Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Useable but no cigar

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Useable but no cigar

Unread postby flynn50 » May 27th, 2011, 5:04 pm

Hi all!

I am new to the forum so apologies if I come across as a newbie :)

After many years of fairly trouble free computing I managed to get a virus yesterday which I believe is called W32/Ramnit_a.

I have McAfee Internet Security Suite and spent £60 on a one to one remote session with a McAfee advisor who managed to get the computer back to a useable state but was unable to fully cure my problems - random redirects through licosearch.

Despite the agent stating that I should be able to use the computer (and refunding the £60 after two hours of work:-) I have the following issues:-
1 unable to access some websites - Microsoft, mcAfee and others that generally would be able to assist with the removal of malware.
2 unable to enter any Safe Mode - whenever I try I get an error and return to the Safe Mode option screen
3 McAfee site advisor not working
4 Running back to back scans will discover the virus on every sweep.
5 Random redirects through licosearch when selecting websites following a search

Here are the DDS logs
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Run by Andy at 21:26:18 on 2011-05-27
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2047.1222 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\McAfee Online Backup\MOBKbackup.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Andy\My Documents\Downloads\dds.pif
C:\WINDOWS\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
uURLSearchHooks: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - c:\program files\aim search\AOLSearch.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,,c:\program files\rrxnhiuj\axparlea.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: AOLSearchHook Class: {54eb34ea-e6be-4cfd-9f4f-c4a0c2eafa22} - c:\program files\aim search\AOLSearch.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110517001422.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mPolicies-system: DisableTaskMgr = 1 (0x1)
IE: &AIM Toolbar Search - c:\documents and settings\all users.windows\application data\aim toolbar\ietoolbar\resources\en-us\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\documents and settings\andy\desktop\PartyPoker.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0b83c99c-1efa-4259-858f-bcb33e007a5b} - {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Luxor/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Luxor/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\andy\application data\mozilla\firefox\profiles\gkhj6aru.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://en-GB.start3.mozilla.com/firefox ... B:official
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users.windows\application data\nexoneu\ngm\npNxGameeu.dll
FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-5-31 459728]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-9-10 89368]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2010-9-10 54776]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2010-4-8 33824]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-11-1 238952]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-9-10 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-9-10 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-9-10 214904]
R2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\McSvHost.exe" /McCoreSvc [2010-9-10 214904]
R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-9-10 165000]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-9-10 159832]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-9-10 148520]
R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-9-10 57432]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-11-1 36608]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-9-10 179248]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-9-10 59288]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-9-10 337912]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2010-9-10 83688]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-9-3 1057024]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-14 135664]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-14 135664]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2010-9-10 83688]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-9-10 85984]
.
=============== Created Last 30 ================
.
2011-05-27 20:11:45 -------- d--h--w- c:\windows\PIF
2011-05-27 15:14:45 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-05-27 15:14:44 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-05-27 15:13:38 -------- d-----w- c:\documents and settings\all users.windows\application data\Hitman Pro
2011-05-26 18:28:30 -------- d-----w- c:\program files\Citrix
2011-05-25 21:19:34 65536 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\148F0.tmp
2011-05-25 21:19:07 -------- d-----w- c:\program files\rrxnhiuj
2011-05-25 21:18:57 191250 ----a-w- c:\program files\mozilla firefox\0.7809374634301565.exe
2011-05-23 16:46:45 -------- d-----w- c:\documents and settings\all users.windows\application data\boost_interprocess
2011-05-23 15:05:50 -------- d-----w- c:\program files\Entropia Universe
2011-05-18 22:17:43 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-17 13:29:26 -------- d-----w- c:\windows\system32\appmgmt
2011-05-17 11:16:11 -------- d-----w- c:\program files\File Type Assistant
2011-05-17 11:16:06 -------- d-----w- c:\documents and settings\andy\application data\FinalMediaPlayer
2011-05-17 11:16:01 -------- d-----w- c:\program files\FinalMediaPlayer
2011-05-16 23:14:22 24376 ------w- c:\program files\mozilla firefox\distribution\bundles\{d19ca586-dd6c-4a0a-96f8-14644f340d60}\components\scriptff.dll
2011-05-16 22:16:36 -------- d-----w- c:\documents and settings\andy\local settings\application data\iMesh
2011-05-16 20:48:48 -------- d-----w- c:\documents and settings\andy\local settings\application data\Ilivid Player
2011-05-16 20:45:33 -------- d-----w- c:\documents and settings\andy\local settings\application data\PackageAware
2011-05-10 20:12:04 -------- d-----w- c:\documents and settings\andy\application data\RegistryKeys
2011-05-10 19:43:11 -------- d-----w- c:\documents and settings\andy\application data\BitZipper
2011-05-10 19:43:08 -------- d-----w- c:\program files\BitZipper
2011-05-10 18:19:47 -------- d-----w- c:\documents and settings\andy\application data\BitTorrent
2011-05-06 18:57:37 -------- d-----w- c:\program files\BBC iPlayer Desktop
2011-04-28 19:01:17 142296 ------w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-28 19:01:16 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
2011-04-28 19:01:16 781272 ------w- c:\program files\mozilla firefox\mozsqlite3.dll
2011-04-28 19:01:16 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
2011-04-28 19:01:16 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
2011-04-28 19:01:16 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
2011-04-28 19:01:16 1874904 ------w- c:\program files\mozilla firefox\mozjs.dll
2011-04-28 19:01:16 15832 ------w- c:\program files\mozilla firefox\mozalloc.dll
.
==================== Find3M ====================
.
2011-05-22 19:38:27 86016 ----a-w- c:\windows\DUMP48e0.tmp
2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-03-13 10:20:10 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-03-13 10:20:10 89368 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2011-03-13 10:20:10 85984 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-03-13 10:20:10 83688 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2011-03-13 10:20:10 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-03-13 10:20:10 57432 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-03-13 10:20:10 459728 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-03-13 10:20:10 337912 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-03-13 10:20:10 179248 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-03-13 10:20:10 118784 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 21:27:23.73 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-05-19.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 07/05/2005 16:24:05
System Uptime: 27/05/2011 21:22:22 (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5KPL-AM IN/GB
Processor: Intel Pentium III Xeon processor | Socket 775 | 2331/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 70.781 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP530: 23/05/2011 16:52:19 - System Checkpoint
RP531: 24/05/2011 15:40:53 - Removed SPORE™
RP532: 25/05/2011 19:46:03 - System Checkpoint
RP533: 27/05/2011 09:19:34 - System Checkpoint
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.4
Adobe Shockwave Player 11.5
AIM 7
AIM Search
AIM Toolbar
Altitude
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask.com Search Assistant 1.0.2
ATI Catalyst Install Manager
ATI Display Driver
Audacity 1.2.6
Battle.net
BBC iPlayer Desktop
BioShock 2
BitZipper 2010
Bonjour
Canon iP2600 series
Canon iP2600 series User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
Chinese Simplified Fonts Support For Adobe Reader 9
Company of Heroes
Company of Heroes - FAKEMSI
Curse Client
DMNetVuObserVer 1.9.4
Download Updater (AOL LLC)
Dropbox
EA Download Manager
FaxTools
File Type Assistant
Final Media Player 2011
GameSpy Arcade
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB888111
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
InterVideo XPack (DVD Only)
iTunes
Java(TM) 6 Update 17
Junk Mail filter update
LAME v3.98.2 for Audacity
LimeWire 5.5.13
Luxor
McAfee Internet Security
McAfee Online Backup
Messenger Plus! Live
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007 Trial
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
Mozilla Firefox 4.0.1 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Network Play System (Patching)
Norton Security Scan
OpenOffice.org 3.2
PartyPoker
Picasa 3
Platform
Portal
QuickTime
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Samsung New PC Studio
SAMSUNG USB Driver for Mobile Phones
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
StarCraft II
Steam
The Sims™ 3
The Sims™ 3 Ambitions
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VIA Platform Device Manager
Visual Pinball
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World of Warcraft
.
==== Event Viewer Messages From Past Week ========
.
27/05/2011 18:23:31, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
27/05/2011 18:23:25, error: Dhcp [1002] - The IP address lease 192.168.0.5 for the Network Card with network address 00B0C4C643D8 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
26/05/2011 19:32:37, error: Service Control Manager [7034] - The FsUsbExService service terminated unexpectedly. It has done this 1 time(s).
26/05/2011 19:32:33, error: Service Control Manager [7034] - The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).
26/05/2011 19:32:19, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
26/05/2011 19:24:46, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the McAfee SiteAdvisor Service service.
26/05/2011 19:04:07, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
26/05/2011 18:30:27, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: mfehidk
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee Network Agent service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
26/05/2011 18:30:25, error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start.
26/05/2011 17:40:41, error: Dhcp [1002] - The IP address lease 192.168.0.2 for the Network Card with network address 00B0C4C643D8 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
26/05/2011 16:39:22, error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
26/05/2011 16:39:20, error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
26/05/2011 15:50:59, error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.0.2 with the system having network hardware address 5C:59:48:AB:D6:C3. Network operations on this system may be disrupted as a result.
26/05/2011 15:42:14, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: Access is denied.
26/05/2011 15:42:11, error: SRService [104] - The System Restore initialization process failed.
.
==== End Of File ===========================

Any help greatly appreciated:-)

Andy
flynn50
Active Member
 
Posts: 6
Joined: May 27th, 2011, 3:53 pm
Advertisement
Register to Remove

Re: Useable but no cigar

Unread postby Wingman » May 30th, 2011, 8:41 am

Reviewing your logs, be back soon with instructions.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14108
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Useable but no cigar

Unread postby Wingman » May 30th, 2011, 9:06 am

Hello flynn50

Based on your initial post, referring to the W32/Ramnit_a infection...

Very Malicious Infection
W32/Ramnit.A.
There are 3 main components:
Backdoor Trojan: software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge.
Rootkit: software tools intended for concealing running processes, files or system data from the operating system. They use advanced techniques as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker.
File Infector: The viral piece of the infection that infects windows system files such as executables and dll files. Very similar to other infections of this type such as Virut and Sality.

You are strongly advised to do the following:
  1. Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  2. Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. It will be a hassle but you should probably change all your account numbers.
  3. From a clean computer, change all your passwords: (Internet login, your email address(es), financial accounts, PayPal, eBay, Amazon... any online activities you carry out which require a username and password).
    Do NOT change your passwords from this computer, an attacker can still get all the new passwords and transaction records.
  4. Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.

Due to its Backdoor - rootkit - file infector functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of malware, the best course of action would be to reformat and re-install the operating system (OS). This decision will have to be made by you...

To help you understand more, please take some time to read the following articles:
When should I re-format and reinstall my OS
What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
How and Where to backup your files
Restoring your backups

This infection could very well be the result of using a P2P download or by some of the cracked software found... this is why it is not recommended to use the P2P and we never condone the use of illegal software.

You should backup any personal files, pictures, music, etc using a CD or DVD, do not use a flash drive as this could become infected as well.

You will undoubtedly see some other helpers in forums cleaning these file infector infections but while some computers seem to be cleaned, they are still very problematic afterwards. With the potential of stolen data and other personal information, it is just not worth the risk to continue using the computer in this condition.

It goes against my principal and training to "abandon" anyone looking for help but in light of this kind of infection, you would be best served by taking the advice given above. Even though the computer may seem to be acting fine, there is no way of knowing how many files have been infected and if the computer could still be compromised.

Please let me know, what your decision is, regarding this computer.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14108
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Useable but no cigar

Unread postby flynn50 » May 30th, 2011, 5:43 pm

Thank you for the reply.

I had a feeling that this would be the case and have resigned myself to up reformatting and re-installing the OS. On a lighter note it gives me an excuse to upgrade to Windows 7:-)

I wonder if you could possibly answer a few questions about the infection.

I usually store my passwords (except for financial institutions such as Paypal, my credit card provider and bank). Even so, as soon as the infection was apparent, I have deliberately stayed away from any application that requires a password to be entered. Could the hacker still have obtained any password information?

I have saved some photographs to Dropbox after the infection became apparent. Do I risk re-importing the virus when I bring them back onto my virgin, pristine, newly installed OS? Similarly with any songs or other files that I save and then re-import.

I have read posts whereby drives are re-formatted and the OS re-installed yet the virus is still present. What can I do to avoid this?

Is there anything else I need to be aware of?

Thanks again for your help.

Andy
flynn50
Active Member
 
Posts: 6
Joined: May 27th, 2011, 3:53 pm

Re: Useable but no cigar

Unread postby Wingman » May 31st, 2011, 8:08 am

Hello Andy,

I think you made the right decision. If it was my computer, it's what I would do.

Could the hacker still have obtained any password information?
Yes...
To be on the safe side I would change all passwords used... regardless of what kind of site they are for. I would work from the premise that any information on you computer could have been accessed by an outside source.

I have saved some photographs to Dropbox after the infection became apparent. Do I risk re-importing the virus when I bring them back onto my virgin, pristine, newly installed OS? Similarly with any songs or other files that I save and then re-import.
You should be OK...
The safest practice is not to backup any files with the following file extensions: exe, .scr, .ini, .htm, .html, .php, .asp, .xml, .zip, .rar, .cab as they may be infected. If you want to check the photos before putting them on your computer again... Pull the photos from Dropbox and place them on a CD or DVD... then scan the CD\DVD with your Anti-virus software, before actually storing them on the computer.

I have read posts whereby drives are re-formatted and the OS re-installed yet the virus is still present. What can I do to avoid this?
These infection types are those that infect the MBR or boot record of the computer... the best offense is a strong defense... use and keep updated a good Anti-virus product, keep your software up to date and practice safe surfing.
Never use more than 1 Anti-virus product, providing real time protection, at a time.

Here are a few guidelines to help keep your computer more secure:

Update your Antivirus programs and other programs regularly.
Secunia Personal Software Inspector - Copyright © Secunia. F-secure Health Check - Copyright © F-Secure Corporation.

Visit Microsoft often.
Keep on top of critical updates , as well as other updates for your computer.
Using Windows Update in Windows Vista
Using Windows Update in Windows 7
What is Windows Update?
Microsoft Update Home

Install additional (free) programs, that can help improve security.
Many feel that having a "layered" protection scheme is beneficial, you'll have to decide what works best for your situation.
Here are a few you can look into, if you want. :)

Malwarebytes' Anti-Malware
Download it from Malewarebytes © Malwarebytes Corporation.
Tutorials are available for installing and running, Malwarebytes' Anti-Malware.
Powerful, easy to use and free. For real-time protection you will have to purchase the product.

WinPatrol
Do not install if you have installed Spybot Search & Destroy and enabled Teatimer protection. System conflicts can occur.
Download it from Copyright © BillP Studios
Information about how WinPatrol works, is available Here
(The free version of WinPatrol... provides limited real-time protection)


Read - stay informed.
COMPUTER SECURITY - a short guide to staying safer online

Please check out this article: Some information may be old but the basic safeguards still apply.
How to prevent Malware:© miekiemoes - Microsoft MVP - Consumer Security .

Please let me know that you have reviewed the post. Once I receive your reply, unless there are other malware questions or concerns, I'll close this topic.

Stay Safe! ;)
Wingman
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14108
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Useable but no cigar

Unread postby flynn50 » June 1st, 2011, 2:16 pm

Thanks for your help and advice.

Andy
flynn50
Active Member
 
Posts: 6
Joined: May 27th, 2011, 3:53 pm

Re: Useable but no cigar

Unread postby Wingman » June 1st, 2011, 4:55 pm

As your problems appear to require a reformat, this topic is now closed.

If you are satisfied with our assistance and wish to donate to help with the costs of this volunteer site, please read :
Donations For Malware Removal
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14108
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 47 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware