UTILIT~1\VET\VETMSG.EXE
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\RunServices: [PersFw] C:\Program Files\Tiny Personal Firewall\persfw.exe
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [xReminder Pro] C:\PROGRAM FILES\XREMINDER PRO\XREMIND.EXE
O4 - HKCU\..\Run: [HomeAlarm] D:\PROGRAM FILES\CHAMELEON CLOCK\CHAMCLOCK.EXE
O4 - HKCU\..\Run: [RestoreDesktop] C:\PROGRAM FILES\RESTORE DESKTOP\RESTOREDESKTOP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\POPUPCOP\popupcop.dll/imagenew
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Accelio Capture Form Control) - http://www.ato.gov.a...ase/FormCtl.cab
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Accelio Capture Script Object) - http://www.ato.gov.a...criptobject.cab
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Accelio Capture Soft Font Installer) - http://www.ato.gov.a...ntinstaller.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
  • 0

Advertisements

#2
admin
Posted 11 December 2004 - 05:54 PM

admin

    Founder Geek

  • Community Leader
  • 24,639 posts
Please go offline, close all browsers and any open Windows, making sure that only HijackThis is open. Scan and when it finishes, put an X in the boxes, only next to these following items, then click fix checked.
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = =%3D
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tpg.com.au:3128
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL

Please reboot into safe mode (continually tap the F8 key while your system is starting, select Safe Mode from the menu).
Be sure you're able to view hidden files, and remove the following files in bold (if found):
C:\PROGRAM FILES\FLASHGET <- this folder

Reboot your PC.

If you would please, rescan with HijackThis and post a fresh log in this same topic, and let us know how your system's working. smile.gif
  • 0

#3
Harvey
Posted 11 December 2004 - 06:21 PM

Harvey

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Logfile of HijackThis v1.98.2
Scan saved at 11:17:50 AM, on 12/12/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TINY PERSONAL FIREWALL\PERSFW.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\UTILITIES\VET\ISAFE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SM56HLPR.EXE
C:\WINDOWS\SYSTEM\WF2K.EXE
C:\PROGRAM FILES\UTILITIES\VET\VETTRAY.EXE
C:\PROGRAM FILES\UTILITIES\VET\VETMSG.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\XREMINDER PRO\XREMIND.EXE
D:\PROGRAM FILES\CHAMELEON CLOCK\CHAMCLOCK.EXE
C:\PROGRAM FILES\RESTORE DESKTOP\RESTOREDESKTOP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.broadband.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pcworld.idg.com.au
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRAM FILES\POPUPCOP\POPUPCOP.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [WinFast_2K] C:\WINDOWS\SYSTEM\WF2K.EXE
O4 - HKLM\..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\UTILIT~1\VET\VETTRAY.EXE
O4 - HKLM\..\Run: [Vet Alert] C:\PROGRA~1\UTILIT~1\VET\VETMSG.EXE
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [WinPatrol] "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe"
O4 - HKLM\..\RunServices: [PersFw] C:\Program Files\Tiny Personal Firewall\persfw.exe
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKLM\..\RunServices: [CAISafe] C:\Program Files\Utilities\Vet\isafe.exe
O4 - HKCU\..\Run: [xReminder Pro] C:\PROGRAM FILES\XREMINDER PRO\XREMIND.EXE
O4 - HKCU\..\Run: [HomeAlarm] D:\PROGRAM FILES\CHAMELEON CLOCK\CHAMCLOCK.EXE
O4 - HKCU\..\Run: [RestoreDesktop] C:\PROGRAM FILES\RESTORE DESKTOP\RESTOREDESKTOP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\POPUPCOP\popupcop.dll/imagenew
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Accelio Capture Form Control) - http://www.ato.gov.a...ase/FormCtl.cab
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Accelio Capture Script Object) - http://www.ato.gov.a...criptobject.cab
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Accelio Capture Soft Font Installer) - http://www.ato.gov.a...ntinstaller.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab

I now have a slightly neater looking log file and no download manager but Spybot is still telling me that I have a Porn Hijacker as well as iSearchToolbar.
  • 0

#4
Harvey
Posted 11 December 2004 - 06:27 PM

Harvey

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
ps... CWShredder still shows the exact same results every time I run it.
  • 0

#5
Metallica
Posted 12 December 2004 - 08:13 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Copy the part in bold below to notepad. Save the file as remisrch.reg, set type to "all files"


REGEDIT4

[-HKEY_CURRENT_USER\Software\iSearch]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000
"NoBandCustomize"=dword:00000000
"NoToolbarCustomize"=dword:00000000


Then doubleclick the file you made and confirm you want to merge it with the registry.

Also can you tell me which version of CWShredder you are using?

Regards,

Pieter
  • 0

#6
Harvey
Posted 13 December 2004 - 04:32 AM

Harvey

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Copy the part in bold below to notepad. Save the file as remisrch.reg, set type to "all files"


REGEDIT4

[-HKEY_CURRENT_USER\Software\iSearch]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"SpecifyDefaultButtons"=dword:00000000
"Btn_Search"=dword:00000000
"NoBandCustomize"=dword:00000000
"NoToolbarCustomize"=dword:00000000


Then doubleclick the file you made and confirm you want to merge it with the registry.

Also can you tell me which version of CWShredder you are using?

Regards,

Pieter

View Post


Thank you for your help.

I have CWShredder v2.10

Before I start making changes to my registry would you mind giving a brief rundown on what we may achieve with these changes. I googled the changes you suggest and it looks like they will change the greyed out toolbar etc. The problem is that the only thing I can see on my comp is what Spybot is telling me.... no other visible symptoms so far.
  • 0

#7
Metallica
Posted 13 December 2004 - 04:50 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
The last version of CWShredder is at 2.11 since 2.10 had some minor problems.

What I am trying to achieve is undo the changes the iSaerch Toolbar might have made on your system.
These might also be setting of the Spybot alarms.

Regards,

Pieter
  • 0

#8
Harvey
Posted 13 December 2004 - 05:16 PM

Harvey

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Okay.... copied....pasted.....merged with registry.....rebooted

Spybot still showing same things present.

(Updated CWShredder to 2.12 and it now shows nothing present or removed)
  • 0

#9
coachwife6
Posted 14 December 2004 - 11:26 AM

coachwife6

    SuperStar

  • Retired Staff
  • 11,413 posts
Please post a fresh log. :tazz:
  • 0

#10
Harvey
Posted 15 December 2004 - 05:10 AM

Harvey

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Latest log.....

Logfile of HijackThis v1.98.2
Scan saved at 10:08:44 PM, on 15/12/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\TINY PERSONAL FIREWALL\PERSFW.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SM56HLPR.EXE
C:\WINDOWS\SYSTEM\WF2K.EXE
C:\PROGRAM FILES\UTILITIES\VET\VETTRAY.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\UTILITIES\VET\VETMSG.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\XREMINDER PRO\XREMIND.EXE
D:\PROGRAM FILES\CHAMELEON CLOCK\CHAMCLOCK.EXE
C:\PROGRAM FILES\RESTORE DESKTOP\RESTOREDESKTOP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.broadband.optusnet.com.au/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://pcworld.idg.com.au
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRAM FILES\POPUPCOP\POPUPCOP.DLL
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [WinFast_2K] C:\WINDOWS\SYSTEM\WF2K.EXE
O4 - HKLM\..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\UTILIT~1\VET\VETTRAY.EXE
O4 - HKLM\..\Run: [Vet Alert] C:\PROGRA~1\UTILIT~1\VET\VETMSG.EXE
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\RunServices: [PersFw] C:\Program Files\Tiny Personal Firewall\persfw.exe
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [xReminder Pro] C:\PROGRAM FILES\XREMINDER PRO\XREMIND.EXE
O4 - HKCU\..\Run: [HomeAlarm] D:\PROGRAM FILES\CHAMELEON CLOCK\CHAMCLOCK.EXE
O4 - HKCU\..\Run: [RestoreDesktop] C:\PROGRAM FILES\RESTORE DESKTOP\RESTOREDESKTOP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Open Image in New Window - res://C:\PROGRA~1\POPUPCOP\popupcop.dll/imagenew
O16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Accelio Capture Form Control) - http://www.ato.gov.a...ase/FormCtl.cab
O16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Accelio Capture Script Object) - http://www.ato.gov.a...criptobject.cab
O16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Accelio Capture Soft Font Installer) - http://www.ato.gov.a...ntinstaller.cab
O16 - DPF: Yahoo! Hearts - http://download.game...nts/y/ht1_x.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefend...bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP