Jump to content


Photo

Removing search engine hijacker


  • This topic is locked This topic is locked
4 replies to this topic

#1 Canexicans

Canexicans

    Member

  • Full Member
  • Pip
  • 1 posts

Posted 02 June 2007 - 01:01 AM

...what that 15 hours? First, I've read the Preparation and done it all.

I do a search with Google or Yahoo and get take to a second pornagrafic portal. I also am getting sent to thispageisnotavailable.com another porn-like portal. It doesn't occur every time but one it starts it doesn't stop. The Back function in the browser won't work but if I use it's dropdown box I can hop over tthe bad portal's first occurrence.

I started with Adaware and AVG then Advanced Windows Care. They showed me clean but I did XosoftSpy's free scan and found many, like motor media, and more crptic ones. It won't let me print or even cut and paste it's log though. So all day I've been downloading spyware fighters like Spybot, AVG's Spyware, Spycaytcher, Spyware Terminator, The Spyware Doctor with mixed luck but never coming anywhere near to clearing the ones found in XsoftSpy or the PCTools one was even more depressing.

I looked in the registry in the P3P section and I hope it is supposed to be a list of sites Windows lists as bad because it is a huge list of porn sites in my registry.

One last thing before I post my logs. A second poup window, a third porn portal, comes up after I click on the desired google link. Unfortunately I never wrote it's URL and wouldn't you know it, I can't duplicate it right now. The darn thing won't do it!

So first here is my AVG Spyware log which is the new Ewido...
Now I DID go ahead and clean these but the newest Hijack-This which follows the AVG log was LEFT ALONE.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 09:57:08 p.m. 01/06/2007

+ Scan result:



C:\Documents and Settings\USUARIO\Cookies\usuario@3.adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@ads.adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@site.www.adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@www.adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@www.belstat[4].txt -> TrackingCookie.Belstat : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@tracking.g3x[1].txt -> TrackingCookie.G3x : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@max.i12[1].txt -> TrackingCookie.I12 : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@idot[1].txt -> TrackingCookie.Idot : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@ilead.itrack[2].txt -> TrackingCookie.Itrack : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@image.masterstats[2].txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@data2.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@pocitadlo[1].txt -> TrackingCookie.Pocitadlo : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@euro.real[1].txt -> TrackingCookie.Real : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@realguide.real[2].txt -> TrackingCookie.Real : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@revsci[2].txt -> TrackingCookie.Revsci : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@starware[2].txt -> TrackingCookie.Starware : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@anad.tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@ad.text.tbn[2].txt -> TrackingCookie.Texttbnru : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@toplist[1].txt -> TrackingCookie.Toplist : No action taken.
C:\Documents and Settings\USUARIO\Cookies\usuario@m.webtrends[2].txt -> TrackingCookie.Webtrends : No action taken.
C:\RECYCLER\S-1-5-21-1417001333-1383384898-1060284298-1003\Dc269.txt -> TrackingCookie.Zedo : No action taken.


::Report end

Now the Hijackthis log.....

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 12:04:49 a.m., on 02/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Archivos de programa\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\USUARIO\Configuración local\Archivos temporales de Internet\Content.IE5\DU05YBUP\HiJackThis_v2[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mx.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://mx.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Archivos de programa\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Archivos de programa\SpyCatcher\SCActiveBlock.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Archivos de programa\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\ARCHIV~1\SPYWAR~2\tools\iesdsg.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Archivos de programa\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\archivos de programa\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Archivos de programa\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\archivos de programa\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Archivos de programa\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\ARCHIV~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Archivos de programa\Archivos comunes\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpyCatcher Reminder] C:\Archivos de programa\SpyCatcher\SpyCatcher.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Archivos de programa\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Archivos de programa\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Archivos de programa\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Malware Sweeper] C:\Archivos de programa\MalwareSweeper.com\MalwareSweeper\MalSwep.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARCHIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HotSync Manager.lnk = C:\Archivos de programa\palmOne\HOTSYNC.EXE
O4 - Global Startup: HPAiODevice(hp officejet k series) - 1.lnk = C:\Archivos de programa\Hewlett-Packard\AiO\hp officejet k series\Bin\hpoorn07.exe
O4 - Global Startup: SpyCatcher Protector.lnk = C:\Archivos de programa\SpyCatcher\Protector.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Archivos de programa\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\ARCHIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Archivos de programa\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Archivos de programa\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Archivos de programa\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Archivos de programa\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARCHIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Investigador - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Archivos de programa\Archivos comunes\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Archivos de programa\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.publiweb.com
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Archivos de programa\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.r...RdxIE601_es.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?326
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2738C26-4E8C-4745-9634-41027D88905E}: NameServer = 85.255.116.124,85.255.112.99
O17 - HKLM\System\CCS\Services\Tcpip\..\{A8803E24-C3B9-470C-A826-7817503C1FE3}: NameServer = 85.255.116.124,85.255.112.99
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE9459BA-A37C-4926-9FB6-295373C551B5}: NameServer = 85.255.116.124,85.255.112.99
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.124 85.255.112.99
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.124 85.255.112.99
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.124 85.255.112.99
O20 - AppInit_DLLs: secuload.dll
O22 - SharedTaskScheduler: Precargador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demonio de caché de las categorías de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Archivos de programa\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARCHIV~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Archivos de programa\Canon\CAL\CALMAIN.exe
O23 - Service: Servicio del administrador de discos lógicos (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Registro de sucesos (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Servicio COM de grabación de CD de IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service - Apple Inc. - C:\Archivos de programa\iPod\bin\iPodService.exe
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Administrador de sesión de Ayuda de escritorio remoto (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Tarjeta inteligente (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Archivos de programa\Spyware Doctor\sdhelp.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Archivos de programa\Spyware Terminator\sp_rsser.exe
O23 - Service: Instantáneas de volumen (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Adaptador de rendimiento de WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Servicio de uso compartido de red del Reproductor de Windows Media (WMPNetworkSvc) - Unknown owner - C:\Archivos de programa\Windows Media Player\WMPNetwk.exe

--
End of file - 9801 bytes


OK, if anyone can help it would be great. I'm mostly paralyzed and al this typing has been agonizingly painful.

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 04 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,352 posts

Posted 09 June 2007 - 08:32 AM

Hi Canexicans, and Welcome to SWI

Sorry it has taken so long to get to you, but the board has been very busy lately, and all the Helpers here are volunteers.

I suggest printing out each set of instructions and reading the entire post before proceeding. It will make following them easier, and you will need to reboot during this fix.

All the HijackThis logs should be run in Normal mode, NOT in Safe mode, because the log will not be complete (there will be items that won't load in Safe mode, and they won't show in the log if not loaded). Please ensure you next HijackThis log is run from Normal mode. Also, you should not really be running in Safe Mode with Networking support at all, it bypasses any antivirus of firewall you may have installed, as they will usually not load in Safe mode, and it leave your system very vulnerable to further infection.

You seem to have quite a bit of antispyware software installed, some of which I would not recommend using.

You are running Spyware Terminator, which was previously listed on the Rogue Anti-Spyware list for installing asware. While they are no longer doing that, I would not recommend this program and I highly recommend removing it.
To remove Spyware Terminator, go to Start > Control Panel > Add or Remove Programs and remove the following programs:
Spyware Terminator

Using Windows Explorer delete associated program folder located under C:\Archivos de programa (do NOT delete the Archivos de programa folder, but the Spyware Terminator folder found under it).

You are running SpyCatcher from Tenebril. I would not recommend that program due to the high false alarm rate it has had in the past, and would instead recommend uninstalling it also.

If the PC Tools software you installed (Spyware Doctor?) is a trial version, I recommend you uninstall it, as it won't clean anything it finds.

Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Click the "Delete Cookies" button
  • Next to it, Click the "Delete Files" button
  • When prompted, place a check in: "Delete all offline content", click OK
Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu on the left side of the Options window.
  • Click the Clear button located to the right of each option (History, Cookies, Cache).
  • Click OK to close the Options window
    Alternatively, you can clear all information stored while browsing by clicking Clear All.
    A confirmation dialog box will be shown before clearing the information.
Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
Please download FixWareout from one of these sites:
http://downloads.sub.../Fixwareout.exe
http://www.bleepingc.../Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

Once the desktop loads please post the text that will open (report.txt) and a new Hijackthis log.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#4 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,352 posts

Posted 03 July 2007 - 04:36 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005


#5 TheJoker

TheJoker

    Forum Deity

  • Boot Camp Mod
  • PipPipPipPipPip
  • 14,352 posts

Posted 03 July 2007 - 04:36 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Free Tools for Fighting Malware
Anti-Virus: avast! Free Antivirus / Avira Free AntiVirus
OnLine Anti-Virus: ESET / BitDefender / F-Secure
Anti-Malware: Malwarebytes' Anti-Malware / Dr.Web CureIt
Spyware/Adware Tools: MVPS HOSTS File / SpywareBlaster
Firewall: Comodo Firewall Free / Privatefirewall
Tutorials: How did I get Infected? / Internet Explorer Privacy & Security Settings
If we have helped, please help us continue the fight by using the Donate button, or see this topic for other ways to donate.

MS MVP 2009-20010 and ASAP Member since 2005





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button