News
Jun 29 - FreeFixer 0.41 released.
May 20 - FreeFixer 0.40 released.
May 11 - FreeFixer 0.39 released.
Apr 20 - FreeFixer 0.38 released.
Apr 07 - FreeFixer 0.37 released.
Mar 27 - FreeFixer 0.36 released.
Mar 25 - FreeFixer 0.35 released.
Mar 10 - FreeFixer 0.34 released.
Feb 23 - FreeFixer 0.33 released.
Follow me?
02 Jul F-Secure blog: China's Dam Delay http://tinyurl.com/m2u25h
02 Jul Me and Visual Studio going to have some quality time now ;)
02 Jul May The Tweets Be With You. Biz Stone on trademarking the word "Tweet". http://bit.ly/2Ju4If
02 Jul msjv32.dll, msdos.pif and msne.exe installed in another drive-by download: http://bit.ly/PJcdw
02 Jul ReadWriteWeb: Changing Horses Midstream: The Next Big Sound Susses Out Early-Stage Changes http://tinyurl.com/n2mfxg
01 Jul F-Secure blog: Private Browsing http://tinyurl.com/lwwhzm
01 Jul mon.itor.us down?
01 Jul -4 followers today. I must be terribly boring ;)
01 Jul Spotify did not remember my password after the update.
01 Jul Invited to the Dreamhost Private Servers http://tinyurl.com/nw9eyv
01 Jul Malware honeypot infected with rr64_b.exe, securentm.sys and 9129837.exe. http://bit.ly/PJcdw
01 Jul Following_me, Followers_me http://tinyurl.com/la5jtq
FreeFixer
FreeFixer is a general purpose removal tool which will help you to delete potentially unwanted software, such as adware, spyware, trojans, viruses and worms. FreeFixer works by scanning a large number of locations where unwanted software has a known record of appearing or leaving traces. The scan locations include the programs that run on your computer, the programs that starts when you reboot your computer, your browser's plug-ins, your home page setting, etc.
FreeFixer does not know what is unwanted, so it presents the scan result and it's up to you decide if some file should be removed and if some settings should restored to their default value. Please be careful! If you delete a legitimate file you may damage your computer. To assist you when determining if anything should be removed you can find more information at FreeFixer's web site for each item in the scan result. You can for example see what other users chose to do in the same situation. You can also save log file of your scan result and consult the volunteers in one of the FreeFixer helper forums.
For more detailed information about FreeFixer, please see the User's Manual.
Download
Download FreeFixer here. FreeFixer is freeware and Windows 2000/XP/2003/20008/Vista/7 RC1 compatible. 64-bit Windows is not supported yet.
Screenshots
FreeFixer startup screenshot.
Screenshot showing some of FreeFixer's scan result. Files listed with green background
are on FreeFixer's list of trusted files. The files with white/gray
background are unknown to FreeFixer, so it cannot say anything about them. (In this
case, they are all legitimate files).
When FreeFixer is unable to delete files in normal Windows mode they
are registered for delayed removal with FreeFixer's Native Deleter,
which removes the files upon the next reboot. The actual delete operation
is done before the logon screen appear. The majority of malware can be deleted at
this point.
Latest blog posts
26 June 2009
Summer of Drive-By Downloads
by Roger Karlsson
The summer has finally arrived here in Sweden. Now is the time to go swimming, bouldering and do all the other things that requires great weather.
As you may know, I've been documenting lots of drive-by downloads and intend to continue doing so during the summer. To make this as smooth as possible I've set up this blog post which I'll update when I find some new malware that use security holes to install.
As usual, I'm scanning the infected system with FreeFixer to find out what's been installed on the system. I'm also using FreeFixer to remove the unwanted files.
2 July
Another nasty infection. The files msjv32.dll and msne.exe was hidden from detection by a rootkit:
c:\windows\system32\msjv32.dll C:\Documents and Settings\Roger\Skrivbord\msdos.pif c:\windows\system32\msne.exe
1 July
C:\WINDOWS\9129837.exe c:\windows\system32\drivers\securentm.sys C:\WINDOWS\System32\rr64_b.exe HOSTS file redirecting safesystem.microsoft.com to 209.44.111.62 HOSTS file redirecting antiviraprof.com to 209.44.111.62 HOSTS file redirecting www.antiviraprof.com to 209.44.111.62
30 June
Nasty little bugger. None of the 40 anti-virus engines over at VirusTotal.com detects HB32.dll:
C:\WINDOWS\system32\wbem\HB32.dll
29 June
C:\WINDOWS\system32\EVA.exe C:\DOCUME~1\Roger\LOKALA~1\Temp\init.exe C:\DOCUME~1\Roger\LOKALA~1\Temp\3.EXE c:\windows\system32\drivers\systemntmi.sys C:\Documents and Settings\Roger\Application Data\twex.exe C:\Documents and Settings\Roger\Start-meny\Program\Autostart\rncsys32.exe C:\WINDOWS\ld09.exe C:\WINDOWS\System32\net.net
26 June
This drive-by download installed the System Security Rogue, Koobface, and a malware device driver:
C:\windows\ld11.exe C:\Documents and Settings\All Users\Application Data\15452184\15452184.exe c:\program\sys\sys.sys
26 June
A device driver + additional malware:
C:\WINDOWS\System32\drivers\ethxhkrw.sys C:\WINDOWS\System32\sdra64.exe C:\WINDOWS\system32\logon.exe
24 June 2009
Malware Doctor - Another rogue security application installing through security holes
by Roger Karlsson
About three weeks ago Avelino Rico Jr over at McAfee Labs blog reported about a new rogue security program called Malware Doctor.
This morning my honeypot caught Malware Doctor and some additional malware installing by exploiting a security. I've pasted the FreeFixer log and marked the malware item in red:
FreeFixer v0.41 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 1 Log dated 2009-06-23 23:14 System policies HKCU\..\policies\system, DisableTaskMgr = 1 HKCU\..\policies\system, DisableRegistryTools = 1 Browser Helper Objects {AFF01325-0FC2-4749-8914-FBF0565AD9CC}, Chrome copyright, jbnmck.dll(file is missing) Registry Startups HKLM\..\Run, Malware Doctor = C:\Documents and Settings\LocalService\Application Data\1361538659.exe HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background HKCU\..\Run, Malware Doctor = C:\Documents and Settings\LocalService\Application Data\1361538659.exe Processes (17 whitelisted) C:\Program\Messenger\msmsgs.exe C:\WINDOWS\System32\NOTEPAD.EXE C:\Program\FreeFixer\freefixer.exe C:\WINDOWS\System32\avast!Antivirus.exe C:\Documents and Settings\LocalService\Application Data\1361538659.exe Services (34 whitelisted) avast!Antivirus, , c:\windows\system32\avast!antivirus.exe Recently modified files (1 whitelisted) 16 minutes, c:\Documents and Settings\LocalService\Application Data\1361538659.exe 16 minutes, c:\WINDOWS\system32\jbnmck.dll 16 minutes, c:\WINDOWS\system32\avast!Antivirus.exe 16 minutes, c:\WINDOWS\Temp\wpv521245837260.exe 7 days, c:\Program\FreeFixer\freefixer.exe 36 days, c:\Program\FreeFixer\Uninstall.exe
15 June 2009
Security Holes, Antivirus System Pro, and testing of a new FreeFixer plugin
by Roger Karlsson
For the last three days I've been experimenting with a new FreeFixer plugin. The plugin simply lists the most recently modified/created files, which appear at the end of the scan result. Definitely no rocket science, but in a case of a malware infection, I think it can be quite efficient in pointing out the unwanted files.
I've tested the new plugin on some real world infection picked up by my malware honeypot. All the unwanted files listed in the scan results were installed through security holes. I've marked them with red. During the testing I also ran into Antivirus System Pro, which is another of those rogue anti-spyware programs. Antivirus System Pro uses sysguard.exe as its file name and is located in the c:\Windows folder. You can find more information and screenshots on this rogue over at Bharath's Security Blog.
Malware Log 1
FreeFixer v0.41 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 1 Log dated 2009-06-09 20:16 Browser Helper Objects {5B1D95A2-F547-4e5e-8902-622B08354622}, BHO, C:\WINDOWS\system32\iehelper.dll Registry Startups HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background HKCU\..\Run, system tool = C:\WINDOWS\sysguard.exe HOSTS file 209.44.111.57 alarm-security.microsoft.com 209.44.111.57 inetantivirus.com 209.44.111.57 www.inetantivirus.com Processes (11 whitelisted) C:\Program\Messenger\msmsgs.exe C:\Program\FreeFixer\freefixer.exe Recently modified files 2 minutes, c:\Program\FreeFixer\freefixer.exe 2 minutes, c:\Program\FreeFixer\Uninstall.exe 17 minutes, c:\WINDOWS\system32\iehelper.dll 27 minutes, c:\WINDOWS\sysguard.exe 26 minutes, c:\wxh21u.exe 27 minutes, c:\a113c2.exe
Malware Log 2
FreeFixer v0.41 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 1 Log dated 2009-06-08 22:57 UserInits (1 whitelisted) C:\WINDOWS\System32\sdra64.exe Registry Startups HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background Processes (15 whitelisted) C:\Program\Messenger\msmsgs.exe C:\DOCUME~1\Roger\LOKALA~1\Temp\winELyqWgX.exe C:\Program\FreeFixer\freefixer.exe Recently modified files 5 minutes, c:\Program\FreeFixer\freefixer.exe 5 minutes, c:\Program\FreeFixer\Uninstall.exe 35 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temp\winELyqWgX.exe 21 days, c:\RECYCLER\S-1-5-21-1229272821-413027322-839522115-1003\Dc124.exe
Malware Log 3
FreeFixer v0.41 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 1 Log dated 2009-06-09 15:25 System policies HKCU\..\policies\system, DisableRegistryTools = 1 Browser Helper Objects {82633227-7884-4264-6517-5599ca323026}, , C:\Program\Common Files\System\s sig.dll Registry Startups HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background Autostart shortcuts Visio Util Firing.exe, , C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Visio Util Firing.exe Yahoo Software Firing.exe, , C:\Documents and Settings\Roger\Start-meny\Program\Autostart\Yahoo Software Firing.exe HOSTS file 67.212.80.125 pagead2.googlesyndication.com Processes (12 whitelisted) C:\Program\Messenger\msmsgs.exe C:\WINDOWS\System32\wininet.exe C:\Program\FreeFixer\freefixer.exe Shell services (4 whitelisted) SysRun, {D7FFD784-5276-42D1-887B-00267870A4C7}, C:\WINDOWS\System32\svshost.dll Recently modified files 4 minutes, c:\Program\FreeFixer\freefixer.exe 4 minutes, c:\Program\FreeFixer\Uninstall.exe 32 minutes, c:\WINDOWS\system32\svshost.dll 32 minutes, c:\WINDOWS\system32\wininet.exe 32 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temporary Internet Files\Content.IE5\YQ2T1TWE\1[1].exe 32 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temp\1\svchost.exe 32 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temporary Internet Files\Content.IE5\0H6N6RCD\1[1].exe 32 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temp\~tt1.tmp 32 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temporary Internet Files\Content.IE5\0H6N6RCD\load[1].exe 22 days, c:\Program\Common Files\System\Adobe_Office_Firing.exe 22 days, c:\Documents and Settings\All Users\Start-meny\Program\Autostart\Visio Util Firing.exe 22 days, c:\Documents and Settings\Roger\Start-meny\Program\Autostart\Yahoo Software Firing.exe 22 days, c:\Program\Common Files\System\s sig.dll 22 days, c:\Documents and Settings\Roger\Lokala inställningar\Temp\winxfH6q2KD.exe 22 days, c:\Documents and Settings\Roger\Lokala inställningar\Temporary Internet Files\Content.IE5\KHYB4HUB\load[1].exe 22 days, c:\RECYCLER\S-1-5-21-1229272821-413027322-839522115-1003\Dc124.exe
Malware Log 4
FreeFixer v0.41 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 1 Log dated 2009-05-18 12:57 UserInits (1 whitelisted) C:\WINDOWS\System32\win32avs.exe Registry Startups HKLM\..\Run, internat = C:\WINDOWS\internat.exe (file is missing) HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background Processes (14 whitelisted) C:\Program\Messenger\msmsgs.exe C:\Documents and Settings\Roger\Skrivbord\calc.exe C:\Program\FreeFixer\freefixer.exe Recently modified files 3 minutes, c:\Program\FreeFixer\freefixer.exe 3 minutes, c:\Program\FreeFixer\Uninstall.exe 24 minutes, c:\Documents and Settings\Roger\Skrivbord\calc.exe 24 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temp\ntsystem.exe 24 minutes, c:\Documents and Settings\Roger\Lokala inställningar\Temporary Internet Files\Content.IE5\C12FS9AV\calc[1].exe 46 minutes, c:\RECYCLER\S-1-5-21-1229272821-413027322-839522115-1003\Dc124.exe
11 June 2009
June Searches 2009
by Roger Karlsson
I'm obsessed with looking at the traffic stats for FreeFixer.com. About halfway into June shows some new filenames among the top searches:
09 June 2009
Presto Tuneup - Yet another rogue security product
by Roger Karlsson
A couple of weeks ago a new rogue security application appeared. Here's a FreeFixer log from the infected machine. I've marked the Presto Tuneup file with red:
FreeFixer v0.41 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 1
Log dated 2009-05-18 12:46
Registry Startups
HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background
Processes (17 whitelisted)
C:\Program\Messenger\msmsgs.exe
C:\WINDOWS\System32\notepad.exe
C:\Program\FreeFixer\freefixer.exe
C:\Documents and Settings\All Users\Application Data\8f0d\PrestoTuneUp.exe
The Presto Tuneup domain, prestotuneup.com, resolves to 64.213.140.69. These are the other sites available on this IP address: antivirus09.net, malwarecatcher.net, scan-ultraantivirus2009.com, update1.virusalarmpro.com, update2.prestotuneup.com, updvms.cn, virussweeper-scan.net, www.malwarecatcher.net and promo.fastantivirus09.com.
On the prestotuneup.com web site I also found a file called Work.exe, which installs HOSTS file redirects of a large number of Google's web sites to 206.53.61.77.
FreeFixer v0.41 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 1 Log dated 2009-05-18 12:25 Registry Startups HKCU\..\Run, MSMSGS = "C:\Program\Messenger\msmsgs.exe" /background HOSTS file 206.53.61.77 google.ae 206.53.61.77 google.as 206.53.61.77 google.at 206.53.61.77 google.az 206.53.61.77 google.ba 206.53.61.77 google.be 206.53.61.77 google.bg 206.53.61.77 google.bs 206.53.61.77 google.ca 206.53.61.77 google.cd 206.53.61.77 google.com.gh 206.53.61.77 google.com.gi 206.53.61.77 google.com.hk 206.53.61.77 google.com.jm 206.53.61.77 google.com.ly 206.53.61.77 google.com.mx 206.53.61.77 google.com.my 206.53.61.77 google.com.na 206.53.61.77 google.com.nf 206.53.61.77 google.com.ng 206.53.61.77 google.ch 206.53.61.77 google.com.np 206.53.61.77 google.com.om 206.53.61.77 google.com.pa 206.53.61.77 google.com.pr 206.53.61.77 google.com.qa 206.53.61.77 google.com.sg 206.53.61.77 google.com.tj 206.53.61.77 google.com.tr 206.53.61.77 google.com.tw 206.53.61.77 google.com.ua 206.53.61.77 google.dj 206.53.61.77 google.com.vc 206.53.61.77 google.it.ao 206.53.61.77 google.de 206.53.61.77 google.dk 206.53.61.77 google.dm 206.53.61.77 google.dz 206.53.61.77 google.ee 206.53.61.77 google.fi 206.53.61.77 google.fm 206.53.61.77 google.fr 206.53.61.77 google.ge 206.53.61.77 google.gg 206.53.61.77 google.gm 206.53.61.77 google.gr 206.53.61.77 google.gy 206.53.61.77 google.ht 206.53.61.77 google.ie 206.53.61.77 google.im 206.53.61.77 google.in 206.53.61.77 google.it 206.53.61.77 google.ki 206.53.61.77 google.kz 206.53.61.77 google.la 206.53.61.77 google.li 206.53.61.77 google.lk 206.53.61.77 google.lv 206.53.61.77 google.ma 206.53.61.77 google.md 206.53.61.77 google.ms 206.53.61.77 google.mu 206.53.61.77 google.mv 206.53.61.77 google.mw 206.53.61.77 google.nl 206.53.61.77 google.no 206.53.61.77 google.nr 206.53.61.77 google.nu 206.53.61.77 google.pl 206.53.61.77 google.pn 206.53.61.77 google.pt 206.53.61.77 google.ro 206.53.61.77 google.ru 206.53.61.77 google.rw 206.53.61.77 google.sc 206.53.61.77 google.se 206.53.61.77 google.sh 206.53.61.77 google.si 206.53.61.77 google.sm 206.53.61.77 google.sn 206.53.61.77 google.st 206.53.61.77 google.tl 206.53.61.77 google.tm 206.53.61.77 google.tt 206.53.61.77 google.us 206.53.61.77 google.vg 206.53.61.77 google.vu 206.53.61.77 google.ws 206.53.61.77 google.co.bw 206.53.61.77 google.co.ck 206.53.61.77 google.co.id 206.53.61.77 google.co.il 206.53.61.77 google.co.in 206.53.61.77 google.co.jp 206.53.61.77 google.co.ke 206.53.61.77 google.co.kr 206.53.61.77 google.co.ls 206.53.61.77 google.co.ma 206.53.61.77 google.co.mz 206.53.61.77 google.co.nz 206.53.61.77 google.co.th 206.53.61.77 google.co.tz 206.53.61.77 google.co.ug 206.53.61.77 google.co.uk 206.53.61.77 google.co.za 206.53.61.77 google.co.zm 206.53.61.77 google.co.zw 206.53.61.77 google.com 206.53.61.77 google.com.af 206.53.61.77 google.com.ag 206.53.61.77 google.com.ai 206.53.61.77 google.com.ar 206.53.61.77 google.com.au 206.53.61.77 google.com.bn 206.53.61.77 google.com.br 206.53.61.77 google.com.by 206.53.61.77 google.com.bz 206.53.61.77 google.com.co 206.53.61.77 google.com.cu 206.53.61.77 google.com.ec 206.53.61.77 google.com.et 206.53.61.77 google.com.fj 206.53.61.77 www.google.ae 206.53.61.77 www.google.as 206.53.61.77 www.google.at 206.53.61.77 www.google.az 206.53.61.77 www.google.ba 206.53.61.77 www.google.be 206.53.61.77 www.google.bg 206.53.61.77 www.google.bs 206.53.61.77 www.google.ca 206.53.61.77 www.google.cd 206.53.61.77 www.google.com.gh 206.53.61.77 www.google.com.gi 206.53.61.77 www.google.com.hk 206.53.61.77 www.google.com.jm 206.53.61.77 www.google.com.ly 206.53.61.77 www.google.com.mx 206.53.61.77 www.google.com.my 206.53.61.77 www.google.com.na 206.53.61.77 www.google.com.nf 206.53.61.77 www.google.com.ng 206.53.61.77 www.google.ch 206.53.61.77 www.google.com.np 206.53.61.77 www.google.com.om 206.53.61.77 www.google.com.pa 206.53.61.77 www.google.com.pr 206.53.61.77 www.google.com.qa 206.53.61.77 www.google.com.sg 206.53.61.77 www.google.com.tj 206.53.61.77 www.google.com.tr 206.53.61.77 www.google.com.tw 206.53.61.77 www.google.com.ua 206.53.61.77 www.google.dj 206.53.61.77 www.google.com.vc 206.53.61.77 www.google.it.ao 206.53.61.77 www.google.de 206.53.61.77 www.google.dk 206.53.61.77 www.google.dm 206.53.61.77 www.google.dz 206.53.61.77 www.google.ee 206.53.61.77 www.google.fi 206.53.61.77 www.google.fm 206.53.61.77 www.google.fr 206.53.61.77 www.google.ge 206.53.61.77 www.google.gg 206.53.61.77 www.google.gm 206.53.61.77 www.google.gr 206.53.61.77 www.google.gy 206.53.61.77 www.google.ht 206.53.61.77 www.google.ie 206.53.61.77 www.google.im 206.53.61.77 www.google.in 206.53.61.77 www.google.it 206.53.61.77 www.google.ki 206.53.61.77 www.google.kz 206.53.61.77 www.google.la 206.53.61.77 www.google.li 206.53.61.77 www.google.lk 206.53.61.77 www.google.lv 206.53.61.77 www.google.ma 206.53.61.77 www.google.md 206.53.61.77 www.google.ms 206.53.61.77 www.google.mu 206.53.61.77 www.google.mv 206.53.61.77 www.google.mw 206.53.61.77 www.google.nl 206.53.61.77 www.google.no 206.53.61.77 www.google.nr 206.53.61.77 www.google.nu 206.53.61.77 www.google.pl 206.53.61.77 www.google.pn 206.53.61.77 www.google.pt 206.53.61.77 www.google.ro 206.53.61.77 www.google.ru 206.53.61.77 www.google.rw 206.53.61.77 www.google.sc 206.53.61.77 www.google.se 206.53.61.77 www.google.sh 206.53.61.77 www.google.si 206.53.61.77 www.google.sm 206.53.61.77 www.google.sn 206.53.61.77 www.google.st 206.53.61.77 www.google.tl 206.53.61.77 www.google.tm 206.53.61.77 www.google.tt 206.53.61.77 www.google.us 206.53.61.77 www.google.vg 206.53.61.77 www.google.vu 206.53.61.77 www.google.ws 206.53.61.77 www.google.co.bw 206.53.61.77 www.google.co.ck 206.53.61.77 www.google.co.id 206.53.61.77 www.google.co.il 206.53.61.77 www.google.co.in 206.53.61.77 www.google.co.jp 206.53.61.77 www.google.co.ke 206.53.61.77 www.google.co.kr 206.53.61.77 www.google.co.ls 206.53.61.77 www.google.co.ma 206.53.61.77 www.google.co.mz 206.53.61.77 www.google.co.nz 206.53.61.77 www.google.co.th 206.53.61.77 www.google.co.tz 206.53.61.77 www.google.co.ug 206.53.61.77 www.google.co.uk 206.53.61.77 www.google.co.za 206.53.61.77 www.google.co.zm 206.53.61.77 www.google.co.zw 206.53.61.77 www.google.com 206.53.61.77 www.google.com.af 206.53.61.77 www.google.com.ag 206.53.61.77 www.google.com.ai 206.53.61.77 www.google.com.ar 206.53.61.77 www.google.com.au 206.53.61.77 www.google.com.bn 206.53.61.77 www.google.com.br 206.53.61.77 www.google.com.by 206.53.61.77 www.google.com.bz 206.53.61.77 www.google.com.co 206.53.61.77 www.google.com.cu 206.53.61.77 www.google.com.ec 206.53.61.77 www.google.com.et 206.53.61.77 www.google.com.fj 206.53.61.77 search.yahoo.com 206.53.61.77 www.search.yahoo.com 206.53.61.77 search.live.com 206.53.61.77 search.msn.com 206.53.61.77 googleads.g.doubleclick.net 206.53.61.77 www.googleads.g.doubleclick.net 206.53.61.77 pubads.g.doubleclick.net 206.53.61.77 www.pubads.g.doubleclick.net 206.53.61.77 partner.googleadservices.com 206.53.61.77 www.partner.googleadservices.com 206.53.61.77 www.partner.googleadservices.com Processes (15 whitelisted) C:\Program\Messenger\msmsgs.exe C:\Program\FreeFixer\freefixer.exe
26 May 2009
Top Searches May 2009
by Roger Karlsson
Curious to see what the most popular search terms are for FreeFixer.com during May? Here they are: