Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Google redirection in Hosts file - can someone help with HijackThis

Posted on 2012-03-25
64
1,031 Views
Last Modified: 2013-12-09
hijackthis-blackpc.txtWe have a PC that has played up for sometime. I installed Malwarebytes and this keeps finding trojans everyday so I ran HijackThis and found the following redirections in the Hosts file in the HJThis log:

O1 - Hosts: 87.229.126.50 www.google.com
O1 - Hosts: 87.229.126.51 www.bing.com

This is a hacked Hungarian IP and wonder if someone could take a look at the attached log and advise me on if there is anything else, and how to correct the problem. I presume if I simply correct the Hosts file it will keep returning?

Thanks in advance.
0
Comment
Question by:mikeabc27
  • 35
  • 20
  • 5
  • +2
64 Comments
 
LVL 7

Expert Comment

by:PaulNSW
ID: 37764592
Hello,

yes, just remove them from your hosts file.  You will need to run your text editor "as administrator" if you are using 7 or Vista

Your hosts file should look something like this

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	127.0.0.1       localhost
#	::1             localhost

Open in new window

0
 

Author Comment

by:mikeabc27
ID: 37764658
You don't think some malware will reset it back to the bogus IP?
0
 
LVL 7

Expert Comment

by:PaulNSW
ID: 37764669
Yes, by the looks of your log, you are still infected

C:\Documents and Settings\ros.WINDSORVOICE\jx0mj09vaz.exe

seems to be the main culprit, but it has also added entries to your start up sequence.

Try running a full scan with MalwareBytes anti-malware. It would be best to download this from another PC, then install/run/transfer from USB to the infected PC

You should also run a full scan for viruses using your AV software
0
Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

 

Author Comment

by:mikeabc27
ID: 37764680
Paul, I was going to remove the lines from the Hosts file first, then download Combofix and reboot in Safe Mode and run Combofix.

This is because I find Combofix more powerful than Mbam.

What do you think?
0
 
LVL 7

Expert Comment

by:PaulNSW
ID: 37764713
if you are doing this on the infected PC, I would recommend killing the process called
jx0mj09vaz.exe before changing the hosts file and downloading combofix

Then download Combofix and run it from safemode, I would also run it again once you are back in normal mode, as there may be some remnants left in the infected user's profile

I don't have any experience with Combofix, so cannot vouch for its power
0
 

Author Comment

by:mikeabc27
ID: 37764791
Thanks, good point.
0
 

Author Comment

by:mikeabc27
ID: 37765074
The Hosts file is greyed out and won't allow us to save any changes. Have added Everyone with All Rights in Security but still won't save.
0
 
LVL 7

Expert Comment

by:PaulNSW
ID: 37765187
Right click the hosts file, Properties, uncheck the box that says:

Read-only

Click OK.
0
 

Author Comment

by:mikeabc27
ID: 37765200
Won't have access to PC until later but will check Read Only and Hidden are unchecked.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 37765243
Good idea to just use comboFix on it(not in safe mode), run it in normal mode unless the PC can only boot in safe mode.

ComboFix will catch the bad files/reg entries and will also restore the Hosts file to MS default, so no need to manually editing the Hosts file.

Any bad files that combofix will not delete we can delete using its script function so we also need to see the combofix log.
0
 

Author Comment

by:mikeabc27
ID: 37765398
The end user tried downloading combofix but says he gets a regsvr.dll file missing when he tries to get on the Internet.

So I'll get him to download from bleepingcomputer.com on another PC and transfer on a stick.

I always thought it was better to run Combofix in Safe Mode.

Thanks,

Mike
0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 37765584
Most antimalware apps  are designed to do their best job in normal mode.  also once this gets straightened out, you should install the hosts files from mvps.com.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 37765591
Most tools we use these days are designed to be run in normal mode specially tools like MalwareBytes and ComboFix, they work best in normal mode where malware/viruses are active.
0
 
LVL 7

Expert Comment

by:PaulNSW
ID: 37765609
Each user on XP and above has their own user profile folder and registry hive.

A lot of viruses infect a user's personal registry hive

If you run from Safe Mode, you are logging in to the Administrator account. You will have access to to files of all user accounts on the machine, but only the Administrator registry hive will be loaded.  

To clean the infection you maybe should run ComboFix from the infected users profile, then again from an administrative profile
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37765759
Hi. Mikeabc27 ,

Did you happen to ask the user if they saw a application popup that said something along the lines of "<fill-in> Fortress 2012"? You definitely have the signs of the new rootkit going around. Your beat bet is to get information from the user at that station. If you can get more info from them like time it happened ad especially if they noticed any weird/annoying  applications that popup while surfing certain www areas.

Main cause is the user self infecting the system browsing casually.
0
 

Author Comment

by:mikeabc27
ID: 37766726
Hi Russell,

No av software pop up for only $29,99 which I imagine is what Fortress 2012 is.

Simply getting Mbam finding lots of trojans and can't get onto the Internet.

Thanks,

Mike
0
 
LVL 15

Accepted Solution

by:
Russell_Venable earned 500 total points
ID: 37767821
Well, Can you post the mbam log and the combofix log after you have accomplished that? Combofix will take care of the host file in part of its sweep. The other files listed should be taken care of as well as there not in the usual places.

O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe <-- that is not normal at all.
O4 - HKCU\..\Run: [swg] "C:\WINDOWS\system32\regsvr32.exe" <-- neither is this. Try uninstall the Google toolbar and see if this entry goes away.
O4 - HKCU\..\Run: [jx0mj09vaz] C:\Documents and Settings\ros.WINDSORVOICE\jx0mj09vaz.exe  <-- without a doubt is the location and the startup point for this malware.

I take it that malcolms1.plus.com is from some kind of media manager?
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://81.174.154.113/ssi.cgi/cab/OCXChecker_8300.cab

Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" <--  Version 9.0 is Vulnerable to remote exploitation

Current java is Version 6 Update 31. Your good to go there.

This infection appears to be a media download or drive-by attack from the looks of what you have given so far. Its too early to tell so far. You definitely have vulnerabilities open as pointed out.

Can't get on internet or just cannot browse using the browser? Try open up command prompt and issue a command of "ping -a www.msn.com" and see if you get a response like.

Pinging www.msn.com [0.0.0.0] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Open in new window

or a successful ping

Pinging us.co1.cb3.glbdns.microsoft.com [65.55.84.56] with 32 bytes of data:
Reply from 65.55.84.56: bytes=32 time=66ms TTL=55
Reply from 65.55.84.56: bytes=32 time=65ms TTL=55
Reply from 65.55.84.56: bytes=32 time=67ms TTL=55
Reply from 65.55.84.56: bytes=32 time=68ms TTL=55

Ping statistics for 65.55.84.56:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 65ms, Maximum = 68ms, Average = 66ms

Open in new window

0
 
LVL 27

Expert Comment

by:Thomas Zucker-Scharff
ID: 37767864
In terms of the hosts file I forgot to post a link

http://www.mvps.org/winhelp2002/hosts.htm
0
 

Author Comment

by:mikeabc27
ID: 37768424
Thanks, will go through all your comments now but uploading a very large combofix now for you to see.
0
 

Author Comment

by:mikeabc27
ID: 37768439
submitted last post before file fully downloaded
ComboFix-black-pc.txt
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37768561
I believe you are familiar with this object for extending vbscripts functionality to the registry? From the looks of the combofix log. A fellow developer. :)
c:\windows\system32\regobj.dll <-- Combofix removed this and some of your scripts or software may fail now.  These are side effects of using combofix.

If you need to replace this file it shouldn't be that hard.

Did not see these files in the original Hijackthis report.
c:\documents and settings\malcolm\OriadorRota.exe
c:\documents and settings\Administrator.STUDIO\Application Data\Buniu\udvo.tmp
c:\documents and settings\Administrator.STUDIO\Application Data\Buniu\udvo.ybg

This malware obviously uses file-parsing evasion vulnerabilities in norton to slip past your antivirus. In other words the PE file's bytes where changed in certain areas to change its signature bypassing detection. Norton is the top AV target for this type of attack. Certainly not the only one. Its just easier when your source code is stolen and sold on the black market.

Its also obvious that your installation of Norton is corrupt. Reinstalling after securely obliterating this threat is highly encouraged and will restore protection.

Are you still getting redirected? Any symptoms still showing?
0
 

Author Comment

by:mikeabc27
ID: 37768855
mbam report attached
mbam.jpg
0
 

Author Comment

by:mikeabc27
ID: 37768922
Combofix sorted the Hosts files - not hidden or read only. All good except being told the message from Regsvr 32 " no dll name specified " is still coming up especially when connecting to the internet google. Would your suggestion to uninstall google toolbar sort this?
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37768961
You have a banker malware. This specific type of trojan targets banking information.

What do you get when you when your run this command from the command prompt?

REG QUERY "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v load

Open in new window

0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37768975
If your still getting that message. Its related to this
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\windows\system32\regsvr32.exe"


A few different varient actually disguise itself as actual microsoft tools and also remove services and takes its place in by registering as that products.
0
 

Author Comment

by:mikeabc27
ID: 37769992
I've emailed the user to run the line at the DOS prompt.

What should we do about the entry in the registry?
0
 

Author Comment

by:mikeabc27
ID: 37770058
reply at DOS prompt attached
ee.jpg
0
 

Author Comment

by:mikeabc27
ID: 37770553
Does anyone have any ideas from the Combofix log on any action I need to take? Also I missed Paul's comment earlier about running Combofix as admin then as the user, is this advisable - I've not heard this before?

Once I have done any additional cleaning suggested I will reboot, run a full Malwarebytes scan, and if this shows as all clear, remove and reinstall Symantec Endpoint as Russell suggests.

Any thoughts?
0
 

Author Comment

by:mikeabc27
ID: 37770930
I meant to add as Russell pointed out I need to reinstall a fresh regobj.dll.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37771842
Well that is if you use it. If not then don't worry about it. It's not a default installation file, so if you don't restore it then no fowl will become of it.

As far as the registry entry, it needs to be removed along with the google toolbar if not already accomplished.  If the user is still getting that error message every time they open there browser then it's connected with whatever is attached to the browser.

Take another run with combofix and post that log if it's still spawning those files we have not rid if the startup method and it should show what has not been done yet.
0
 

Author Comment

by:mikeabc27
ID: 37771979
Thanks I was just sending the end user an update before I saw your post where I said.

"If you have an hour to spare later can you do the following:

1. I think you would have been logged on as Malcolm when you ran Combofix yesterday. If so, can you run it again logged on as Ros. It's said that to clean the pc properly it should be done from the infected users profile. I can't vouch for this thought as I would have normally ran it logged on as the main user, but I do tend to run Combofix twice. Please email me the log. Reboot.
2. If you are still getting the regsvr32 error we need to sort that as we need this tool to register the replacement for the infected DLL file that Combofix deleted. As this may involve editing the registry please ring me and I will do remotely. Once finished I'll reboot.
3. When we've done this, please run a full scan on Malwarebytes. This will produce a report. Please email me this to me rather than a screenshot of the results page as the report contains a lot more information. Reboot.
4. Please run HijackThis and email me the log.

That's it, if the Combofix, Malwarebytes and HijackThis logs are clean we can consider it done."

Russell, I'll remove the line you pinpointed when I'm in remotely. Will removing the google tbar sort the regsvr32 error?

I'll post all 3 logs once I have them - in around 6 hrs, 4.20pm here at the moment,

Thanks,

Mike
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37772971
It should fix the error being reported. Will know more when the logs are received.
0
 

Author Comment

by:mikeabc27
ID: 37773572
Google Toolbar now removed.

This PC is used mainly by A and B, and sometimes by C. First Combofix ran logged on as A. tried second one logged on as B run couldn't load CF, so just started one logged on as C,

Should have results in around 2 hrs.

We'll only be only to get combofix log done tonight.
0
 

Author Comment

by:mikeabc27
ID: 37775134
I didn't get the results in until late. It was run using a login rarely used but the one thet use as admin on this pc. Down from 985k to 14k.

Will run mbam now.
cf2-black-pc-malcolm.txt
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37775395
Ok, Just as suspected. Remove these 2 registry entries .

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\windows\system32\regsvr32.exe" [2008-04-14 11776]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"VF0560Inst"="c:\windows\system32\V0560Pin.dll" [2008-06-02 40960]

Just removing the first entry should remove the error.

Here is a few commands you can use to delete them manually. It looks like the infection is mostly wiped.
Reg delete HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v swg /f
Reg delete HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce /v VF0560Inst /f

Open in new window

0
 

Author Comment

by:mikeabc27
ID: 37775632
Thanks Russell, that's great.

I was going to delete the first line (as you suggested earlier) but will get the user to run the 2 lines from the command line logged in as admin or run as admin (can't remember if XP allows that).

Hopefully this should get rid of the "Regsvr32 no DDL name specified" error.

They are already using the pc so couldn't run mbam yest and won't be able to do this until later.

What about:

1. Delete the 2 reg entries from command line and reboot.
2. Run another combofix and reboot.
3. Run mbam full scan.
4. POst cf and mbam reports.

Thanks,

Mike
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37778367
Xp, allows to conditions. "Runas" utilizing login as user and also the more generic logging in as the actual administrator account by user switching. You dont have to reboot for those 2 keys to take effect. Though, it your trying to make sure it does not startup again and is not caused by something else, then a reboot is advised.

You have the right idea of doing another scan after the initial disinfection routines. Run (Combfix, MBAM) as you asked about and post. Shouldn't have anything left on the next reports.
0
 

Author Comment

by:mikeabc27
ID: 37780405
Sorry for delay - still waiting for the reports back. Hopefully will have soon time today.

I'm sure they will be clean, mainly want to check they have removed the two entries in registry correctly.
0
 

Author Comment

by:mikeabc27
ID: 37780588
Russell, lines run as well as mbam which reports clean - see attached.

They're still getting the regsvr32 error. I will have the combofix log late tonight and we will see if the 2 registry problems were removed properly.
mbam-log-2012-03-28--23-26-22-.txt
0
 

Author Comment

by:mikeabc27
ID: 37780604
I'm bound to be asked. The pc is used for emails and some Internet, though mbam blocks are dodgy sites. Any sign of how the file came in? Can't see them being stupid enough to open any unknown attachments.
0
 

Author Comment

by:mikeabc27
ID: 37786590
Just got the latest cf log in and the 2 offending registry entries are still there.

I will be logging in remotely tomorrow morning and will remove the entries manually.

Then will run combofix and post results,
blackpc-cf3.txt
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37787639
I've been kind of busy lately. Just dropping by to tell you I will be checking on this a little later on today.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37789649
Do you have "RegCure.exe" normally installed on this computer? From the looks of it. It could of came from anywhere. It makes it easier if the malware is caught, copied, and analyzed.

Malware is getting so advanced these days not even the antivirus company's can completely follow. They do a really good job for what there against, just isn't enough to stop all of it. Too many new tricks that bypass antivirus scans. Mostly offset changes. Doesn't take much.

Are they experiencing anything anymore? If there still getting the registry error. I would start looking at the registry cleaning programs. There have been a few around that are actually malicious and do this kind of exact behaviour. That is why I ask about "RegCure" and if its legit from your point of you.
0
 

Author Comment

by:mikeabc27
ID: 37790224
Thanks Russell, the 2 registry entries have been removed and after a reboot still getting regsvr32 error when they go on the Internet.

They say RegCure has been on for a few years and they definately did NOT pay for it, but not sure how it's on there.

If it's malicious what's the best way to remove it?

I normally use CCleaner but doesn't appear to be on this PC.

Will run combofix when issues sorted
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37791235
If its been on there for years and there hasn't been a incident because of it we will ignore this program for now. If you used CCleaner on that computer dont use the "cleaner" instead use "registry" Registry Exampleand selecting the option of "missing imported DLL's". If a Dynamic Link Library(DLL) is being referenced and there is no DLL to reference from you can get this error as well. This option helps clean those from the registry. If that doesn't clean it something else is sending that message particularly a executable file.
0
 

Author Comment

by:mikeabc27
ID: 37791842
OK, I'll ask them to san the registry for issues using ccleaner. Normally download fro hippofile.

Hopefully will fix the regsvr32 issue.
0
 

Author Comment

by:mikeabc27
ID: 37794762
CCleaner found 645 registry issues (many DDLs) on first run, 5 on second, 2 on third and 0 on fourth.

The regsvr32 error is still there, so I have asked them to remove RegCure in Add/Remove programs and if it's still there, I'll get them to run Combofix to check the reference tp regsvr32 is gone from the registry,

On the up side, the PC is performing better than is has for a long time.
0
 

Author Comment

by:mikeabc27
ID: 37796841
BTW, regsvr32 problem started after the second or third run of mbam.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37797551
Can you get a screenshot of the error message? I think it would be more informative if I actually saw what It was. Its also important to note that if the error message, if it really is a error. Should report a error number.

Example:
The module 'MyDll.dll' was loaded but the call to DllRegisterServer failed with error code 0x80004005.

Open in new window

This way I know what problem is really causing this and should be able to give a more specific approach.
0
 

Author Comment

by:mikeabc27
ID: 37800115
see attached screenshot
regsvr32.jpg
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37803128
Excellent! Now the other part. You can use "Regfind.exe" from the win2000 resource kit and pipe all the entries for "regsvr32" into a text file and post it here.

The command used with regfind would be:
regfind -y "regsvr32" > registry.txt

Open in new window

Here is a link to the kit in seperate pieces. Win2000 Resource Kit.

I will go through the list and spot exactly where its coming from or use Autoruns and save the information it collects and post it here.
0
 

Author Comment

by:mikeabc27
ID: 37804707
Thanks will post the registry.txt file as soon as I receive it.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37809026
Ok, Any news today?
0
 

Author Comment

by:mikeabc27
ID: 37809637
Sorry for delay, just sent a chasing email for the registry.txt file.
0
 

Author Comment

by:mikeabc27
ID: 37810188
Russell, just received an email to say the user was having a problem with this and needed to speak to me.

He uses this PC in the evenings (he's out tonight), normally when I've finished. so most contact is by email.

Anyway, I checked regfind on one of my own xp PCs and emailed him full step by step instructions. I didn't find any problems, the only thing I can think of is that he is not changing from the default user directory at the DOS prompt.

Thanks,

Mike
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37812038
It shouldn't matter what directory is used from the console. It's main goal is to search the structure of the registry and return and/or replace values therein. It sounds like part of the instructions given had "cd <some Dir>" included? Since regfind is a part of the resource kit and a console utility. Place it in the system32 directory by a simple drag and drop, then attempt to run the command with regrind. Other option is to have it already scripted out so the user only has to run 1 script to help automate and exclude user error.

Of course this must be from a privileged account to move/drop that file into system32 folder and read the HKEY_LOCAL_MACHINE.

In a batch file example.

@echo off
Rem Just using desktop as a good example after the file is unzipped directory on the desktop.
Rem another way if "unzip.exe" is already there: Unzip regfind.zip %windir%\system32 or
Move %userprofile%\desktop\regfind.exe %windir%\system32
Regfind -y "regsvr32">results.txt


That should be simple enough of a example. There are lots of good ways to write this.
0
 

Author Comment

by:mikeabc27
ID: 37813621
Thanks, I'll do remotely if he has any problems but not sure if the end user will contact me before the Easter holidays end, i.e Tuesday..
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37813942
Not a rush on my end. Do as you can :)
0
 

Author Comment

by:mikeabc27
ID: 37815359
Thanks Russell have a good weekend
0
 

Author Comment

by:mikeabc27
ID: 37833855
Sorry, still chasing and still getting excuses.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37835295
Gotcha. I'll be ready when it comes.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37859161
You can also cut down on the scan time by using this vbscript to scan the specific area, it will list all occurrences of regsvr32 in the file association commands.
getregsrv32.vbs
0
 

Author Closing Comment

by:mikeabc27
ID: 37862340
Russell, the real problem was sorted long ago so I'm closing this for now and will open new thread when the end user gets back to me.
0
 
LVL 15

Expert Comment

by:Russell_Venable
ID: 37863575
Ok.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of the most commonly posted questions in the "Virus & Malware" Zones are related to the family of rogue malware with the date "2012" somewhere in the title. Examples: XP Antispyware 2012 XP Antivirus 2012 XP Security 2012   XP Home Sec…
Malware seems to be getting smarter and smarter. If you are having trouble being able to launch your malware removal tools such as (and recommended): MalwareBytes, HiJackThis, ComboFix, etc. you can try some of the workarounds listed below. 1. Ma…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question