 |  |  |  |  |  |  |  |
Hijacked browser
 |
•
•
•
•
Originally Posted by Ron Wolpa
IE6 has been constantly hijacked ;
this damn site :
http://www.lookfor.cc/index.php?p=37049 , replaces the start page , obliging me to edit the register HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\start page ;
It has happened almost every night since the 1st time a week ago ;
An updated Spybot search and destroy has scanned the system and some cookies have been cleared up but it has not solved the annoying problem ;
Is there something else I can do to eliminate whatever is in the system ?
I am very very fed up with that ******* www.lookfor...
Thank you so much
RW
Hi, I think I have the same problem than you. Please give me some help!!!
This is my HijackThis.log file:
Logfile of HijackThis v1.97.7
Scan saved at 01:39:54, on 01/10/2004
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.50 SP1 (5.50.4522.1800)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\PTSNOOP.EXE
C:\ARCHIVOS DE PROGRAMA\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\ARCHIVOS DE PROGRAMA\NORTON ANTIVIRUS\POPROXY.EXE
C:\ARCHIVOS DE PROGRAMA\USB FLASH DISK UTILITY\UFD UTILITY\UFDMON.EXE
C:\ARCHIVOS DE PROGRAMA\USB FLASH DISK UTILITY\UFD UTILITY\USBTD.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-LA\MSNAPPAU.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\NTCH.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\APICH32.EXE
C:\WINDOWS\APICH32.EXE
C:\INSTALAR\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = deArriba Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Vínculos
F1 - win.ini: load=ptsnoop.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\ARCHIVOS DE PROGRAMA\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {486D2C22-7F48-D300-16ED-5B6AF1BC159F} - C:\WINDOWS\SYSTEM\MFCAC.DLL
O3 - Toolbar: @msdxmLC.dll,-1@3082,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.3000.1001\ES\MSNTB.DLL (file missing)
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [3Deep Control Panel] C:\ARCHIV~1\CREATIVE\3DEEP\PROGRAM\3DeepCTL.EXE
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [VoodooBanshee] rundll32.exe 3dfxVBps.dll,BansheeLoadSettings
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\ARCHIV~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Archivos de programa\Norton AntiVirus\POPROXY.EXE
O4 - HKLM\..\Run: [UFD Monitor] C:\Archivos de programa\USB Flash Disk Utility\UFD Utility\UFDMon.exe
O4 - HKLM\..\Run: [UFD Utility] C:\Archivos de programa\USB Flash Disk Utility\UFD Utility\USBTD.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [msnappau] "c:\program files\MSN Apps\Updater\01.02.3000.1001\es-la\msnappau.exe"
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\RunServices: [BCDetect] C:\WINDOWS\SYSTEM\BCDetect.exe defer
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Archivos de programa\Archivos comunes\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [APICH32.EXE] C:\WINDOWS\APICH32.EXE
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
O4 - Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Image Transfer.lnk = C:\Archivos de programa\Sony Corporation\Image Transfer\SonyTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra 'Tools' menuitem: Consola de Sun Java (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra 'Tools' menuitem: ICQ (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.ciudad.com.ar
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...CAB?38240.8525
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...a29296baabe1d6
•
•
Join Date: Feb 2004
Posts: 9,982
Reputation: 
Solved Threads: 754
Download: "StartDreck", from here:
http://www.niksoft.at/download/startdreck.htm
Unzip to its own folder and start the program,
Press 'Config'
Press 'Unmark All'
Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'
Press 'Save' and select the location to save the log file
(default is the same folder as the application)
Post the log in this thread.
http://www.niksoft.at/download/startdreck.htm
Unzip to its own folder and start the program,
Press 'Config'
Press 'Unmark All'
Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'
Press 'Save' and select the location to save the log file
(default is the same folder as the application)
Post the log in this thread.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Opera AVAST anti-virus Comodo Firewall Spywareblaster
•
•
•
•
Originally Posted by crunchie
Download: "StartDreck", from here:
http://www.niksoft.at/download/startdreck.htm
Unzip to its own folder and start the program,
Press 'Config'
Press 'Unmark All'
Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'
Press 'Save' and select the location to save the log file
(default is the same folder as the application)
Post the log in this thread.
This is the log file from StartDreck:
StartDreck (build 2.1.7 public stable) - 2004-10-02 @ 00:13:49 (GMT -03:00)
Platform: Windows 98 (Win 4.10.1998 )
Internet Explorer: 5.50.4522.1800
Logged in as Gabriel Belingueres at GABRIEL
»Registry
»Run Keys
»Current User
»Run
*SpybotSD TeaTimer=C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
»RunOnce
»Default User
»Run
*SpybotSD TeaTimer=C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TeaTimer.exe
»RunOnce
»Local Machine
»Run
*LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
*3Deep Control Panel=C:\ARCHIV~1\CREATIVE\3DEEP\PROGRAM\3DeepCTL.EXE
*mdac_runonce=C:\WINDOWS\SYSTEM\runonce.exe
*CriticalUpdate=C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
*VoodooBanshee=rundll32.exe 3dfxVBps.dll,BansheeLoadSettings
*Norton Auto-Protect=C:\ARCHIV~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
*Norton eMail Protect=C:\Archivos de programa\Norton AntiVirus\POPROXY.EXE
*UFD Monitor=C:\Archivos de programa\USB Flash Disk Utility\UFD Utility\UFDMon.exe
*UFD Utility=C:\Archivos de programa\USB Flash Disk Utility\UFD Utility\USBTD.exe
*LoadQM=loadqm.exe
*msnappau="c:\program files\MSN Apps\Updater\01.02.3000.1001\es-la\msnappau.exe"
*SystemTray=SysTray.Exe
+OptionalComponents
+IMAIL
*Installed=1
+MAPI
*NoChange=1
*Installed=1
+MAPI
*NoChange=1
*Installed=1
»RunOnce
»RunServices
*BCDetect=C:\WINDOWS\SYSTEM\BCDetect.exe defer
*ScriptBlocking="C:\Archivos de programa\Archivos comunes\Symantec Shared\Script Blocking\SBServ.exe" -reg
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»Files
»System/Drivers
»Running Processes
+FF0F18A7=C:\WINDOWS\SYSTEM\KERNEL32.DLL
+FFFF6C03=C:\WINDOWS\SYSTEM\MSGSRV32.EXE
+FFFF5F93=C:\WINDOWS\SYSTEM\MPREXE.EXE
+FFFF46BB=C:\WINDOWS\SYSTEM\mmtask.tsk
+FFFFAECF=C:\WINDOWS\EXPLORER.EXE
+FFFE129F=C:\WINDOWS\PTSNOOP.EXE
+FFFE9917=C:\ARCHIVOS DE PROGRAMA\NORTON ANTIVIRUS\NAVAPW32.EXE
+FFFE3C9F=C:\ARCHIVOS DE PROGRAMA\NORTON ANTIVIRUS\POPROXY.EXE
+FFFDA82F=C:\ARCHIVOS DE PROGRAMA\USB FLASH DISK UTILITY\UFD UTILITY\UFDMON.EXE
+FFFDFCBB=C:\WINDOWS\SYSTEM\MSTASK.EXE
+FFFDEA1F=C:\ARCHIVOS DE PROGRAMA\USB FLASH DISK UTILITY\UFD UTILITY\USBTD.EXE
+FFFDFDAF=C:\WINDOWS\LOADQM.EXE
+FFFEFE7F=C:\PROGRAM FILES\MSN APPS\UPDATER\01.02.3000.1001\ES-LA\MSNAPPAU.EXE
+FFFEEB97=C:\WINDOWS\SYSTEM\SYSTRAY.EXE
+FFFC41E7=C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
+FFFBA1F7=C:\WINDOWS\SYSTEM\RNAAPP.EXE
+FFFBF023=C:\WINDOWS\SYSTEM\TAPISRV.EXE
+FFFBA3D3=C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
+FFF9ABF3=C:\WINDOWS\SYSTEM\DDHELP.EXE
+FFF95457=C:\WINDOWS\SYSTEM\SYSKF32.EXE
+FFF81693=C:\WINDOWS\SYSTEM\PSTORES.EXE
+FFF8007B=C:\INSTALAR\STARTDRECK\STARTDRECK.EXE
»Application specific
Thanks in advance,
Gabriel
•
•
Join Date: May 2003
Posts: 865
Reputation:
Solved Threads: 43
Practically a Posting Shark
•
•
•
•
Originally Posted by belingueres
I think I have the same problem as you. Please give me some help!!!
You also need a newer version of HijackThis, as well.
Copy these instructions to Notepad or another text editor, then print them out. You should not have any browser windows open when you are following the procedures below.
Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible also.
Reboot into Safe Mode by pressing the [F8] key repeatedly until the boot menu shows up.
Make sure to close any open browser windows. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn’t be – but double check them):
C:\WINDOWS\LOADQM.EXE
C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\NTCH.EXE
C:\WINDOWS\APICH32.EXE (all instances)
I'll list what, in my opinion, should be dumped. Realize that not all of these are malicious--some are merely superfluous, "excess baggage." Some companies (Real and Apple among them) seem to think their software should run all the time... bleah!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
O2 - BHO: (no name) - {486D2C22-7F48-D300-16ED-5B6AF1BC159F} - C:\WINDOWS\SYSTEM\MFCAC.DLL
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\RunServices: [APICH32.EXE] C:\WINDOWS\APICH32.EXE
O4 - Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - hxxp://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - hxxp://public.windupdates.com/get_file.php?bt=ie&p=9eafaeb2a8e2a9518112bc6e0cedee1552dd4ecb1dd748bcf1cf4d42ced1394245b14c137e17952f3a6abadc3d36297b2b37:b70ac5aa8ec48e2e58a29296baabe1d6
-- Michael RudasHow To Ask Questions The Smart Way (article by Eric Raymond).
Dealing with Malware
My Articles page.
My Best-of-Breed Free Software for Windows list
Other Windows- & Microsoft-related links
The Audio Tech's Page
My blog
The Oak Park Computer Club
PenguiCon 4.0 Open Source & Science Fiction convention, April 21-23, 2006.
Knoppix Linux (CD-bootable) download. information, & support.
•
•
•
•
Originally Posted by TallCool1
First of all, you have to obtain a newer version of Internet Explorer. v5.5 is no longer supported or updated. v6.0 is more secure by a good margin. You can find IE 6.0 on an AOL disc, if they have those in Argentina...
You also need a newer version of HijackThis, as well.
Copy these instructions to Notepad or another text editor, then print them out. You should not have any browser windows open when you are following the procedures below.
Go to My Computer->Tools->Folder Options->View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing/visible also.
Reboot into Safe Mode by pressing the [F8] key repeatedly until the boot menu shows up.
Make sure to close any open browser windows. Go into HijackThis->Config->Misc. Tools->Open process manager. Select the following and click Kill process for each one if they are still listed (they shouldn’t be – but double check them):
C:\WINDOWS\LOADQM.EXE
C:\ARCHIVOS DE PROGRAMA\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
C:\ARCHIVOS DE PROGRAMA\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\NTCH.EXE
C:\WINDOWS\APICH32.EXE (all instances)
I'll list what, in my opinion, should be dumped. Realize that not all of these are malicious--some are merely superfluous, "excess baggage." Some companies (Real and Apple among them) seem to think their software should run all the time... bleah!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system\soqbj.dll/sp.html#29126
O2 - BHO: (no name) - {486D2C22-7F48-D300-16ED-5B6AF1BC159F} - C:\WINDOWS\SYSTEM\MFCAC.DLL
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\RunServices: [APICH32.EXE] C:\WINDOWS\APICH32.EXE
O4 - Startup: Microsoft Office.lnk = C:\Archivos de programa\Microsoft Office\Office\OSA9.EXE
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - hxxp://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - hxxp://public.windupdates.com/get_file.php?bt=ie&p=9eafaeb2a8e2a9518112bc6e0cedee1552dd4ecb1dd748bcf1cf4d42ced1394245b14c137e17952f3a6abadc3d36297b2b37:b70ac5aa8ec48e2e58a29296baabe1d6
Thanks!!
I think it's gone now!!
Gabriel
•
•
Join Date: Feb 2004
Posts: 9,982
Reputation:
Solved Threads: 754
The Startdreck log is not showing a hidden dll so you should be ok now 
.
. Proud member of ASAP (Alliance of Security analysis Professionals).
Opera AVAST anti-virus Comodo Firewall Spywareblaster
Opera AVAST anti-virus Comodo Firewall Spywareblaster
|
Similar Threads
- Hijacked browser please help (Viruses, Spyware and other Nasties)
- hijacked browser and spyware spybot won't delete (Viruses, Spyware and other Nasties)
- Hijacked browser - how to get rid of.... (Viruses, Spyware and other Nasties)
- another hijacked browser...please help (Viruses, Spyware and other Nasties)
- Prosearching.com has hijacked my browser (Viruses, Spyware and other Nasties)
- Hijacked browser - how to get rid of.... (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: About:Blank in HighjackThis
- Next Thread: Reverse alphabetic ordering in windows
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Viruses, Spyware and other Nasties Posts
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial commercials conficker connect control crosssitescripting cyber cybercrime cyberwarfare ddos domains e-mafia education email europe exam exploit facebook fake fancheckvirus gaming gumblar halloween hijack hosting internet iphone kaspersky legal logfiles mail malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro problem redirect redirecting reliability report research risk rogueantivirus sans scareware school search security seopoisoning software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista warning windows worm yahoo
