-
Translator Team
Hi,
I recently opened an attachment to a friends e-mail, and got surprised it was "empty" (it only displayed, when opened, the contents of the directory who contained it, changing contents if the directory was changed). After that, all shortcuts to Internet Explorer and Windows Media Player disappeared from my desktop. I tried to look after the executables in the system directories, but they disappeared too.
Can you help remove this threat?
Thanks a lot
Tecolote
Sorry, I forgot the log.
Here we go:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:41:57, on 26/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Arquivos de programas\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\notepad.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Arquivos de programas\SGPSA\BHO.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Arquivos de programas\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SGPUpdater] C:\Arquivos de programas\Search Guard PlusU\sgpUpdaters.exe
O4 - HKLM\..\Run: [FBSearch] C:\Arquivos de programas\Search Guard Plus\SearchGuardPlus.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4598 bytes
Last edited by tashi; 2009-10-27 at 02:32.
Reason: Merged 2 posts
-
hi Tecolote,
Your log is a few days old. If you still need help just reply to my post and we will begin.
-
Translator Team
Shell Life,
Thanks for employing your time helping us. I figure that even with some experience accumulated and taking most precautions, you are never 100% protected against those threats.
Shall we?
Thanks once more,
Tecolote
-
Translator Team
Thank you, shelf life!!!
-
hi Tecolote,
"Shell Life," no problem, I have been called worse than that.
HJT log looks ok.
I don't recognize antivirus software in the log. Do you have updated AV installed? You have done a scan recently also?
Iam also not familiar with this:
Search Guard PlusU
Is this something you installed yourself?
We might get a better look for any malware using DDS. Link and directions:
Please download DDS and save it to your desktop.
Disable any script blocking protection Double click dds.scr to run the tool. When done, DDS.txt will open.
Save both reports to your desktop.
Copy/paste both logs in your reply.
You can also download, install and run Malwarebytes as a check for malware and keep it as a anti-malware app. Link and directions:
Please download Malwarebytes to your desktop.
Double-click mbam-setup.exe and follow the prompts to install the program.
Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click *Remove Selected.*
*A restart of your computer most likely will be required to remove some items.If prompted select yes to restart.*
When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.
-
Translator Team
I don't have any AV installed in the moment. Gonna try a free one later, maybe AVG.
That "Search Guard PlusU" is strange to me. It seems to be a Yahoo search tool. Is it a possible threat? I suspect a little form those relationship sites (orkut, meebo, e-buddy) my brother subscribed to; it could be part of their "subscription package". Not sure, tho (haven't read their eula, and that's probably also my brother's case).
Below, the DDS' logs.
DDS (Ver_09-10-26.01) - NTFSx86
Run by Pablo at 19:53:37,46 on qua 28/10/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.55.1046.18.511.279 [GMT -2:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Arquivos de programas\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com.br/
uSearch Page =
uSearch Bar =
mSearchAssistant =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\arquivos de programas\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: Search Assistant: {f0626a63-410b-45e2-99a1-3f2475b2d695} - c:\arquivos de programas\sgpsa\BHO.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\arquivos de programas\messenger\msmsgs.exe" /background
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [SpeedTouch USB Diagnostics] "c:\arquivos de programas\alcatel\speedtouch usb\Dragdiag.exe" /icon
mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SGPUpdater] c:\arquivos de programas\search guard plusu\sgpUpdaters.exe
mRun: [FBSearch] c:\arquivos de programas\search guard plus\SearchGuardPlus.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\adobeg~1.lnk - c:\arquivos de programas\arquivos comuns\adobe\calibration\Adobe Gamma Loader.exe
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~3\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\arquivos de programas\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\arquivos de programas\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~3\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL
============= SERVICES / DRIVERS ===============
R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [2002-6-10 31232]
S2 bajjcbom;skklpopo;c:\windows\system32\svchost.exe -k netsvcs [2006-3-2 14336]
S3 alcan5ln;Alcatel SpeedTouch(tm) USB ADSL RFC1483 Networking Driver (NDIS);c:\windows\system32\drivers\alcan5ln.sys [2009-6-11 36048]
=============== Created Last 30 ================
2009-10-28 21:19:43 4045528 ----a-w- c:\arquivos de programas\mbam-setup.exe
2009-10-28 21:07:40 523776 ----a-w- c:\arquivos de programas\dds.scr
2009-10-26 22:41:29 0 d-----w- c:\arquivos de programas\Trend Micro
2009-10-26 22:36:30 812344 ----a-w- c:\arquivos de programas\HJTInstall.exe
2009-10-20 22:29:08 0 d-----w- c:\windows\system32\Adobe
==================== Find3M ====================
2009-08-25 02:35:53 17695920 ----a-w- c:\arquivos de programas\PDFCreator-0_9_8_setup.exe
2009-08-22 00:11:17 7658952 ----a-w- c:\arquivos de programas\daemon4304-lite.exe
2009-07-31 12:47:04 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-31 12:47:04 348160 ----a-w- c:\windows\system32\msvcr71.dll
2001-11-23 04:08:20 712704 ----a-r- c:\windows\inf\other\AUDIO3D.DLL
2006-03-02 12:00:00 2629632 --sha-r- c:\windows\system32\pmgkaj.dll
============= FINISH: 19:53:46,42 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-10-26.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 11/6/2009 12:23:22
System Uptime: 28/10/2009 19:01:56 (0 hours ago)
Motherboard: ECS | | M863
Processor: AMD Athlon(tm) XP 2700+ | CPU 1 | 2166/166mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 67,795 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Modem PCI
Device ID: PCI\VEN_1039&DEV_7013&SUBSYS_0C041019&REV_A0\3&267A616A&0&16
Manufacturer:
Name: Modem PCI
PNP Device ID: PCI\VEN_1039&DEV_7013&SUBSYS_0C041019&REV_A0\3&267A616A&0&16
Service:
==== System Restore Points ===================
RP1: 31/7/2009 09:56:01 - Ponto de verificação do sistema
RP2: 25/1/2005 02:12:44 - Ponto de verificação do sistema
RP3: 25/1/2005 01:40:42 - Ponto de verificação do sistema
RP4: 21/8/2009 11:20:49 - Ponto de verificação do sistema
RP5: 21/8/2009 22:54:41 - SPTD setup V1.58
RP6: 24/8/2009 23:49:57 - Ponto de verificação do sistema
RP7: 24/8/2009 23:59:17 - Driver de impressão PDFCreator instalado
RP8: 25/1/2005 04:23:28 - Ponto de verificação do sistema
RP9: 25/1/2005 00:28:48 - Ponto de verificação do sistema
RP10: 27/8/2009 14:10:51 - Ponto de verificação do sistema
RP11: 25/1/2005 01:09:16 - Ponto de verificação do sistema
RP12: 25/1/2005 00:17:03 - Ponto de verificação do sistema
RP13: 3/9/2009 13:00:41 - Instalado Microsoft Office Professional Edição 2003
RP14: 25/1/2005 00:19:45 - Ponto de verificação do sistema
RP15: 12/9/2009 11:45:00 - Ponto de verificação do sistema
RP16: 17/9/2009 20:00:26 - Ponto de verificação do sistema
RP17: 25/1/2005 00:54:18 - Ponto de verificação do sistema
RP18: 25/1/2005 00:38:57 - Ponto de verificação do sistema
RP19: 24/9/2009 13:34:43 - Ponto de verificação do sistema
RP20: 25/9/2009 15:42:22 - Ponto de verificação do sistema
RP21: 25/1/2005 01:43:47 - Ponto de verificação do sistema
RP22: 30/9/2009 11:55:26 - Ponto de verificação do sistema
RP23: 25/1/2005 01:57:28 - Ponto de verificação do sistema
RP24: 25/1/2005 00:57:17 - Ponto de verificação do sistema
RP25: 2/10/2009 09:10:13 - Ponto de verificação do sistema
RP26: 25/1/2005 01:55:46 - Ponto de verificação do sistema
RP27: 7/10/2009 14:05:26 - Ponto de verificação do sistema
RP28: 8/10/2009 19:50:15 - Ponto de verificação do sistema
RP29: 25/1/2005 01:50:27 - Ponto de verificação do sistema
RP30: 10/10/2009 15:15:40 - Ponto de verificação do sistema
RP31: 25/1/2005 02:56:03 - Ponto de verificação do sistema
RP32: 17/10/2009 12:39:30 - Ponto de verificação do sistema
RP33: 25/1/2005 00:24:01 - Ponto de verificação do sistema
==== Installed Programs ======================
7-Zip 4.42
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS
Adobe Reader 9.1 - Português
Adobe Shockwave Player 11.5
Alcatel SpeedTouch USB Software
Atualização para Windows XP (KB911164)
C-Media 3D Audio
C-Media WDM Audio Driver
Counter-Strike: Source
DAEMON Tools Toolbar
HijackThis 2.0.2
HP PrecisionScan LTX
Microsoft Office Professional Edição 2003
Microsoft Silverlight
NVIDIA Drivers
PDFCreator
PPP over Ethernet Protocol 0.98
Search Guard Plus (My Tattoons)
Search Guard Plus Updater (My Tattoons)
Skype web features
Skype™ 4.1
SModem 1.0
TurboADSL 0.98
Tweak UI
WebFldrs XP
Windows Internet Explorer 8
WOW
Xvid 1.2.1 final uninstall
==== End Of File ===========================
Unfortunatelly, Malwarebytes refuses to update. The window that pops-up lists an error code to be informed to the support, but i can't acceess their website (malwarebytes.org). I have reasons to suspect something is blocking links to security expert sites. I had the same troble trying to download DDS (i googled then download it from cnet) and even HijackThis! I just can't follow these links. Take a look at the address full link:
http://fastbrowsersearch.com/results...b2intl_amer_br
What is this so-called "fastbrowsersearch.com" doing there? It's address always precedes whatever link my iexplorer can't open. I think my pc got hijacked, and this is the reason why the program doesn't update. I think we should attack this hijacker first...
Anyway, i scanned the hard disk with the outdated definitions. The log:
Malwarebytes' Anti-Malware 1.41
Versão do banco de dados: 2775
Windows 5.1.2600 Service Pack 2
28/10/2009 20:57:45
mbam-log-2009-10-28 (20-57-45).txt
Tipo de Verificação: Completa (C:\|)
Objetos verificados: 142406
Tempo decorrido: 18 minute(s), 46 second(s)
Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 0
Valores do Registro infectados: 0
Ítens do Registro infectados: 1
Pastas infectadas: 0
Arquivos infectados: 0
Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)
Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)
Chaves do Registro infectadas:
(Nenhum ítem malicioso foi detectado)
Valores do Registro infectados:
(Nenhum ítem malicioso foi detectado)
Ítens do Registro infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
Pastas infectadas:
(Nenhum ítem malicioso foi detectado)
Arquivos infectados:
(Nenhum ítem malicioso foi detectado)
The log was created prior to the manual elimination of one detected hijacker. And the links still won't open.
That's it. I'll wait further instructions.
-
hi,
thanks for all the information. Lets start by getting rid of search guard plus, its garbage.
At the link below read whats under each of the tabs. Follow along to remove it and reset IE 8.0 search provider.
After all is done reboot and see if your browsing searches are ok now.
Link:
http://www.searchguardplus.com/default.aspx
-
Translator Team
This Searchguard really sucks. After uninstallation, and following all of their site instructions, it was still the default search provider. Can i wipe it out?
There was a single improvement: the download link to DDS now works. The others (malwarebytes.org, trendmicro's HJT) remain not opening. Seems like their sites are blacklisted... Is something crawling deeper in my pc?
-
hi,
With IE open go to tools>internet options> click on the Programs Tab then on Manage add-ons. see if you can delete/remove the search provider that way.
Next under the advanced tab click on Re-set button, then click apply and ok. Close and restart IE. We will do a online scan then get another download to use.
You really should get a Antivirus installed as soon as possible.
You can do a online scan here;
ESET online scanner:
http://www.eset.com/onlinescan/
uses Internet Explorer only
check "YES" to accept terms
click start button
allow the ActiveX component to install
click the start button. the Scanner will update.
check both "Remove found threats" and "Scan unwanted applications"
click scan
when done you can find the scan log at:C:\Program Files\EsetOnlineScanner\log.txt
please copy/paste that log in next reply.
We will get another download to use. Its called combofix. There is a guide to read first. Read the guide, download combofix to your desktop, double click the icon and follow the prompts. Post the log in your reply:
Guide to using Combofix
-
Translator Team
I manually removed SafeGuardPlus via Tools option. But is it surely removed? If it didn't disappear the first time, via Control Panel, why should we believe it's gone now?
I also did reset IE configurations to all deafult settings, and erased all temporary files, forms and user names and passwords, but there are still web pages not opening, including ESET online scanner.
Will post the Combofix log in the next reply.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules