Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

SPYAXE

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

SPYAXE

Unread postby davies2201 » December 28th, 2005, 8:36 am

Hello everyone, I am new and not a computer person! My computer has recently been infected by SPYAXE :x I have ran hijack this and this is the log......what do I do now ? Pleaseeee :D

Logfile of HijackThis v1.99.1
Scan saved at 12:30:28, on 28/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvctrl.exe
C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
c:\progra~1\mcafee.com\vso\mcvsescn.exe
C:\Program Files\SpyAxe\spyaxe.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SpyAxe\spyaxe.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\progra~1\mcafee.com\vso\mcvsftsn.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\mssearchnet.exe
c:\program files\mcafee.com\shared\mghtml.exe
c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe
C:\DOCUME~1\OWNER~1.ADA\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp9727.tmp
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9407479466
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am
Advertisement
Register to Remove

Unread postby amateur » December 28th, 2005, 9:11 am

Hi Davies2201 :) ,

Welcome to MRU. I'll be happy to help you. It will take some time for me to research the items in your log. So, please be patient. I'll be back as soon as I can.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby davies2201 » December 28th, 2005, 9:17 am

Many thanks
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am

Unread postby amateur » December 28th, 2005, 11:32 am

Hi Davies2201 :) ,

Thanks for being patient. :) I think we'll be able to help you get rid you of this pest.

First: You're running HJT from a TEMP directory:

C:\DOCUME~1\OWNER~1.ADA\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

When you do so, either HJT will not create its log files and backup files; or if it does, you risk losing them when the TEMP's cache is cleared. It's important that you save these backup files, in case you have to "undo" [restore] some of the things you "FIX" incorrectly.
So you need to move HJT into a separate, non-temporary, non-Desktop, directory of its own. We recommend using the directory C:\HJT , so that it will then appear in your log, under running processes, as C:\HJT\HiJackThis.exe
=========================

I am going to ask you to download some programs. Do not run them yet. We'll do that later.

If there's anything that you don't understand, please ask before you proceed with the fixes. Please read carefully and then print these instructions so that you'll have access to them later when you are in Safe Mode.

Please download:

Trial version of Ewido Security Suite 3.5 from here:

" Install Ewido Security Suite.
" When installing, under Additional Options uncheck Install background guard and Install scan via context menu.
" When you run Ewido for the first time, you could get a warning "Database could not be found!". Click Ok.
" The program will prompt you to update. Click the Ok button.
" The program will now go to the main screen.
You will need to update Ewido to the latest definition files.
" On the left-hand side of the main screen click the Update Button.
" Click on Start.
The update will start and a progress bar will show the updates being installed.
Once finished updating, close Ewido.

If you are having problems with the updater, you can use this link Ewido manual updates to manually update ewido.
Make sure to close Ewido before installing the update.

When you have finished updating, EXIT Ewido.
=======
Place a shortcut to Panda ActiveScan on your desktop.
=======

SmitRem Fix Version 2.8
Double click on the file to extract it to it's own folder on the desktop. Do not run it yet.
=======

Ccleaner

=======

Ad-Aware SE and install it. If you already have Ad-Aware SE, please configure it as indicated below. If you have a previous version of Ad-Aware, please uninstall your current version and install the newest version SE 1.06. Do not use it yet.

==============================================

I see that you are using McAfee security suit. After you've downloaded the above programs, you'll need to disconnect from the internet and turn off/disable/deactivate the realtime protection and scanners, i.e. McAfee, while we are working on this fix so that it will not interfere with the fix. Please turn it on again before you get on line for the online virus scan at the end of the fix.

==============================================
We need to show hidden files and folders.

Start>My Computer >Tools>Folder Options> View

Under the Hidden files and folders heading select Show hidden files and folders.
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Uncheck the Hide file extensions for known file types.
Click OK.

You will be prompted to reboot... choose NO
Close out of the Control Panel
==============================================

Reboot in Safe Mode by restarting your computer and after the first 'beep' begin tapping on the F8 key. A black menu page will appear.
Use your arrow keys to choose Safe Mode (without networking!)
Click on the Enter key.
Your desktop will appear, although it will be very distorted. The words Safe Mode will be on each corner of the desktop.

===============================================

Run HijackThis and click on Scan. Close all other windows except HijackThis. Put a checkmark against:



O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp9727.tmp

O4 - HKLM\..\Run: [SpyAxe] C:\Program Files\SpyAxe\spyaxe.exe /h


press the Fix checked button, and then close HijackThis.

===============================================

Still in Safe Mode, on your keyboard, click on the Windows key and the E key to bring up your Windows Explorer. Click to expand the C:/ drive, navigate to and delete the following files and folders in bold, if found:

C:\WINDOWS\system32\hp9727.tmp Note: this may have changed names. Look in the System32 Folder for any hpxxx.tmp files and delete them all
C:\WINDOWS\system32\mssearchnet.exe
C:\Program Files\SpyAxe

While you still have your Windows Explorer open, scroll through the C:\Windows to the Prefetch folder. Open the folder. Go to Edit>Select All and delete the contents of the folder. Close Windows Explorer.

Empty your recycle bin.

==============================================
Still in Safe Mode Open and Run SmitRem

Open the smitRem Folder, then double-click the RunThis.bat file to start the tool. Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish.
The tool will create a log named smitfiles.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply. Stay on Safe Mode.

==============================================

Still in Safe Mode Run Ccleaner

Click on Options, Select Advanced Now UNCHECK "Only delete files in Windows Temp folders older than 48 hours"
Make sure the Cleaner block on the left is selected. (Do not use the "Issues" block) Choose the Windows tab.
Check everything EXCEPT cookies, the Autocomplete Form History and the Advanced part of the Menu.
Choose Run Cleaner. This process could take a while.
When CCleaner shows how much has been removed, cleaning is finished. Click Exit. Stay on Safe Mode.
[/B]
==============================================

Run Ewido in Safe Mode.

Close ALL open Windows / Programs / Folders. Please start Ewido Security Suite, and run a full scan.
" Click on Scanner
" Click on Settings
o Under How to scan all boxes should be checked
o Under Unwanted Software all boxes should be checked
o Under What to scan select Scan every file
o Click on Ok
" Click on Complete System Scan to start the scan process.
" Let the program scan the machine.

If ewido finds anything, it will pop up a notification. We have been finding some cases of false positives with the new version of Ewido, so we need to step through the fixes one-by-one. If Ewido finds something that you KNOW is legitimate (for example, parts of AVG Antivirus, pcAnywhere and the game "Risk" have been flagged), select "none" as the action. DO NOT check "Perform action with all infections". If you are unsure of an entry, select "none" for the time being. I'll see that in the log you will post later and let you know if ewido needs to be run again.

Once the scan has completed, there will be a button located on the bottom of the screen named Save Report.
" Click "Save Report"
" Save the report to your Desktop

==============================================

Go to Control Panel > Internet Options. Click on the Programs tab then click the "Reset Web Settings" button. Click Apply then OK.

==============================================

Next go to Control Panel > Display. Click on the "Desktop" tab then click the "Customize Desktop" button. Click on the "Web" tab. Under "Web Pages" you should see an entry checked called something like "Security info" or similar. If it is there, select that entry and click the "Delete" button. Click OK then Apply and OK.

==============================================

Still in Safe Mode run Ad-Aware and Click on the Scan Now Button
o Choose Perform Full System Scan
o DESELECT Search for negligible risk entries, as negligible risk entries (MRU's) are not considered to be a threat. (make it show a red X)
Click Next to begin the scan. When the scan is completed, the Performing System Scan screen will change name to Scan Complete.

Click the Next Button to get to the Scanning Results Window where more information about the objects detected during the scan is available. Click the Critical Objects Tab. In general all of the items listed will be bad. To fix all the bad critical objects, right click on one of them, click the Select All entry in the pop-up menu to mark all entries. Click Next and then OK in the dialog box to confirm the removal.
Press Close to exit.
==============================================

Reboot in Normal Mode

==============================================

Turn on/activate/enable your McAfee security suit before you connect to the internet.

==============================================

Run Panda's ActiveScan and perform a full system scan.
" Once you are on the Panda site click the Scan your PC button.
" A new window will open...click the big Check Now button.
" Enter your Country.
" Enter your State/Province.
" Enter your e-mail address.
" Select either Home User or Company.
" Click the big Scan Now button.
" Allow the ActiveX component to install and download the files required for the scan. This may take a couple of minutes.
" Click on Local Disks to start the scan.
Click on the Panda Active Scan and run it.
Let it clean, disinfect, quarantine any items found. Save the report that it creates.
===============================================

you are running an old version of Java. The most current version of Sun Java is: Java Runtime Environment Version 5.0 Update 6

To check your version to see if it is the latest version, Please go to this link to verify your version to get the updates needed:
You'll need to use IE and allow ActiveX for this update. Follow the instructions on that page to verify Your Java software
Or you can get the manual download here:
Once you have installed the latest update, please go to Add/Remove Programs and remove all older instances of Java listed there.

=====================================================

Reboot and run HijackThis again.

Please post the new HijackThis log, Ewido report, results from smitfiles.txt, and the Panda online scan result in your next post.

If you're left with a white screen, move your mouse to the top right corner, where the X button usually is and one should appear (kind of in a "hide taskbar" sort of manner) Click it and the white screen goes away!
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby davies2201 » December 28th, 2005, 1:57 pm

: 28 Dec 2005
Posts: 627
Location: RI
Usergroups:
[ MRU Undergrad ]


Posted: Wed 28 Dec, 2005 3:32 pm Post subject:

--------------------------------------------------------------------------------

Hi Davies2201 ,

Thanks for being patient. I think we'll be able to help you get rid you of this pest.

First: You're running HJT from a TEMP directory:

C:\DOCUME~1\OWNER~1.ADA\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

When you do so, either HJT will not create its log files and backup files; or if it does, you risk losing them when the TEMP's cache is cleared. It's important that you save these backup files, in case you have to "undo" [restore] some of the things you "FIX" incorrectly.
So you need to move HJT into a separate, non-temporary, non-Desktop, directory of its own. We recommend using the directory C:\HJT , so that it will then appear in your log, under running processes, as C:\HJT\HiJackThis.exe


Ok I have put that into a C: directory of its own...is that right
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am

Unread postby amateur » December 28th, 2005, 3:16 pm

Hi davies2201,
C: directory of its own...

I think you've done it right, but to make sure: what we mean is that it should be housed in a folder of its own.

C:\HijackThis<=== the folder\HijackThis.exe <====the file . In order to open HijackThis you need to click on this file.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby davies2201 » December 28th, 2005, 6:26 pm

First things first- everything is back to normal!

smitRem © log file
version 2.8

by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: 28/12/2005
The current time is: 19:01:21.03

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!


checking for WinHound.com key


WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Security Troubleshooting.url


~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

wbeconm.dll
1024 dir
msvol.tlb

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 20:29:42, 28/12/2005
+ Report-Checksum: B201CBD9

+ Scan result:

C:\Program Files\Common Files\Sony Shared\Visualizer\ExlGen.dll -> Dialer.Generic : Ignored
C:\Documents and Settings\Neil\Cookies\neil@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Neil\Cookies\neil@com[1].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Neil\Local Settings\Temporary Internet Files\Content.IE5\CL4NAHI1\Windows_XP_CD_Key_and_Product_ID_Changer_by_NaPsteR[1].zip/crack.exe/ist1.exe -> Downloader.IstBar.is : Error during cleaning
C:\Documents and Settings\Neil\Local Settings\Temporary Internet Files\Content.IE5\QRQZE7GX\prompt[1].htm -> Downloader.IstBar.j : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@247realmedia[2].txt -> Spyware.Cookie.247realmedia : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@adopt.euroclick[2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@adopt.specificclick[2].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ads05.bpath[2].txt -> Spyware.Cookie.Bpath : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@advertising[1].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@adviva[1].txt -> Spyware.Cookie.Adviva : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@bfast[2].txt -> Spyware.Cookie.Bfast : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@bs.serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@casalemedia[2].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@centrport[1].txt -> Spyware.Cookie.Centrport : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@citi.bridgetrack[2].txt -> Spyware.Cookie.Bridgetrack : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter.hitslink[2].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter1.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter10.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter11.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter13.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter15.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter16.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter2.hitslink[1].txt -> Spyware.Cookie.Hitslink : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter2.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter4.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter5.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter6.sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter7.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@counter8.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@cs.sexcounter[2].txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@cz6.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@cz7.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@data.coremetrics[1].txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@data2.perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@data3.perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfk4cjcpaap.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfkyggd5ikp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfl4ekczibp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfl4qoczecp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfliekc5ieq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfliknd5klp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wflisgcjgko.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfliugcjklp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wfmycgdpwho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wgkyejdpafo.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjk4cocjadp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjk4gkazmdp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjkyendzcho.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjlocgcpikp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjloeid5wfp.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjlygmc5ggp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjmyandpcgq.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjmyoodzilo.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjmyuhdzgbp.stats.esomniture[2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@e-2dj6wjny-1nc5ig.stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-adidas.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-adidasus.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-bbc.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-cygnusbm.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-debenhams.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-idg.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-micron.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-newscientist.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-nokiafin.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-paxinternet.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-samsungusa.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-sonyesolutions.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-sonymusic.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-suite101.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-systemax.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-techtarget.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ehg-usnewsworldreport.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@estat[1].txt -> Spyware.Cookie.Estat : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@hg1.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@linksynergy[2].txt -> Spyware.Cookie.Linksynergy : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@media.fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@microsoftwga.112.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@msnportal.112.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@paycounter[1].txt -> Spyware.Cookie.Paycounter : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@perf.overture[1].txt -> Spyware.Cookie.Overture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@phg.hitbox[2].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@qksrv[2].txt -> Spyware.Cookie.Qksrv : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@revenue[1].txt -> Spyware.Cookie.Revenue : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@sexlist[2].txt -> Spyware.Cookie.Sexlist : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@sonycorporate.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@spylog[2].txt -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@stat.onestat[1].txt -> Spyware.Cookie.Onestat : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@statcounter[2].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@stats.esomniture[1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@statse.webtrendslive[2].txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@targetnet[2].txt -> Spyware.Cookie.Targetnet : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@thomascook.122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@trafficmp[2].txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@trafic[1].txt -> Spyware.Cookie.Trafic : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@usnews.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@valueclick[1].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@valueclick[3].txt -> Spyware.Cookie.Valueclick : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@weborama[2].txt -> Spyware.Cookie.Weborama : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Owner.ADAM\Cookies\owner@xxxcounter[2].txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B057C0AD-1C0F-4FF3-8DC9-3234AB\38F0CF2C-09B6-4761-8E69-14A5B4 -> Spyware.VB : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B057C0AD-1C0F-4FF3-8DC9-3234AB\8B753580-A615-46D8-8842-4FE8BD -> Trojan.Starter.e : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B057C0AD-1C0F-4FF3-8DC9-3234AB\BEFA0CE4-F766-4B6C-B034-13DAE1 -> Spyware.Chiem : Cleaned with backup


::Report End






Hijack nolonger is able to work due to antivirus....
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am

Unread postby amateur » December 28th, 2005, 8:32 pm

Hi Davies2201 :) ,

I need more information:

1. The end section of the Smitrem log is missing. Can you please check that and post the full log?
2.
Hijack nolonger is able to work due to antivirus....

Can you please explain this? Were you able to run the HijackThis in the fix? You were supposed to
disconnect from the internet and turn off/disable/deactivate the realtime protection and scanners, i.e. McAfee, while we are working on this fix so that it will not interfere with the fix. Please turn it on again before you get on line for the online virus scan at the end of the fix.
.

3. I need to see the HijackThis logs both from your account as well as Neil's account.

I'll be waiting for your reply. Thanks :)
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby davies2201 » December 29th, 2005, 12:29 pm

1)

~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

wbeconm.dll
1024 dir
msvol.tlb
ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
mscornet.exe
logfiles


~~~ Icons in System32 ~~~

ts.ico
ot.ico


~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 824 'explorer.exe'

Starting registry repairs

Deleting files


Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url


~~~ Favorites ~~~



~~~ system32 folder ~~~



~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Miscellaneous Files/folders ~~~




~~~ Wininet.dll ~~~

CLEAN! :)


Thats the complete log it gave me.....

2)Yeah hijack was run all other stages...just the very last time you asked for it to be run my antivirus is now blocking it(out of safe mode). It was run as your instructions asked.

Thanks for all your help!!! 8) :D
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am

Unread postby amateur » December 29th, 2005, 6:23 pm

Hi Davies2201 :D ,

Thank you for the complete Smitrem log. :) I am glad that it worked. :) However, I am still waiting for the Panda report, and HijackThis logs from your account and Neil's account to determine whether the computer is clean or not. But, before we continue, I need to make sure that you have a legitimate copy of XP running on your machine as there are some indications to the contrary in your logs. Please read the forum policy on this subject here.

Happy New Year!
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby davies2201 » December 29th, 2005, 8:58 pm

Yes my XP is legitimate- the XP home edition came with my laptop :D

I will get those two files as soon as I locate them. I am no computer whizz kid as you can tell :D

Happy New Year to yourself too :D
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am

Unread postby amateur » December 29th, 2005, 9:36 pm

Hi Davies2201 :D ,

Take your time. Here is how you validate your copy of Windows XP:
http://www.microsoft.com/resources/howt ... fault.mspx
Click on "Run the Windows Validation Assistant". Let me know the results. I'll be away for three days. So, please don't worry if you don't hear from me during the next three days.
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby davies2201 » December 30th, 2005, 8:32 am

Do the words 'OEM Software' appear beneath the product name in the center of your Certificate of Authenticity?
Yes No



You should have received a recovery solutions CD from your PC manufacturer. To verify that the recovery solutions CD that came with your PC is genuine, please contact your PC manufacturer.


It says Samsung Electronics :?
davies2201
Active Member
 
Posts: 7
Joined: December 28th, 2005, 8:32 am

Unread postby amateur » January 1st, 2006, 9:18 pm

Hi davies2201 :) ,

Do the words 'OEM Software' appear beneath the product name in the center of your Certificate of Authenticity?
Yes No

You should have received a recovery solutions CD from your PC manufacturer. To verify that the recovery solutions CD that came with your PC is genuine, please contact your PC manufacturer.


It says Samsung Electronics


I am not not sure if I understand you here. Let's try another way of validating your XP. Click on My Computer. Then click on "help" button. In the drop-down box, click on "Is this copy of windows legal". A page will be opened. In that page, choose option #1 and click on "Validate now". You may need to give permission for an Active X installation. The Windows Validation Assistant will scan your product key to help you determine whether your computer’s operating system is genuine.

I am also still waiting for the Panda report, and the HijackThis logs from your account and Neil's account.
Thanks. :)
User avatar
amateur
MRU Master
MRU Master
 
Posts: 2545
Joined: September 25th, 2005, 1:13 pm
Location: RI, USA

Unread postby NonSuch » January 10th, 2006, 4:43 am

Whilst we appreciate that you may be busy, it has been 10 days or more since we heard from you.

Infections can change and fresh instructions will now need to be given. This topic is now closed, if you still require assistance then please start a new topic in the Malware Removal Forum.

If you wish this topic reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid,
working link to the closed topic is required along with the user name used.
If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 488 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware