Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bogus virus scan software removal


  • This topic is locked This topic is locked
41 replies to this topic

#1 Brett James

Brett James

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 14 June 2011 - 02:52 PM

I executed some bogus virus scan last Friday. Once I realized what I had done, I tried to go into task manager to kill the process but the tab was disabled. I then shut down the PC, booted in safe mode and ran Malware bytes. The first run found several infected objects and when I ran it again, it found a couple more. On the 3rd run it found nothing. I then booted normally, and I noticed getting the following Loader Error message, "The procedure entry point HttpQueryInfoA could not be located in the dynamic link library WININET.dll" When I try to kick off Adaware this message comes up. And when I try to run a virus scan using McAfee this message comes up. And when I do certain searches in Google, and click on a result link, the browser is being redirected to other bogus sites. I was able to install Microsoft's Malicious software removal tool but if never found the malicious code

.
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Brett at 13:24:25 on 2011-06-14
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.2110 [GMT -4:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
svchost.exe
C:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.staffmarket.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
uDefault_Page_URL = hxxp://www.dell4me.com/mywaybiz
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110511043102.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [eFax 4.2] "c:\program files\efax messenger 4.2\J2GDllCmd.exe" /R
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
uPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,96/mcinsctl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://active.macromedia.com/flash2/cabs/swflash.cab
TCP: Interfaces\{7C82891D-C80E-4407-AE10-F82622F1095F} : NameServer = 65.32.1.65,65.32.1.130
Notify: GoToMyPC - c:\program files\citrix\gotomypc\G2WinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
.
============= FINISH: 13:26:07.28 ===============

The WININET.dll eror message is also popping up when I try to open any pdf files.

EDIT: Posts merged ~Budapest

Attached Files


Edited by Budapest, 17 June 2011 - 06:52 PM.


BC AdBot (Login to Remove)

 


#2 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 20 June 2011 - 09:53 AM

I now can't even get Windows to load. I'm receiving the following error when trying to log in to Windows

services.exe Application Error
The instruction at "0x003f31dc" referenced memory at "0x1000816c". The memory could not be "read"

When I then click OK, I get a System Shutdown message

The system process
'C\\Windows\system32\services.exe' terminated unexpectedly
with status code 1073741819 The system will now shut down and restart

And then it counts down and reboots and does it all over again.

#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 22 June 2011 - 08:57 AM

Hello and sorry for the delay. Have you tried Safe Mode and if so, does that have the same problem?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#4 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 22 June 2011 - 12:05 PM

I've since takem my problem to the next level. I downloaded and burnt an Ultimate Boot CD, which basically boots a version of linux and contains various tools, including Avira anti-virus. I ran it and it detected a trojan, which it remamed. However, when I now try to boot back into Windows, the initial Windows logo page comes up and then blue screens. The blue screen message says that a problem has been detected in Windows and has shut down to prevent damage. It then tells me to check for viruses.

#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 22 June 2011 - 01:32 PM

Hi again,

We Need to Diagnose Your BlueScreen
  • When you boot your machine, press F8 to list the startup options, exactly as you would if you were trying to enter Safe Mode
  • Select "Disable Automatic Restart on System Failure", as shown here:
    Posted Image
  • When your system BSODs, write down the STOP error code, as well as any written out error message back here. The STOP error will always appear, but the message may not. You are looking for this:
    Posted Image
Please post me the error(s).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 22 June 2011 - 02:29 PM

I didn't get any message like the Page_Fault message you show but here is the stop code
STOP: 0x0000007B (0xBA4C3524, 0xC000000E, 0x00000000, 0x00000000)

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 22 June 2011 - 03:54 PM

Can you remember what kind of threat was detected and/or what file was deleted?

Do you have a Windows install disk?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 22 June 2011 - 04:19 PM

I run a Dell and I found a Dell reinstallation CD for Win XP

And when I ran the Avira virus scan, it found TR/Patched.gen which it said was a trojan and renamed the windows/system32/drivers/volsnap.sys to a .xxx file

It was after that that I began getting the blue screen

Are you in Romania now? If so, it's after midnight there. What hours do you work this site? I'm in Florida and it's about 5:30PM here. I have to leave here in about 15 minutes and won't be back until tomorrow morning.

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 23 June 2011 - 01:55 AM

Hi Brett, that is very helpful information as we now know the cause of the BSOD. :)

Do the following with your Dell CD. If it does NOT give the options as described, do not continue!!

  • Insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer.

  • If your PC is not booting from the CD, you need to change the boot order:
    • Restart your PC
    • As soon as you get an image, press the Setup key. This is usually F2, or Del. On some machines the key can also be a different one. It should, however, be stated on the screen which key is the setup key.
    • Once you enter the computer's BIOS, use the arrow keys and tab key to move between elements. Press enter to select an item to change.
    • Navigate to the tab, where you can set the boot order. It should be called Boot or Boot order
    • The tab should now show your current boot order.
      If the CD-drive is not at the top, please navigate to the CD-Rom drive with the keys arrows. Then move it to the top of the list. The keys for switching boot position are usually + to move up and - to move down. However they can be different, but they should be stated in the help, so that you can find them easily.
    • Once the CD-drive is on top of the boot order, navigate to Exit and select Exit saving changes.
  • Your PC should now boot from your XP-CD.
    Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted.

  • When the "Welcome to Setup" screen appears, press R to start the Recovery Console.
  • When prompted to choose a windows installation, type 1 and press enter.
  • When you are prompted, type the Administrator password. If the administrator password is blank, just press ENTER.

  • A command prompt will open
Type the following lines and press enter after each line.

cd system32\drivers

copy c:\windows\servicepackfiles\i386\volsnap.sys volsnap.sys

exit


Let me know if your computer boots normally now.


Yes, I am in Romania now. Nobody at this site has fixed hours, as we are all volunteers (who sometimes have too much free time on their hands and spend it in front of a computer... :wink:).

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 23 June 2011 - 09:33 AM

Unfortunately, I don't know the admin password and just hitting enter just returns "the password is not valid"

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 23 June 2011 - 10:08 AM

In that case, do the following.

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer
  • Run GETxPUD.exe
  • A new folder will appear on the desktop.
  • Open the GETxPUD folder and click on the get&burn.bat
  • The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  • Click on Start and follow the prompts to burn the image to a CD.
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your Windows partition (usually sda1).
    Navigate to /mnt/sda1/Windows/servicepackfiles/i386/volsnap.sys <-- right click on that file and select Copy.

    Now navigate to /mnt/sda1/windows/system32/drivers, right click in an empty space in this folder and select Paste.
    This will paste volsnap.sys in the right folder.

Now restart your computer normally and let me know what happens.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 23 June 2011 - 10:56 AM

The Windows logo page comes up and then blue screen. However the message has changed.

Stop: c000021a fatal system error
Windows logon process system process term
0xc0000135 (0x00000000 0x00000000)

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 23 June 2011 - 11:04 AM

Making progress. :)

Using xPUD, navigate to /mnt/sda1/windows/servicepackfiles/i386/winlogon.exe <--right click this file, select copy.

Now navigate to /mnt/sda1/windows/system32 and look for winlogon.exe. If there, rename it to winlogon.vir
After doing that, click in an empty space in that folder and select Paste. This will paste the copied winlogon.exe in the system32 folder.

When done, reboot normally.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 Brett James

Brett James
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:54 PM

Posted 23 June 2011 - 11:27 AM

No change, same blue screen message

#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,321 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:54 PM

Posted 23 June 2011 - 11:40 AM

Download driver.sh to your USB drive
  • Remove the USB & CD and insert it in the sick computer
  • Boot the Sick computer with the CD you just burned
  • The computer must be set to boot from the CD
  • Gently tap F12 and choose to boot from the CD
  • Follow the prompts
  • A Welcome to xPUD screen will appear
  • Press File
  • Expand mnt
  • sda1,2...usually corresponds to your HDD
  • sdb1 is likely your USB
  • Click on the folder that represents your USB drive (sdb1 ?)
  • Confirm that you see driver.sh that you downloaded there
  • Press Tool at the top
  • Choose Open Terminal
  • Type bash driver.sh -f
  • Press Enter
  • Type winlogon.exe and press enter.
  • After it has finished a report will be located on your USB drive named filefind.txt
  • Remove the USB drive and insert it back in your working computer and navigate to filefind.txt

    Please note - all text entries are case sensitive
Copy and paste the filefind.txt for my review

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users