Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

slow pc + some suspicious files

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

slow pc + some suspicious files

Unread postby jeremye » January 22nd, 2011, 1:56 pm

PC (xp) on a go slow. i've tried the speedup tips elsewhere on the site.

In the HijackThis log I see one file that, for another victim, removal was recommended. There are several others that look dodgy I think, but I'd really appreciate some expert advice as I'm not confident about deleting.

Thanks for any help.
Here's the log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:02:44, on 22/01/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Kontiki\KService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\STDSB.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Carbonite\CarbonitePreinstaller.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\LogitechUpdate.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [STDSB] C:\WINDOWS\System32\STDSB.exe
O4 - HKLM\..\Run: [IW ControlCenter] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm588YYGB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.co.uk/SnapfishUKActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6291502968
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

--
End of file - 10847 bytes
jeremye
Active Member
 
Posts: 4
Joined: January 22nd, 2011, 1:45 pm
Advertisement
Register to Remove

Re: slow pc + some suspicious files

Unread postby askey127 » January 22nd, 2011, 7:41 pm

Hi jeremye,
Your machine is not up to date. That can allow infections that would otherwise be harmless.
Please do not scan, remove, or install anything unless I ask.
To facilitate the removal of infected items and allow our tools to function properly, we will be replacing AVG with Antivir.
-----------------------------------------------------------
Remove Registry items with HijackThis. Start HijackThis.
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: NetAssistantBHO - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - C:\Program Files\Freeze.com\NetAssistant\NetAssistant.dll
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... xdm588YYGB

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Save the Installer to your desktop, but don't run it yet.
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

AVG 10
<==whatever AVG is showing

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------
Install Antivir
Double Click the Avira Antivir Installer on your desktop, and Install the program.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more. Have it fix anything it finds.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.
-----------------------------------------------------------
Retrieve the List of Installed programs Using HJT
Open HijackThis, click Open The Misc Tools Section. Then scroll down the list if you need to, click Open Uninstall Manager and Save List...
The List of installed programs will automatically be saved as uninstall_list.txt in your HiJackThis folder.
In addition, the list opens in Notepad so you can also save as another name in another location if you wish.
Please paste the contents into your next reply.

So we are looking for the Antivir report and the HiJackThis Installed Programs List
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: slow pc + some suspicious files

Unread postby jeremye » January 25th, 2011, 1:38 pm

Hi Askey127,
Thanks very much for your help so far.
I've pasted in the Antivir log and uninstall list below.
BTW Would you recommend using Antivir instead of AVG in future?
Jeremye

Antivir log
-----------

Avira AntiVir Personal
Report file date: 24 January 2011 23:07

Scanning for 2421766 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : PUTA

Version information:
BUILD.DAT : 10.0.0.609 31824 Bytes 13/12/2010 09:43:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 13/12/2010 08:39:58
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:06
LUKE.DLL : 10.0.3.2 104296 Bytes 13/12/2010 08:40:08
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:50
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 23:03:10
VBASE002.VDF : 7.11.0.1 2048 Bytes 14/12/2010 23:03:10
VBASE003.VDF : 7.11.0.2 2048 Bytes 14/12/2010 23:03:10
VBASE004.VDF : 7.11.0.3 2048 Bytes 14/12/2010 23:03:12
VBASE005.VDF : 7.11.0.4 2048 Bytes 14/12/2010 23:03:12
VBASE006.VDF : 7.11.0.5 2048 Bytes 14/12/2010 23:03:12
VBASE007.VDF : 7.11.0.6 2048 Bytes 14/12/2010 23:03:12
VBASE008.VDF : 7.11.0.7 2048 Bytes 14/12/2010 23:03:12
VBASE009.VDF : 7.11.0.8 2048 Bytes 14/12/2010 23:03:12
VBASE010.VDF : 7.11.0.9 2048 Bytes 14/12/2010 23:03:12
VBASE011.VDF : 7.11.0.10 2048 Bytes 14/12/2010 23:03:12
VBASE012.VDF : 7.11.0.11 2048 Bytes 14/12/2010 23:03:12
VBASE013.VDF : 7.11.0.52 128000 Bytes 16/12/2010 23:03:14
VBASE014.VDF : 7.11.0.91 226816 Bytes 20/12/2010 23:03:16
VBASE015.VDF : 7.11.0.122 136192 Bytes 21/12/2010 23:03:18
VBASE016.VDF : 7.11.0.156 122880 Bytes 24/12/2010 23:03:20
VBASE017.VDF : 7.11.0.185 146944 Bytes 27/12/2010 23:03:22
VBASE018.VDF : 7.11.0.228 132608 Bytes 30/12/2010 23:03:24
VBASE019.VDF : 7.11.1.5 148480 Bytes 03/01/2011 23:03:26
VBASE020.VDF : 7.11.1.37 156672 Bytes 07/01/2011 23:03:28
VBASE021.VDF : 7.11.1.65 140800 Bytes 10/01/2011 23:03:30
VBASE022.VDF : 7.11.1.87 225280 Bytes 11/01/2011 23:03:32
VBASE023.VDF : 7.11.1.124 125440 Bytes 14/01/2011 23:03:34
VBASE024.VDF : 7.11.1.155 132096 Bytes 17/01/2011 23:03:36
VBASE025.VDF : 7.11.1.189 451072 Bytes 20/01/2011 23:03:42
VBASE026.VDF : 7.11.1.230 138752 Bytes 24/01/2011 23:03:44
VBASE027.VDF : 7.11.1.231 2048 Bytes 24/01/2011 23:03:44
VBASE028.VDF : 7.11.1.232 2048 Bytes 24/01/2011 23:03:44
VBASE029.VDF : 7.11.1.233 2048 Bytes 24/01/2011 23:03:44
VBASE030.VDF : 7.11.1.234 2048 Bytes 24/01/2011 23:03:44
VBASE031.VDF : 7.11.1.237 33280 Bytes 24/01/2011 23:03:46
Engineversion : 8.2.4.150
AEVDF.DLL : 8.1.2.1 106868 Bytes 13/12/2010 08:39:52
AESCRIPT.DLL : 8.1.3.52 1282426 Bytes 24/01/2011 23:04:18
AESCN.DLL : 8.1.7.2 127349 Bytes 13/12/2010 08:39:52
AESBX.DLL : 8.1.3.2 254324 Bytes 13/12/2010 08:39:52
AERDL.DLL : 8.1.9.2 635252 Bytes 13/12/2010 08:39:52
AEPACK.DLL : 8.2.4.8 512374 Bytes 24/01/2011 23:04:14
AEOFFICE.DLL : 8.1.1.15 205178 Bytes 24/01/2011 23:04:10
AEHEUR.DLL : 8.1.2.68 3178870 Bytes 24/01/2011 23:04:08
AEHELP.DLL : 8.1.16.0 246136 Bytes 13/12/2010 08:39:44
AEGEN.DLL : 8.1.5.2 397683 Bytes 24/01/2011 23:03:52
AEEMU.DLL : 8.1.3.0 393589 Bytes 13/12/2010 08:39:44
AECORE.DLL : 8.1.19.2 196983 Bytes 24/01/2011 23:03:48
AEBB.DLL : 8.1.1.0 53618 Bytes 13/12/2010 08:39:42
AVWINLL.DLL : 10.0.0.0 19304 Bytes 13/12/2010 08:39:58
AVPREF.DLL : 10.0.0.0 44904 Bytes 13/12/2010 08:39:56
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:14
AVREG.DLL : 10.0.3.2 53096 Bytes 13/12/2010 08:39:56
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 13/12/2010 08:39:58
AVARKT.DLL : 10.0.22.6 231784 Bytes 13/12/2010 08:39:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 13/12/2010 08:39:54
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:27:24
AVSMTP.DLL : 10.0.0.17 63848 Bytes 13/12/2010 08:39:58
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:27:22
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:22
RCTEXT.DLL : 10.0.58.0 97128 Bytes 13/12/2010 08:40:22

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 24 January 2011 23:07

Starting search for hidden objects.
c:\program files\logitech\quickcam\lu\lulnchr.exe
c:\program files\logitech\quickcam\lu\lulnchr.exe
[NOTE] The process is not visible.
c:\program files\synaptics\syntp\syntplpr.exe
c:\program files\synaptics\syntp\syntplpr.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'rsmsink.exe' - '31' Module(s) have been scanned
Scan process 'msdtc.exe' - '42' Module(s) have been scanned
Scan process 'dllhost.exe' - '61' Module(s) have been scanned
Scan process 'dllhost.exe' - '47' Module(s) have been scanned
Scan process 'vssvc.exe' - '50' Module(s) have been scanned
Scan process 'avscan.exe' - '72' Module(s) have been scanned
Scan process 'avcenter.exe' - '71' Module(s) have been scanned
Scan process 'avgnt.exe' - '55' Module(s) have been scanned
Scan process 'sched.exe' - '47' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '54' Module(s) have been scanned
Scan process 'COCIManager.exe' - '45' Module(s) have been scanned
Scan process 'iPodService.exe' - '30' Module(s) have been scanned
Scan process 'wuauclt.exe' - '38' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '30' Module(s) have been scanned
Scan process 'KHost.exe' - '69' Module(s) have been scanned
Scan process 'SsAAD.exe' - '35' Module(s) have been scanned
Scan process 'msmsgs.exe' - '52' Module(s) have been scanned
Scan process 'Quickcam.exe' - '61' Module(s) have been scanned
Scan process 'winpatrol.exe' - '63' Module(s) have been scanned
Scan process 'StxMenuMgr.exe' - '38' Module(s) have been scanned
Scan process 'CarbonitePreinstaller.exe' - '36' Module(s) have been scanned
Scan process 'CNMNSUT.exe' - '38' Module(s) have been scanned
Scan process 'BJMyPrt.exe' - '31' Module(s) have been scanned
Scan process 'maxmenumgr.exe' - '33' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '61' Module(s) have been scanned
Scan process 'ezSP_Px.exe' - '22' Module(s) have been scanned
Scan process 'iwctrl.exe' - '35' Module(s) have been scanned
Scan process 'STDSB.exe' - '18' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '35' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '29' Module(s) have been scanned
Scan process 'ctfmon.exe' - '27' Module(s) have been scanned
Scan process 'Explorer.EXE' - '94' Module(s) have been scanned
Scan process 'alg.exe' - '35' Module(s) have been scanned
Scan process 'CALMAIN.exe' - '27' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'slserv.exe' - '6' Module(s) have been scanned
Scan process 'SyncServices.exe' - '36' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '16' Module(s) have been scanned
Scan process 'KService.exe' - '70' Module(s) have been scanned
Scan process 'FreeAgentService.exe' - '37' Module(s) have been scanned
Scan process 'SAgent2.exe' - '22' Module(s) have been scanned
Scan process 'eEBSVC.exe' - '27' Module(s) have been scanned
Scan process 'CTsvcCDA.EXE' - '9' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '35' Module(s) have been scanned
Scan process 'spoolsv.exe' - '70' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '162' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '53' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '45' Module(s) have been scanned
Scan process 'winlogon.exe' - '71' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1191' files ).


Starting the file scan:

Begin scan in 'C:\' <TNX02T4V3>
C:\Program Files\Live-Player\live-player.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen
C:\Program Files\Live-Player\uninst.exe
[DETECTION] Is the TR/Dldr.Wintrim.BX.23 Trojan
Begin scan in 'D:\' <UserData>
D:\Vista Backup\Users\Jeremy\AppData\Local\Microsoft\Windows Mail\Local Folders\Deleted Items\0E2C664C-00001B21.eml
[0] Archive type: MIME
[DETECTION] Contains recognition pattern of the PHISH/cnn.A phishing file/email
--> file0.html
[DETECTION] Contains recognition pattern of the PHISH/cnn.A phishing file/email

Beginning disinfection:
D:\Vista Backup\Users\Jeremy\AppData\Local\Microsoft\Windows Mail\Local Folders\Deleted Items\0E2C664C-00001B21.eml
[DETECTION] Contains recognition pattern of the PHISH/cnn.A phishing file/email
[NOTE] The file was moved to the quarantine directory under the name '4e54b12f.qua'.
C:\Program Files\Live-Player\uninst.exe
[DETECTION] Is the TR/Dldr.Wintrim.BX.23 Trojan
[NOTE] The file was moved to the quarantine directory under the name '56149ed1.qua'.
C:\Program Files\Live-Player\live-player.exe
[DETECTION] Contains virus patterns of Adware ADWARE/Adware.Gen
[NOTE] The file was moved to the quarantine directory under the name '0458c404.qua'.


End of the scan: 25 January 2011 00:12
Used time: 1:03:48 Hour(s)

The scan has been done completely.

8687 Scanned directories
412039 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
412035 Files not concerned
28115 Archives were scanned
0 Warnings
3 Notes
475451 Objects were scanned with rootkit scan
2 Hidden objects were found


HJT uninstall list
----------------
Adobe Acrobat 5.0
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.4.0
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Audacity 1.2.6
AudibleManager
Avira AntiVir Personal - Free Antivirus
BBC iPlayer Download Manager
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DSLR 5 for ZoomBrowser EX
Canon IJ Network Scan Utility
Canon IJ Network Tool
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator EX 3.0
Canon MP640 series MP Drivers
Canon MP640 series User Registration
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities Solution Menu
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Carbonite Online Backup Setup
CD-LabelPrint
Clip Art Collection
Compatibility Pack for the 2007 Office system
Creative MediaSource
Critical Update for Windows Media Player 11 (KB959772)
DivX Decoder Filter
Dorling Kindersley Application Database v1.4
Easy-PC
EndNote X4
EPSON Copy Utility
EPSON Photo Print
EPSON Printer Software
EPSON Smart Panel
EPSON TWAIN 5
Favorit
GraphPad Prism 5
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
InstallIQ Updater
IQ Solutions
iTunes
Jessops Picture Suite
Live-Player
Logitech QuickCam
Logitech QuickCam Driver Package
Maxtor Manager
Maxtor Manager
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works 7.0
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
muvee autoProducer 6.1 Seagate Edition
MuVo Driver
MWSnap 3
NetAssistant
novaPDF Professional Desktop 6.3 printer
OpenMG AAC Add-on Module 1.0.00
OpenMG Limited Patch 4.5-06-05-12-01
OpenMG Secure Module 4.5.01
PDF Manual NW-A1000 Series NW-A3000 Series
PICVideo Codecs
Pinnacle InstantCD/DVD Suite
PowerDVD
PowerQuest PartitionMagic 8.0
Proteus 6 Professional
QuickTime
ResearchSoft Direct Export Helper
ScanToWeb
Scroll Bar Driver
Seagate Manager Installer
Seagate Manager Installer
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 8 (KB917734)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
jeremye
Active Member
 
Posts: 4
Joined: January 22nd, 2011, 1:45 pm

Re: slow pc + some suspicious files

Unread postby askey127 » January 25th, 2011, 4:07 pm

jeremye,
Antivir has been the more dependable of the two on some recent infections.
----------------------------- -------------------
Issues with Older Adobe Acrobat Programs
It's possible that PC slowdowns can be caused by one of your older Adobe Acrobat versions trying to update itself.
That program (Acrobat 5) has a buggy updater which can hang at bootup. It can phone home interminably and slow your PC to a crawl.
Anytime after your machine boots and you notice a slowdown, use Ctrl-Alt-Del to bring up task manager.
Click on the Processes tab, and note the names of the process files which are using most of the CPU resources. May be something like Adobeupd.exe
In any case, you should retain and use the latest version of the free Acrobat reader to look at web-based PDF files, even if you keep an older Acrobat version for composing or editing.
This will prevent PC infection due to opening a malicious web-based PDF with one of the older, vulnerable, versions of Acrobat. If you do not use the old Acrobat 5, I would suggest you Uninstall it.
-----------------------------------------------------------
Download and Run a Diagnostic Tool (MGADiag.exe) from here and save this to your desktop.
http://go.microsoft.com/fwlink/?linkid=56062
* Double-click on MGADiag.exe
* When the program has finished, click on the Validation tab and then click on Copy to Clipboard.
* Please post the results in your next reply.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: slow pc + some suspicious files

Unread postby jeremye » January 26th, 2011, 7:37 pm

I got rid of Acrobat 5.0.
You're really doing a fine job. Don't know quite which bit of repair work did the trick, but it's already zipping along in a very encouraging way.
Here's the MGADiag report:

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-CDVGC-9FVMV-B4P9Y
Windows Product Key Hash: iRaZ+vZ/SXjj4Za4xvVQAG7IIBM=
Windows Product ID: 55277-OEM-2111907-00124
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.2.0.hom
ID: {B2F02EA3-D9CE-4A9E-BC91-B4864102A1B0}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.5.530.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Standard Edition 2003 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{B2F02EA3-D9CE-4A9E-BC91-B4864102A1B0}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.2.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-B4P9Y</PKey><PID>55277-OEM-2111907-00124</PID><PIDType>2</PIDType><SID>S-1-5-21-3562983710-2038945071-357464061</SID><SYSTEM><Manufacturer>Tiny Computers</Manufacturer><Model>8355H</Model></SYSTEM><BIOS><Manufacturer>Insyde Software</Manufacturer><Version>R1.08 </Version><SMBIOSVersion major="2" minor="3"/><Date>20040608000000.000000+000</Date><SLPBIOS>Tiny Computers,Tiny Computers,Tiny Computers,Tiny Computers</SLPBIOS></BIOS><HWID>F8603F07018400EA</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Tiny Computers</name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120409-6000-11D3-8CFE-0150048383C9}"><LegitResult>100</LegitResult><Name>Microsoft Office Standard Edition 2003</Name><Ver>11</Ver><Val>2BF64F62DD1E072</Val><Hash>8ujkliEh6MeGy7oFRfBQOOukTXA=</Hash><Pid>70141-057-2543455-56815</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="11" Result="100"/><App Id="18" Version="11" Result="100"/><App Id="1A" Version="11" Result="100"/><App Id="1B" Version="11" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1FFB0:MITAC TECHNOLOGY CORP|BD04:Tiny Computers Limited
Marker string from OEMBIOS.DAT: Tiny Computers,Tiny Computers,Tiny Computers,Tiny Computers

OEM Activation 2.0 Data-->
N/A
jeremye
Active Member
 
Posts: 4
Joined: January 22nd, 2011, 1:45 pm

Re: slow pc + some suspicious files

Unread postby askey127 » January 26th, 2011, 9:00 pm

jeremye,
----------------------------------------------------------------------------------
Download SP3 and Burn the Image to a CD
It's a big download.
If you have a broadband connection, get the Windows XP Service Pack 3 download from here:
http://www.microsoft.com/downloads/details.aspx?FamilyID=2fcde6ce-b5fb-4488-8c50-fe22559d164e&displaylang=en
It is an .iso image file, designed to be saved on your machine, then burned directly onto a CD using your CD burning software (You will need a blank CD-R disk.)
If that appears successful, unplug your internet connection, disable your Antivirus, and run Setup from the resulting CD.
It may take 1-2 hours to install.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: slow pc + some suspicious files

Unread postby jeremye » January 29th, 2011, 9:31 am

Askey127

I'll do the SP3 and image write.
I'm offline for 2 weeks now, so I guess, with all your help, I'm back on a smooth running track.
Not only is the PC cured, but I learned a lot as well.
Just remains to say a very big thank you.

Jeremy
jeremye
Active Member
 
Posts: 4
Joined: January 22nd, 2011, 1:45 pm

Re: slow pc + some suspicious files

Unread postby askey127 » January 29th, 2011, 10:46 am

this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 136 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware