Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

MWAV escan finds trojans but no other program does

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

MWAV escan finds trojans but no other program does

Unread postby Kev387 » August 16th, 2007, 1:44 am

As you'll see in the hijack log, I've tried quite a few spyware programs, but none seem to pick up the trojans that microworld's AV escan picks up. Thanks for any help/advice in advance. :)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:34:14 AM, on 8/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
C:\Program Files\Java\jre1.6.0\bin\jucheck.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installquiet
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPLpr] "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 0572317343
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0569966578
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
Kev387
Active Member
 
Posts: 6
Joined: August 16th, 2007, 12:14 am
Advertisement
Register to Remove

Unread postby silver » August 16th, 2007, 6:58 am

Hi Kev387,

Your HijackThis log looks fine, please post the full MWAV scan log for me to see what it is detecting.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Kev387 » August 16th, 2007, 3:09 pm

The full MWAV scan is 3 megs, am I able to post the entire text in a post?

Here's the log where the errors were found:

Tue Aug 14 02:26:50 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Tue Aug 14 02:26:51 2007 => Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\Todd\LOCALS~1\Temp\spydb.avs, Size: 244992].
Tue Aug 14 02:26:55 2007 => Indexed Spyware Databases Successfully Created...

Tue Aug 14 02:26:57 2007 => Offending Key found: HKCU\\magnet !!!
Tue Aug 14 02:26:57 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.

Tue Aug 14 02:27:01 2007 => Offending file found: C:\Documents and Settings\Todd\Desktop\smitfraudfix\process.exe
Tue Aug 14 02:27:01 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (process.exe)! Action taken: No Action Taken.

Tue Aug 14 02:27:01 2007 => Offending file found: C:\Documents and Settings\Todd\Desktop\smitfraudfix\reboot.exe
Tue Aug 14 02:27:01 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (reboot.exe)! Action taken: No Action Taken.

Tue Aug 14 02:27:01 2007 => Offending file found: C:\Documents and Settings\Todd\Desktop\smitfraudfix\swreg.exe
Tue Aug 14 02:27:01 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.

Tue Aug 14 02:27:01 2007 => Offending file found: C:\Documents and Settings\Todd\Desktop\smitfraudfix\swsc.exe
Tue Aug 14 02:27:01 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swsc.exe)! Action taken: No Action Taken.

Tue Aug 14 02:27:04 2007 => Offending file found: C:\Documents and Settings\All Users\Application Data\webroot\spy sweeper\install.dat
Tue Aug 14 02:27:04 2007 => System found infected with zlob Trojan-Downloader (install.dat)! Action taken: No Action Taken.

Tue Aug 14 02:27:10 2007 => Checking MountPoints2 Registry Key...
Tue Aug 14 02:27:10 2007 => Checking CLSID Reference Entries...
Tue Aug 14 02:27:10 2007 => Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.

Tue Aug 14 02:27:10 2007 => Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken.

Tue Aug 14 02:27:11 2007 => Entry "HKCR\GTDOWNDE.GTAutoFixDLCtrl" refers to invalid object "{E856B973-45FD-4559-8F82-EAB539144667}". Action Taken: No Action Taken.

Tue Aug 14 02:27:11 2007 => Entry "HKCR\GTDOWNDE.GTAutoFixDLCtrl.1" refers to invalid object "{E856B973-45FD-4559-8F82-EAB539144667}". Action Taken: No Action Taken.

Tue Aug 14 02:27:11 2007 => Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken.

Tue Aug 14 02:27:12 2007 => Checking Module Usage Entries...
Tue Aug 14 02:27:12 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\asinst.dll". Action Taken: No Action Taken.

Tue Aug 14 02:27:12 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\PCPitstop.dll". Action Taken: No Action Taken.

Tue Aug 14 02:27:12 2007 => Checking User Trusted External App Entries...
Tue Aug 14 02:27:12 2007 => Checking Shared DLL Entries...
Tue Aug 14 02:27:13 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DellSupport.EXE". Action Taken: No Action Taken.

Tue Aug 14 02:27:14 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\PCPitstop.dll". Action Taken: No Action Taken.

Tue Aug 14 02:27:14 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\asinst.dll". Action Taken: No Action Taken.

Tue Aug 14 02:27:14 2007 => Checking Installer Entries...
Tue Aug 14 02:27:17 2007 => Checking Shared Tools Entries...
Tue Aug 14 02:27:17 2007 => Checking File Extension Entries...
Tue Aug 14 02:27:17 2007 => Checking Application Cache Entries...
Tue Aug 14 02:27:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "3DSexVilla-030.001". Action Taken: No Action Taken.

Tue Aug 14 02:27:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "PC Pitstop Optimize_is1". Action Taken: No Action Taken.

Tue Aug 14 02:27:17 2007 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7C3037E1-8AC6-493E-A513-AE0C8A3869EB}". Action Taken: No Action Taken.


If you need me to I'll post the entire log. Thanks I really appreciate the time you are taking to help me.
Kev387
Active Member
 
Posts: 6
Joined: August 16th, 2007, 12:14 am

Unread postby silver » August 16th, 2007, 10:33 pm

Hi Kev387,

If those are all the detections, then there's no need for the rest of the log. I don't think there's much to worry about in there, but we'll check it thoroughly:

SmitfraudFix was flagged which is a legitimate tool, however if you have no current need for it, then please delete the SmitfraudFix folder from your Desktop and SmitfraudFix.exe if present.

A number of registry entries (CLSID, SharedDlls, ARPCache) which refer to invalid objects, this is not malware but leftover entries by programs which are no longer present. You can employ tools to clean these if you wish but I don't recommend it as it is unlikely to help your system in any way.

A file associated with Spy Sweeper has been detected as a trojan. This looks like a false positive, but let's upload it for scanning to double-check this detection:

Open http://virusscan.jotti.org/
Copy/paste this file and path into the white box at the top:
C:\Documents and Settings\All Users\Application Data\webroot\spy sweeper\install.dat

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.

Note: If Jotti is busy, you can use VirusTotal instead.

An adware registry entry has been detected. There isn't much information in the log so let's find and export the actual entries:

Please download RegSeeker and save it to your desktop.
  • Right-click on RegSeeker.zip, select Extract All... and follow the prompts to unzip the files into a new folder
  • Inside the RegSeeker folder, double-click RegSeeker.exe to start the program
  • On the left side click Find in registry
  • In the Search for: box type or copy/paste:
    magnet
  • Then press the Search ! button.
  • When the search is complete, click the Select button at the bottom, and choose Select all
  • Then click Action and choose Export selected items, click OK and OK the prompt
  • Close RegSeeker
  • Inside the RegSeeker folder, open the folder called Backup
  • Inside will be a file called schmap-help-m-d-y-123.reg where m-d-y-123 is the date/time of creation.
  • Right-click on this file and select Edit
  • Notepad will open with the contents of the file. Copy and paste the contents into your next response.
Note: RegSeeker is a very powerful program and if misused, can render your machine unusable. For this reason, I recommend you do not use any other functions of this program.

Once complete, please post the Jotti results and the RegSeeker results.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Kev387 » August 17th, 2007, 12:36 am

Nothing found in the http://virusscan.jotti.org/ scan. Didn't even realize I had a program called azureus installed on my pc, but it showed up on the registry scan you told me to do, is azureus a keylogger or harmful program? Anyway, I copied and pasted the file requested.

REGEDIT4

[HKEY_CLASSES_ROOT\.magnet]
@="Magnet"

[HKEY_CLASSES_ROOT\.magnet]
@="Magnet"

[HKEY_CLASSES_ROOT\Magnet]
@="Magnet URI"
"URL Protocol"=""

[HKEY_CLASSES_ROOT\Magnet\Content Type]
@="application/x-magnet"

[HKEY_CLASSES_ROOT\Magnet\DefaultIcon]
@="C:\\Program Files\\Azureus\\Azureus.exe,0"

[HKEY_CLASSES_ROOT\Magnet\shell]
@="open"

[HKEY_CLASSES_ROOT\Magnet\shell\open]

[HKEY_CLASSES_ROOT\Magnet\shell\open\command]
@="\"C:\\Program Files\\Azureus\\Azureus.exe\" \"%1\""

[HKEY_CLASSES_ROOT\Magnet]
@="Magnet URI"
"URL Protocol"=""

[HKEY_CLASSES_ROOT\Magnet\Content Type]
@="application/x-magnet"

[HKEY_CLASSES_ROOT\Magnet\DefaultIcon]
@="C:\\Program Files\\Azureus\\Azureus.exe,0"

[HKEY_CLASSES_ROOT\Magnet\shell]
@="open"

[HKEY_CLASSES_ROOT\Magnet\shell\open]

[HKEY_CLASSES_ROOT\Magnet\shell\open\command]
@="\"C:\\Program Files\\Azureus\\Azureus.exe\" \"%1\""

[HKEY_CLASSES_ROOT\Magnet\Content Type]
@="application/x-magnet"
Kev387
Active Member
 
Posts: 6
Joined: August 16th, 2007, 12:14 am

Unread postby silver » August 17th, 2007, 1:18 am

Hi Kev387,

Azureus is a peer-to-peer file sharing application. It is not malware but peer-to-peer file sharing networks are one of the biggest sources of malware we see. Anything downloaded from them cannot be trusted to be clean, because even if the file appears to be what it claims to be, it can have malware embedded in it.
For these reasons I recommend removal (if it's still installed), but of course the choice is yours.

You can remove Azureus via Start->Control Panel->Add/Remove Programs.

The registry search didn't find the key the MWAV log referred to. Did you check or uncheck any boxes before running the search?

We can make sure by running the search again and specifying the hive we want to look at:
  • Double-click RegSeeker.exe to start the program
  • On the left side click Find in registry
  • In the Search for: box type or copy/paste:
    magnet
  • Under Keys, make sure HKEY_CURRENT_USER is checked and uncheck all other boxes
  • Under Search options make sure all boxes are checked apart from Match whole word which should be unchecked
  • Then press the Search ! button.
  • When the search is complete, click the Select button at the bottom, and choose Select all
  • Then click Action and choose Export selected items, click OK and OK the prompt
  • Close RegSeeker
  • Inside the RegSeeker folder, open the folder called Backup
  • Inside will be a file called magnet-m-d-y-123.reg where m-d-y-123 is the date/time of creation.
  • Right-click on this file and select Edit
  • Notepad will open with the contents of the file. Copy and paste the contents into your next response.
Note: RegSeeker is a very powerful program and if misused, can render your machine unusable. For this reason, I recommend you do not use any other functions of this program.

Once complete, please post the new search results.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Kev387 » August 17th, 2007, 3:38 am

# Double-click RegSeeker.exe to start the program
# On the left side click Find in registry
# In the Search for: box type or copy/paste:

magnet


# Under Keys, make sure HKEY_CURRENT_USER is checked and uncheck all other boxes
# Under Search options make sure all boxes are checked apart from Match whole word which should be unchecked
# Then press the Search ! button.


I followed these steps exactly and nothing came up.
Kev387
Active Member
 
Posts: 6
Joined: August 16th, 2007, 12:14 am

Unread postby silver » August 17th, 2007, 4:37 am

Hi Kev387,

I followed these steps exactly and nothing came up.


In that case it's not there, so I can't say for sure what MWAV is detecting because there isn't enough information in it's log.

Apart from that, we've covered all the issues in the MWAV log, and if you have no symptoms and all other scans have come up clean I'd say there isn't anything to worry about - but we can do further general checks for malware if you wish.

Let me know how you would like to proceed.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Kev387 » August 17th, 2007, 3:01 pm

Thank you so much Silver for helping me, it's greatly appreciated.
Kev387
Active Member
 
Posts: 6
Joined: August 16th, 2007, 12:14 am

Unread postby silver » August 17th, 2007, 10:40 pm

Hi Kev387,

You can delete RegSeeker now, and here are some tips to help you keep your computer clean:

Operating system vulnerabilities can easily be exploited by malware so please ensure your operating system is automatically kept up to date by using Windows Update:
Go to Start->Control Panel->Automatic Updates
Select Automatic and select a suitable schedule
Also, check that your antivirus and antispyware programs are set to automatically update daily.

Your Java is outdated and is now a security risk
Go to Start » Control Panel » Add/Remove Programs
Search all previous installed versions of Java. (J2SE Runtime Environment.... )
(They should have this icon next to it: Image)
Remove all versions of Java.
Download and install the newest version of Java Runtime Environment (JRE) (version 6 update 2), from here:
http://java.sun.com/javase/downloads/index.jsp

Spywareblaster is a free program which prevents the download and installation of Internet Explorer ActiveX based malware by immunizing your system against it. You can download Spywareblaster from here and a tutorial to help you get started is available here.

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

Please take care when downloading programs. One of the easiest ways to be infected is to download freeware/shareware programs which come laden with malware - this includes allowing websites to install browser plug-ins orActiveX controls. Before downloading, it is crucial to check whether the source is reputable.
One way to check is to use McAfee SiteAdvisor. Copy the domain name into the space provided and SiteAdvisor will give you a report on the website which can help you decide if it is safe. They also have a toolbar for IE and Firefox which adds this functionality to your browser.

Find out more about how to prevent infection in the future
http://forum.malwareremoval.com/viewtopic.php?p=33687

Please post back to let me know that you have read this, and if there are any further issues.
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Kev387 » August 20th, 2007, 4:08 am

Please post back to let me know that you have read this, and if there are any further issues.


Have done everything you told me to, and have no further issues. Your help was greatly appreciated. :D
Kev387
Active Member
 
Posts: 6
Joined: August 16th, 2007, 12:14 am

Unread postby silver » August 20th, 2007, 4:30 am

You're very welcome and best of luck!
User avatar
silver
Regular Member
 
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Elrond » August 20th, 2007, 5:23 am

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 259 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware