Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

MGY.exe

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

MGY.exe

Unread postby farhan » March 2nd, 2010, 7:43 am

I am hit by this malware that I've never encountered before and I cannot remove it. I've attached a combofix text report for your reference. Basically this malware disables all functions like regedit, msconfig, folder view, cmd and even some anti-spyware tool.
I went into safe mode still it boots up. It has a bogus system file Iass.exe , Crss.exe etc but in a different folder written in the registry. However, in safe mode i can view go into regedit and task manager. I disable the process but it keeps on coming again. I delete registry entry it still keeps coming. I even went into windows console manager and use command line to delete but access is denied. I tried to change some visible file its ACL. after which can be deleted in console manager. But the major files are still complete hidden and cannot change the ACL. I created a batch file to use cacls command to give full access but since CMD is disabled, it run for 0.000001 sec and it shuts down cmd. HELP. Please view the Combofix report.

Report as follows:

ComboFix 10-03-01.01 - Administrator 03/02/2010 11:19:23.2.1 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.218 [GMT 8:00]
Running from: c:\documents and settings\projc2\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
.
---- Previous Run -------
.
C:\autorun.inf
c:\windows\Downloaded Program Files\Install.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE


((((((((((((((((((((((((( Files Created from 2010-02-02 to 2010-03-02 )))))))))))))))))))))))))))))))
.

2010-03-02 03:28 . 2010-03-02 03:28 1032704 ----a-w- c:\windows\MGY.exe
2010-03-01 08:43 . 2010-02-03 06:00 8005 ----a-w- c:\windows\kill.vbs
2010-03-01 08:43 . 2010-02-03 06:00 8005 ----a-w- C:\kill.vbs
2010-03-01 08:07 . 2010-03-01 08:07 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-02-26 03:33 . 2010-02-26 03:33 -------- d-----w- c:\documents and settings\projc2\Application Data\Malwarebytes
2010-02-26 03:33 . 2010-01-07 08:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-26 03:33 . 2010-01-07 08:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-26 03:32 . 2010-02-26 03:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-26 03:32 . 2010-02-26 03:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-26 02:46 . 2009-11-12 18:45 16417245 --sha-r- c:\windows\system32\mgy.exe
2010-02-26 02:46 . 2009-11-12 18:45 16417245 --sha-r- C:\mgy.exe
2010-02-26 02:46 . 2010-03-02 03:28 -------- d-sh--r- c:\windows\system32\{271287-000021-100287-705016}
2010-02-25 00:16 . 2010-02-25 00:17 -------- d-----w- c:\documents and settings\projc2\Local Settings\Application Data\Temp
2010-02-08 06:16 . 2010-02-08 06:16 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-02-06 06:11 . 2010-02-06 06:11 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-02-02 04:56 . 2010-02-02 04:56 -------- d-----w- c:\program files\Common Files\Java
2010-02-01 00:13 . 2010-02-05 00:10 -------- d-----w- c:\documents and settings\projc2\Application Data\PPlive

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-02 03:29 . 2008-04-28 03:46 -------- d-----w- c:\program files\Symantec AntiVirus
2010-03-02 02:50 . 2009-12-02 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PPLive
2010-03-02 02:15 . 2009-06-18 11:16 -------- d-----w- c:\program files\PPStream
2010-03-02 00:11 . 2009-06-18 11:17 -------- d-----w- c:\documents and settings\projc2\Application Data\PPStream
2010-02-26 03:34 . 2010-02-26 03:34 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-26 00:02 . 2009-06-21 04:32 1287 ----a-w- c:\windows\system32\cid_store.dat
2010-02-22 00:35 . 2009-10-19 12:10 -------- d-----w- c:\program files\GVOD
2010-02-17 02:39 . 2009-11-22 05:01 -------- d-----w- c:\program files\QvodPlayer
2010-02-15 01:10 . 2009-06-21 04:32 -------- d-sh--w- c:\documents and settings\All Users\Application Data\thunder_vod_cache
2010-02-13 01:45 . 2010-02-13 01:45 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\NAVEX32A.DLL
2010-02-13 01:45 . 2010-02-13 01:45 1324720 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\NAVEX15.SYS
2010-02-13 01:45 . 2010-02-13 01:45 177520 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\NAVENG32.DLL
2010-02-13 01:45 . 2010-02-13 01:45 84912 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\NAVENG.SYS
2010-02-13 01:45 . 2010-02-13 01:45 102448 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\ERASER.SYS
2010-02-13 01:45 . 2010-02-13 01:45 371248 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\EECTRL.SYS
2010-02-13 01:45 . 2010-02-13 01:45 259440 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\ECMSVR32.DLL
2010-02-13 01:45 . 2010-02-13 01:45 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd309803.vdb\CCERASER.DLL
2010-02-11 04:21 . 2009-10-19 12:13 -------- d-sh--w- c:\documents and settings\All Users\Application Data\GVODCache
2010-02-06 06:10 . 2008-06-12 01:51 -------- d-----w- c:\program files\Google
2010-02-02 04:57 . 2010-02-02 04:57 503808 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4e0c0c67-n\msvcp71.dll
2010-02-02 04:57 . 2010-02-02 04:57 348160 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4e0c0c67-n\msvcr71.dll
2010-02-02 04:56 . 2010-02-02 04:56 499712 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-4e0c0c67-n\jmc.dll
2010-02-02 04:56 . 2010-02-02 04:56 61440 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-66e26215-n\decora-sse.dll
2010-02-02 04:56 . 2010-02-02 04:56 12800 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-66e26215-n\decora-d3d.dll
2010-02-02 04:54 . 2009-01-13 02:59 -------- d-----w- c:\program files\Java
2010-01-21 00:08 . 2009-11-06 03:15 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-19 10:32 . 2009-06-21 04:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Thunder Network
2010-01-13 00:07 . 2009-12-02 06:20 -------- d-----w- c:\program files\PPLiveVA
2010-01-13 00:07 . 2009-12-02 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\PPLiveVA
2010-01-13 00:07 . 2009-12-02 06:16 -------- d-----w- c:\program files\PPLive
2010-01-13 00:07 . 2010-01-13 00:06 -------- d-----w- c:\program files\Common Files\PPLiveNetwork
2010-01-12 00:12 . 2009-12-02 06:21 -------- d-----w- c:\documents and settings\projc2\Application Data\PPLiveVA
2010-01-12 00:12 . 2010-01-12 00:12 6005448 ----a-w- c:\documents and settings\projc2\Application Data\PPLiveVA\PPVAUpdate\PPVAUpdate.exe
2010-01-09 07:41 . 2010-01-08 04:23 152576 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-01-09 07:40 . 2009-12-03 00:10 79488 ----a-w- c:\documents and settings\projc2\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-06 05:11 . 2010-01-19 10:39 390960 ----a-w- c:\documents and settings\All Users\Application Data\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.20\xldcagent.dll
2010-01-05 08:57 . 2009-12-02 06:20 2403376 ----a-w- c:\documents and settings\All Users\Application Data\PPLive\update\PPLiveLiteSetup2.exe
2009-12-31 16:14 . 2004-08-04 12:00 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:42 . 2004-08-04 12:00 662016 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-17 09:14 . 2009-01-13 02:59 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 12:58 . 2008-04-28 02:59 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 18:55 . 2004-08-04 12:00 2180352 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:19 . 2004-08-03 22:59 2057728 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 14:41 . 2004-08-04 12:00 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-02 09:33 . 2010-01-15 04:07 137008 ----a-w- c:\documents and settings\All Users\Application Data\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.17\xl_mole.dll
2009-11-12 18:45 . 2010-02-26 02:46 16417245 --sha-r- c:\windows\system32\mgy.exe
2009-11-12 18:45 . 2010-03-01 11:11 16417245 --sh--r- c:\windows\system32\{271287-000021-100287-705016}\csrss.exe
2009-11-12 18:45 . 2010-02-26 02:46 16417245 --sha-r- c:\windows\system32\{271287-000021-100287-705016}\smss.exe
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 43333B1B7E6AE2D4367C7F0B366A85A6 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\tcpip.sys
[7] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB941644$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-19 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-07 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-02-29 66680]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2004-03-12 124128]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Msmsgs"="c:\windows\system32\{271287-000021-100287-705016}\csrss.exe" [2009-11-12 16417245]
"mgy"="c:\windows\system32\mgy.exe" [2009-11-12 16417245]

c:\documents and settings\projc2\Start Menu\Programs\Startup\
PPS.lnk - c:\program files\PPStream\PPStream.exe [2009-11-27 2540424]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoHelp"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoFind"= 1 (0x1)
"NoFolderOptions"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="c:\windows\system32\{271287-000021-100287-705016}\smss.exe"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mgy]
2009-11-12 18:45 16417245 --sha-r- c:\windows\system32\mgy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Msmsgs]
2009-11-12 18:45 16417245 --sh--r- c:\windows\system32\{271287-000021-100287-705016}\csrss.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\PPStream\\PPStream.exe"=
"c:\\Program Files\\PPStream\\PPSAP.exe"=
"c:\\Program Files\\PPStream\\update\\ppstreamsetup-update090811.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Thunder Network\\Thunder\\Program\\Thunder.exe"=
"c:\\Program Files\\GVOD\\GVODS.exe"=
"c:\\Program Files\\PPLive\\PPLive.exe"=
"c:\\Program Files\\PPLiveVA\\PPLiveVA.exe"=
"c:\\Program Files\\PPLive\\PPVA\\PPLiveVA_U.exe"=
"c:\\Program Files\\PPLive\\PPVA\\FlvPick.exe"=
"c:\\Program Files\\PPLive\\PPVA\\PPLiveVA.exe"=
"c:\\Program Files\\PPLive\\PPVA\\crashreporter.exe"=
"c:\\Program Files\\PPLive\\PPVA\\PPVADownload.exe"=
"c:\\Program Files\\PPLive\\PPVA\\DownloadProgress.exe"=
"c:\\Program Files\\Common Files\\PPLiveNetwork\\PPAP.exe"=
"c:\\Program Files\\QvodPlayer\\QvodTerminal.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/6/2010 2:10 PM 135664]
S2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/12/2004 3:18 PM 169192]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [6/19/2007 7:51 AM 81832]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL mgy.exe
\Shell\Explore\command - C:\mgy.exe
\Shell\Open\command - C:\mgy.exe
.
Contents of the 'Scheduled Tasks' folder

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 06:10]

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 06:10]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://dl.pplive.com/PluginSetup.cab
.
- - - - ORPHANS REMOVED - - - -

BHO-{db9d7a78-a76c-4bf2-97c6-258925ee1542} - (no file)
AddRemove-Burn4Free - c:\documents and settings\projc2\Desktop\Viet Songs\Burn4Free\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-02 11:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1816)
c:\windows\system32\browselc.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\windows\regedit.exe
.
**************************************************************************
.
Completion time: 2010-03-02 11:40:09 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-02 03:40

Pre-Run: 17,937,801,216 bytes free
Post-Run: 17,901,518,848 bytes free

- - End Of File - - 4FDEA6CDC5946DA66E03C824FDC97ECC
farhan
Active Member
 
Posts: 1
Joined: March 2nd, 2010, 7:33 am
Advertisement
Register to Remove

Re: MGY.exe

Unread postby Gary R » March 2nd, 2010, 11:32 am

It is extremely foolish to run a powerful tool like Combofix if you're not trained in its use and don't know what you're doing.

May I draw your attention to THIS topic, which you should have read, and which tells you what we need you to post so that we can help you.

This thread will now be closed.

If you still need help, please start a new thread with:-
  • A HijackThis log.
  • An Uninstall list.
  • Details of the problems you're experiencing.

If for any reason you can't run HijackThis, please let us know in your post.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 466 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware