 |  |  |  |  |  |  |  |
Help please cmdServices just won't go!
 |
Hello
I have three lines of cmdServices stuff showing up on Spybot - which it cannot delete - all in the Registry. Having looked at your site I have run (both in Safe Mode and Standard) Ewido, AboutBuster, Spybot, Avast, Ad-Aware and Trend Micro CW Shredder. Only Spybot is picking this up now. I did have (last week) Smitfraud and Spyaxe, although I think they are gone.
Here is my HJT log ...............
Logfile of HijackThis v1.99.1
Scan saved at 11:16:26, on 02/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\BigFix\BigFix.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\Windows & Internet Washer\cseraser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [dflnl.exe] C:\WINDOWS\system32\dflnl.exe
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - Startup: Windows & Internet Washer.lnk = C:\Program Files\Windows & Internet Washer\cseraser.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Windows & Internet Washer - {4A0EF50C-6A4A-4b30-84D8-53D5BC95C043} - C:\Program Files\Windows & Internet Washer\cseraser.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120568276656
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FCE1CB0-7A2F-41CA-ACAA-EBC93803732B}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{36613CE7-4DF5-4D89-89DA-13D51237EDC7}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C66D07F-B996-49B7-8F7C-E2B2C22FF39D}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC923032-E4AD-4B67-8D72-484580BE3DE6}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA04E73B-C85B-4D65-BDE7-CF880BB15BD0}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
I would be grateful for any help that you may be able to give.
Thanks & regards
I have three lines of cmdServices stuff showing up on Spybot - which it cannot delete - all in the Registry. Having looked at your site I have run (both in Safe Mode and Standard) Ewido, AboutBuster, Spybot, Avast, Ad-Aware and Trend Micro CW Shredder. Only Spybot is picking this up now. I did have (last week) Smitfraud and Spyaxe, although I think they are gone.
Here is my HJT log ...............
Logfile of HijackThis v1.99.1
Scan saved at 11:16:26, on 02/01/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\PROGRA~1\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\BigFix\BigFix.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\Windows & Internet Washer\cseraser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [dflnl.exe] C:\WINDOWS\system32\dflnl.exe
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - Startup: Windows & Internet Washer.lnk = C:\Program Files\Windows & Internet Washer\cseraser.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Windows & Internet Washer - {4A0EF50C-6A4A-4b30-84D8-53D5BC95C043} - C:\Program Files\Windows & Internet Washer\cseraser.exe (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1120568276656
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FCE1CB0-7A2F-41CA-ACAA-EBC93803732B}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{36613CE7-4DF5-4D89-89DA-13D51237EDC7}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C66D07F-B996-49B7-8F7C-E2B2C22FF39D}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC923032-E4AD-4B67-8D72-484580BE3DE6}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA04E73B-C85B-4D65-BDE7-CF880BB15BD0}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe
I would be grateful for any help that you may be able to give.
Thanks & regards
A) Can you post the exact details that SpyBot gives you on those registry locations?
B) Your HJT log does have a couple of "nasties" in it. Please do the following:
1. Download F-Secure's BlackLight into its own separate folder. Do not run the program yet.
2. Run HijackThis, put a check mark in the box to the left of the following entries, and then click the "Fix checked" button:
O4 - HKLM\..\Run: [dflnl.exe] C:\WINDOWS\system32\dflnl.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FCE1CB0-7A2F-41CA-ACAA-EBC93803732B}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{36613CE7-4DF5-4D89-89DA-13D51237EDC7}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C66D07F-B996-49B7-8F7C-E2B2C22FF39D}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC923032-E4AD-4B67-8D72-484580BE3DE6}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA04E73B-C85B-4D65-BDE7-CF880BB15BD0}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
3. Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". Delete the C:\WINDOWS\system32\dflnl.exe file if it exists.
4. Open Blacklight and have it run a scan.
- Once the scan is complete, click the "Next"
- In the resulting list of found items, have it rename (use the Rename button) all of the files except wbemtest.exe (which is a legit Windows file).
- Reboot when BlackLight prompts you to do so.
5. Once the system has rebooted, there will be a new log in the BL folder. Post that log, along with a new HijackThis scan log.
B) Your HJT log does have a couple of "nasties" in it. Please do the following:
1. Download F-Secure's BlackLight into its own separate folder. Do not run the program yet.
2. Run HijackThis, put a check mark in the box to the left of the following entries, and then click the "Fix checked" button:
O4 - HKLM\..\Run: [dflnl.exe] C:\WINDOWS\system32\dflnl.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{1FCE1CB0-7A2F-41CA-ACAA-EBC93803732B}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{36613CE7-4DF5-4D89-89DA-13D51237EDC7}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C66D07F-B996-49B7-8F7C-E2B2C22FF39D}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC923032-E4AD-4B67-8D72-484580BE3DE6}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA04E73B-C85B-4D65-BDE7-CF880BB15BD0}: NameServer = 85.255.116.154,85.255.112.188
O17 - HKLM\System\CS1\Services\Tcpip\..\{15A767B0-F421-471A-910D-A7B81CBDD8DE}: NameServer = 85.255.116.154,85.255.112.188
3. Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". Delete the C:\WINDOWS\system32\dflnl.exe file if it exists.
4. Open Blacklight and have it run a scan.
- Once the scan is complete, click the "Next"
- In the resulting list of found items, have it rename (use the Rename button) all of the files except wbemtest.exe (which is a legit Windows file).
- Reboot when BlackLight prompts you to do so.
5. Once the system has rebooted, there will be a new log in the BL folder. Post that log, along with a new HijackThis scan log.
"May the Wombat of Happiness snuffle through your underbrush."
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
- Ancient Aborigine blessing
Please do not contact me by email or PM for help. We're all volunteers here, and only have so much free time to dedicate to our efforts.
However, if I've been working on a thread with you already, and seem to have "forgotten" your thread, please do send me a message. I try not to let things slip through the cracks, but it does happen sometimes.
|
Similar Threads
- Tricky one for you - of course with a donation reward. (Windows NT / 2000 / XP)
- Cmdservices!!!! Help (Viruses, Spyware and other Nasties)
- MPTFT.EXE problem (Viruses, Spyware and other Nasties)
- CMDServices (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: All Kinds of Spyware problems, Please help!
- Next Thread: Redirect to Google
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
acrobat adobe adware anti-malware anti-virussitesaccessissue antivirus apple attack avg backtoschoolspeech bar blackhat botnet botnets censorship china combofix commercial conficker connect control cybercrime cyberwarfare ddos education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone logfiles malware mcafee messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch pdf police policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting report research rogueantivirus rootkit samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen threat translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista vulnerability war warning windows worm yahoo zero-day zeroday
