Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect/jsc.google-analytic .com


  • This topic is locked This topic is locked
2 replies to this topic

#1 littleneko

littleneko

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 05 June 2010 - 11:54 PM

My OS is Windows 7 and I am using the most current FF browser. I have 2 hard drives on my computer.

I was browsing in FF a couple of days ago when I noticed my browser spazzing out and opening a new window with the address jsc.google-analytic.com. I immediately starting running antivirus software (I had MSE and Malwarebyes installed). I didn't find anything using those programs. The problem later spread to my IE 8 and to 5 other computers in the house. To my knowledge, I didn't download a fake anti-virus program, but maybe a fake windows/silverlight update?

I've tried flushing my dns, pinging the fake website and got the ip address 205.234.231.38. I've also ran the following programs: Avira, AVG, Spybot, CureIt, Sophos, and Eset and they haven't found anything. We've also ran Avast, Kaspersky, Blacklight, Stinger, Microsoft malicious removal tool, House call, Unhijackme on another computer that is running vista. I also tried tried to find it manually and looked up other methods that people have tried to no avail. I had to resort to running noscript in FF, but that's not a fix.

One of our laptops had malware on it, but it's still experiencing the problem and none of the anti-virus programs on the other computers have found anything.


My question is this: How can I remove this virus from my computer and keep it clean and not get reinfected if it's somehow on our network? Or would it be better to reformat all my drives and all the other computers' drives as well and hope that files that have to be backed up aren't infected?

Also: I tried using gmer.exe, but it gave me the error: "the system cannot find the file specified" and upon scan it said that it was being used by another program. TIA for any help you can provide!


My DDS info:

DDS (Ver_10-03-17.01) - NTFSX64
Run by Music at 0:03:21.87 on Sun 06/06/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3063.1992 [GMT -4:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Music\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mLocal Page = c:\windows\syswow64\blank.htm
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\users\music\appdata\roaming\mozilla\firefox\profiles\g2gwsgji.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msnbc.msn.com/
FF - plugin: c:\program files (x86)\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files (x86)\nvidia corporation\3d vision\npnv3dv.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\nvidia corporation\3d vision\nvSCPAPISvr.exe [2010-4-3 240232]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt64win7.sys [2009-12-19 314400]
S3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\83B0.tmp [2010-6-5 6144]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-27 1255736]

=============== Created Last 30 ================

2010-06-06 02:43:16 6144 ------w- c:\windows\system32\83B0.tmp
2010-06-06 02:42:50 6144 ------w- c:\windows\system32\1B8B.tmp
2010-06-06 02:39:59 18816 ------w- c:\windows\syswow64\SAVRKBootTasks.sys
2010-06-06 02:09:01 6144 ------w- c:\windows\system32\8C8E.tmp
2010-06-06 02:08:31 6144 ------w- c:\windows\system32\14A0.tmp
2010-06-06 02:08:22 0 d-----w- c:\program files (x86)\Sophos
2010-06-05 22:00:07 0 d-----w- c:\users\music\DoctorWeb
2010-06-05 01:55:26 0 d-----w- c:\windows\pss
2010-06-04 19:50:43 0 d-----w- c:\program files (x86)\Trend Micro
2010-06-04 19:23:04 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-04 19:23:04 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
2010-06-04 17:04:48 0 d-----w- c:\program files (x86)\CCleaner
2010-06-04 16:57:16 0 d-----w- c:\users\music\appdata\roaming\Malwarebytes
2010-06-04 16:57:07 24664 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-04 16:57:07 0 d-----w- c:\programdata\Malwarebytes
2010-06-04 16:57:07 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-06-01 19:35:24 0 d-----w- c:\programdata\Yahoo!
2010-06-01 19:33:27 0 d-----w- c:\program files (x86)\Yahoo!
2010-05-28 20:24:01 0 d-----w- c:\users\music\appdata\roaming\WindSolutions
2010-05-28 20:23:50 0 d-----w- c:\programdata\WindSolutions
2010-05-28 20:18:31 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-05-28 18:49:02 0 d-----w- c:\program files\WinRAR
2010-05-28 18:42:00 0 d-----w- c:\programdata\Adobe
2010-05-28 18:30:23 0 d-----w- c:\program files (x86)\JRE
2010-05-28 18:30:07 0 d-----w- c:\program files (x86)\OpenOffice.org 3
2010-05-28 18:18:25 0 d-----w- c:\programdata\Sun
2010-05-28 18:18:06 411368 ----a-w- c:\windows\syswow64\deployJava1.dll
2010-05-28 18:18:06 153376 ----a-w- c:\windows\syswow64\javaws.exe
2010-05-28 18:18:06 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-05-28 18:18:06 145184 ----a-w- c:\windows\syswow64\java.exe
2010-05-28 17:56:14 0 d-----w- c:\windows\syswow64\Adobe
2010-05-28 17:55:30 0 d-----w- c:\windows\syswow64\Macromed
2010-05-28 17:55:19 0 d-----w- c:\programdata\NOS
2010-05-28 17:52:59 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-05-28 17:52:59 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2010-05-28 17:52:59 107368 ----a-w- c:\windows\syswow64\GEARAspi.dll
2010-05-28 17:52:47 0 d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-05-28 17:52:47 0 d-----w- c:\program files\iTunes
2010-05-28 17:52:47 0 d-----w- c:\program files\iPod
2010-05-28 17:52:47 0 d-----w- c:\program files (x86)\iTunes
2010-05-28 17:52:10 0 d-----w- c:\programdata\Apple Computer
2010-05-28 17:51:56 0 d-----w- c:\program files\common files\Apple
2010-05-28 17:51:50 0 d-----w- c:\program files\Bonjour
2010-05-28 17:51:50 0 d-----w- c:\program files (x86)\Bonjour
2010-05-28 17:51:43 0 d-----w- c:\programdata\Apple
2010-05-28 17:35:06 0 d-----w- c:\program files (x86)\Microsoft
2010-05-28 17:34:51 0 d-----w- c:\program files (x86)\Windows Live SkyDrive
2010-05-28 17:31:33 0 d-----w- c:\program files (x86)\common files\Windows Live
2010-05-28 17:30:54 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-05-28 00:27:05 0 d-----w- c:\program files (x86)\Ventrilo
2010-05-28 00:26:59 268 ----a-w- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2010-05-28 00:26:31 0 d-----w- c:\program files (x86)\common files\Wise Installation Wizard
2010-05-27 23:24:09 0 d-----w- c:\windows\Panther
2010-05-27 23:04:26 0 d-----w- c:\programdata\Blizzard Entertainment
2010-05-27 21:47:58 0 d-----w- c:\programdata\NVIDIA
2010-05-27 21:47:41 0 d-----w- c:\program files (x86)\NVIDIA Corporation
2010-05-27 21:47:38 0 d-sh--w- c:\windows\Installer
2010-05-27 21:47:36 0 d-----w- c:\program files\NVIDIA Corporation
2010-05-27 21:13:06 0 d-----w- c:\windows\syswow64\Wat
2010-05-27 21:13:05 0 d-----w- c:\windows\system32\Wat
2010-05-27 20:20:44 311808 ----a-w- c:\windows\system32\msv1_0.dll
2010-05-27 20:20:44 257024 ----a-w- c:\windows\syswow64\msv1_0.dll
2010-05-27 20:16:46 464896 ----a-w- c:\windows\system32\drivers\srv.sys
2010-05-27 20:16:46 162304 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-05-27 20:16:07 46592 ----a-w- c:\windows\system32\msasn1.dll
2010-05-27 20:16:07 34816 ----a-w- c:\windows\syswow64\msasn1.dll
2010-05-27 20:16:05 0 d-----w- c:\programdata\Blizzard
2010-05-27 19:48:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-05-27 19:39:27 0 d-----w- c:\program files (x86)\common files\Blizzard Entertainment
2010-05-27 19:33:20 220672 ----a-w- c:\windows\system32\wintrust.dll
2010-05-27 19:33:20 172032 ----a-w- c:\windows\syswow64\wintrust.dll
2010-05-27 19:33:19 139264 ----a-w- c:\windows\system32\cabview.dll
2010-05-27 19:33:19 132608 ----a-w- c:\windows\syswow64\cabview.dll

==================== Find3M ====================

2010-04-29 09:47:50 499712 ----a-w- c:\windows\syswow64\msvcp71.dll
2010-04-29 09:47:50 348160 ----a-w- c:\windows\syswow64\msvcr71.dll
2010-04-23 07:13:36 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-04-23 07:11:58 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-08 17:33:00 95520 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 17:33:00 119584 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-08 17:20:02 91424 ----a-w- c:\windows\syswow64\dnssd.dll
2010-04-08 17:20:02 107808 ----a-w- c:\windows\syswow64\dns-sd.exe
2010-04-03 22:42:00 61032 ----a-w- c:\windows\system32\nvshext.dll
2010-04-03 22:42:00 159336 ----a-w- c:\windows\system32\nvvsvc.exe
2010-04-03 22:42:00 14828648 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 22:42:00 116328 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 22:42:00 1067624 ----a-w- c:\windows\system32\nvsvc64.dll
2010-03-08 21:59:59 612352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-08 21:33:56 427520 ----a-w- c:\windows\syswow64\vbscript.dll
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 0:03:29.82 ===============

Attached Files


Edited by littleneko, 06 June 2010 - 02:04 AM.


BC AdBot (Login to Remove)

 


#2 littleneko

littleneko
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 07 June 2010 - 01:34 AM

I ended up reformatting my drive because i got a bit antsy and annoyed. However, I found out that our router had the default password (my husband forgot to create a new password after he had reset it a while back). dry.gif He created a new password yesterday, but the new password didn't get rid of the bug. Today we remembered to see if the trojan was only affecting our router. When we hooked a couple of our computers directly to the modem we couldn't ping jsc.google-analytics.com. We then hooked the computers back up to the network and reset the router. I guess the combination of a new password and resetting the router ended up working. Is it possible that the trojan only affected the router? How can I check to make sure that it's still not on our computers/router?

Edited by littleneko, 07 June 2010 - 01:41 AM.


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,115 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:19 AM

Posted 08 June 2010 - 07:44 AM

Sounds indeed like the router was the problem. Often routers get infected by malware that affect settings. The simplest solutions is a reset. To make sure in the future you rule out this possibility, try to reset the router and see if that solves the problem. No malware survives a reformat of the computer and a router reset.

As a side note, malware can also spread from one computer to another one if both are using the same router.

I will now close this topic, if you need it reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users