# Solved: Need help with Trojan.Adclicker



## cathio (May 3, 2007)

Hi! Long time reader, first time poster. 
I've got a WindowsXP machine with the Trojan.Adclicker virus in C:\Program Files\func.exe that keeps reappearing. Norton detects and quarantines the file, which I can then delete, but it reappears.

I have:

Turned off System Restore, scanned w\Norton in Safe Mode, nothing detected, no suspect items in registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run or HKCU\\Software\Microsoft\Windows\CurrentVersion\Run
Scanned with AdAware in regular WindowsXP and in SafeMode. Quarantied and removed critical items until scan was clean, but Trojan.Adclicker returned after reboot. 
Scanned with Spybot Search & Destroy in regular WindowsXP and in SafeMode. Removed critical items until scan was clean, but Trojan.Adclicker returned after reboot. 

I'll include my HJT log below. Any help is appreciated! 
Logfile of HijackThis v1.99.1
Scan saved at 11:05:24 AM, on 5/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Exchsrvr\bin\exmgmt.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\NavNT\vptray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\NavNT\vpc32.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0409/bl7.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0409/bl8.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0409/bl7.asp
O2 - BHO: (no name) - {027B6C9E-E9A5-46E1-B7BB-42357C0873F7} - C:\Program Files\Altiris\mepo.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5079F707-CE1B-49AB-8814-59D4688B52E9} - (no file)
O2 - BHO: 0 - {62B9DE2C-83AC-4C5A-9F90-A75A64D22F93} - C:\Program Files\Analog Devices\qubapi.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: (no name) - {CA2CFBDE-0F94-491B-9286-00C60C553954} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cathiodtohan.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = erikson.edu
O17 - HKLM\Software\..\Telephony: DomainName = erikson.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = erikson.edu
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - igfxsrvc.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: ssqrr - C:\WINDOWS\
O20 - Winlogon Notify: wvuvuur - C:\WINDOWS\
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Web Jetadmin (HPWebJetadmin) - Unknown owner - C:\Program Files\HP Web Jetadmin\hpwebjetd.exe" -k runservice (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe


----------



## cybertech (Apr 16, 2002)

Hi, Welcome to TSG!!

Open IE, go to Tools, Internet Options, Privacy, Advanced, click in the box "Override automatic cookie handling", First-party Cookies select Prompt, Third-party cookies select Block. When those cookies try to install click block.

*Run HJT again and put a check in the following:*

O2 - BHO: (no name) - {5079F707-CE1B-49AB-8814-59D4688B52E9} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {CA2CFBDE-0F94-491B-9286-00C60C553954} - (no file)
O4 - HKLM\..\Run: [SpywareBot] C:\Program Files\SpywareBot\SpywareBot.exe -boot
O20 - Winlogon Notify: ssqrr - C:\WINDOWS\
O20 - Winlogon Notify: wvuvuur - C:\WINDOWS\

*Close all applications and browser windows before you click "fix checked".*

Please download *ATF Cleaner* by Atribune. 
*This program is for XP and Windows 2000 only*
 
Double-click *ATF-Cleaner.exe* to run the program. 
Under *Main* choose: *Select All* 
Click the *Empty Selected* button.

*NOTE:* If you would like to keep your saved passwords, please click *No* at the prompt. 
Click *Exit* on the Main menu to close the program. 
For *Technical Support*, double-click the e-mail address located at the bottom of each menu.

*Download and scan with* *SUPERAntiSpyware* Free for Home Users
Double-click *SUPERAntiSpyware.exe* and use the default settings for installation. 
An icon will be created on your desktop. Double-click that icon to launch the program. 
If asked to update the program definitions, click "*Yes*". If not, update the definitions before scanning by selecting "*Check for Updates*". (_If you encounter any problems while downloading the updates, manually download and unzip them from here._) 
Under "*Configuration and Preferences*", click the *Preferences* button. 
Click the *Scanning Control* tab. 
Under *Scanner Options* make sure the following are checked _(leave all others unchecked)_:
_Close browsers before scanning._ 
_Scan for tracking cookies._ 
_Terminate memory threats before quarantining._

Click the "*Close*" button to leave the control center screen. 
Back on the main screen, under "*Scan for Harmful Software*" click *Scan your computer*. 
On the left, make sure you check *C:\Fixed Drive*. 
On the right, under "*Complete Scan*", choose *Perform Complete Scan*. 
Click "*Next*" to start the scan. Please be patient while it scans your computer. 
After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "*OK*". 
Make sure everything has a checkmark next to it and click "*Next*". 
A notification will appear that "_Quarantine and Removal is Complete_". Click "*OK*" and then click the "*Finish*" button to return to the main menu. 
If asked if you want to reboot, click "*Yes*". 
To retrieve the removal information after reboot, launch SUPERAntispyware again.
_Click *Preferences*, then click the *Statistics/Logs* tab._ 
_Under Scanner Logs, double-click *SUPERAntiSpyware Scan Log*._ 
_If there are several logs, click the current dated log and press *View log*. A text file will open in your default text editor._ 
_Please copy and paste the Scan Log results in your next reply *with a new hijackthis log*._

Click *Close* to exit the program.


----------



## cathio (May 3, 2007)

Ok, 
1. Ran HGT and fixed checked items indicated above. 
2. Ran ATF Cleaner. 
3. I ran the SUPERAntiSpyware twice. The second scan looked clean, but this thing still appears to be on my system, although now I can block the cookies before they go very far. 
Resulting log files below:

*1st SUPERAntiSpyware Log: *SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/03/2007 at 02:47 PM

Application Version : 3.7.1018

Core Rules Database Version : 3230
Trace Rules Database Version: 1241

Scan type : Complete Scan
Total Scan Time : 01:15:43

Memory items scanned : 504
Memory threats detected : 1
Registry items scanned : 13424
Registry threats detected : 5
File items scanned : 54847
File threats detected : 6

Trojan.ZQuest
C:\PROGRAM FILES\ANALOG DEVICES\QUBAPI.DLL
C:\PROGRAM FILES\ANALOG DEVICES\QUBAPI.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62B9DE2C-83AC-4C5A-9F90-A75A64D22F93}
HKCR\CLSID\{62B9DE2C-83AC-4C5A-9F90-A75A64D22F93}
HKCR\CLSID\{62B9DE2C-83AC-4C5A-9F90-A75A64D22F93}\InProcServer32
HKCR\CLSID\{62B9DE2C-83AC-4C5A-9F90-A75A64D22F93}\InProcServer32#ThreadingModel

Adware.Vundo Variant
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{CA2CFBDE-0F94-491B-9286-00C60C553954}

Adware.k8l
C:\PROGRAM FILES\ANALOG DEVICES\RTEKEDE.HTML

Adware.RAC
C:\RECYCLER\S-1-5-21-1616122593-101861051-1873945657-3273\DC2\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WDYF01MV\WPAJTRYF67HAZYTRD[1].EXE

Trojan.ErrorSafe
C:\WINDOWS\DOWNLOADED PROGRAM FILES\UERS_9999_N91S1502NETINSTALLER.EXE

Adware.UCMore/The Search Accelerator
C:\WINDOWS\SYSTEM32\SMPI1\WIN66.EXE

Trojan.Downloader-Gen/VTTC
C:\WINDOWS\VTTC.EXE

______________________________________________________________________

*Second SUPERAntiSpyware log:*
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/03/2007 at 05:00 PM

Application Version : 3.7.1018

Core Rules Database Version : 3230
Trace Rules Database Version: 1241

Scan type : Complete Scan
Total Scan Time : 01:12:32

Memory items scanned : 456
Memory threats detected : 0
Registry items scanned : 13424
Registry threats detected : 0
File items scanned : 54891
File threats detected : 0

___________________________________________________________________

*New HJT Log*
Logfile of HijackThis v1.99.1
Scan saved at 5:02:43 PM, on 5/3/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Exchsrvr\bin\exmgmt.exe
C:\Program Files\HP Web Jetadmin\hpwebjetd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0409/bl7.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.compaq.com/1Q00CDT/0409/bl8.asp
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.compaq.com/1Q00CDT/0409/bl7.asp
O2 - BHO: (no name) - {027B6C9E-E9A5-46E1-B7BB-42357C0873F7} - C:\Program Files\Altiris\mepo.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://cathiodtohan.spaces.msn.com//PhotoUpload/MsnPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = erikson.edu
O17 - HKLM\Software\..\Telephony: DomainName = erikson.edu
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = erikson.edu
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - igfxsrvc.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Web Jetadmin (HPWebJetadmin) - Unknown owner - C:\Program Files\HP Web Jetadmin\hpwebjetd.exe" -k runservice (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe


----------



## cybertech (Apr 16, 2002)

Run *Panda ActiveScan* *here*

*Post the results from ActiveScan.*


----------



## cathio (May 3, 2007)

*Panda ActiveScan Results*
Incident Status Location

Potentially unwanted tool:Application/Processor Not disinfected C:\Data\smitfraudfix\SmitfraudFix.zip[SmitfraudFix/Process.exe] 
Potentially unwanted tool:Application/DriveCleaner Not disinfected C:\Documents and Settings\codtohan\Local Settings\Temporary Internet Files\Content.IE5\8XENKHIB\installdrivecleanerstart[1].exe 
Adware:Adware/TTC Not disinfected C:\Program Files\Altiris\mepo.dll 
Adware:Adware/TTC Not disinfected C:\WINDOWS\system32\smpi1\win67.exe


----------



## cybertech (Apr 16, 2002)

*Click Here* and download Killbox and save it to your desktop.

Double-click on Killbox.exe to run it. 
Put a tick by *Delete on Reboot*. 
Copy the following list of files to clipboard, CTRL+C to copy

*C:\Program Files\Altiris\mepo.dll 
C:\WINDOWS\system32\smpi1\win67.exe 
C:\Documents and Settings\codtohan\Local Settings\Temporary Internet Files\Content.IE5\8XENKHIB*

Now in Killbox go to File, Paste from clipboard.
Click the *All Files* button.
Click on the button that has the red circle with the X in the middle.
It will ask for confimation to delete the file. 
Click Yes. 
It will ask if you want to reboot now,
Click Yes.

*Note:* It is possible that Killbox will tell you that the file does not exist.

If your computer does not restart automatically then please restart it manually. 
If you get an error message "PendingFileRenameOperations Registry Data has been Removed by External Process!" message then just restart manually.


----------



## cathio (May 3, 2007)

Wow - 1/2 hour w\no pop ups so far; looks like that did it! I'll followup on Monday to make sure. Thanks for all the help!


----------



## cybertech (Apr 16, 2002)

Good! 

You can remove all of the tools I requested you to load and their associated files and folders.

SUPERAntiSpyware is a trial version, you can remove that when the trial period has expired.

It's a good idea to Flush your System Restore after removing malware:


 On the Desktop, right-click My Computer. 
 Click Properties. 
 Click the System Restore tab. 
 Check Turn off System Restore. 
 Click Apply, and then click OK. 
 Restart the computer. 

To create a new restore point: 

Start go to All Programs 
Accessories, System Tools and select System Restore. 
In the System Restore wizard, select "Create a restore point" and follow the instructions provided.

Here are some additional links for you to check out.

Secunia software inspector & update checker

Good free tools and advice on how to tighten your security settings.

Security Help Tools

You're welcome!


----------

