Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Virus I got from web

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Virus I got from web

Unread postby SSI01 » May 1st, 2011, 8:58 pm

Just finished trying to run FS2004 again. This time the error signature block read as follows:

AppName: fs9.exe AppVer: 9.1.0.40901 ModName: unknown
ModVer: 0.0.0.0 Offset: ffff0000

This file was included in the error report:
E:\DOCUME~1\Owner\LOCALS~2\Temp\ceea_appcompat.txt

I have not seen either of these before. There is some instability in the flight simulator as it does not start at the originally-designated airport but at the airport identified prior to that; also, there are some changes made to display settings in the simulator I did not input; instead, I find them there when I start the sim and have to change them to where they should be. The last time I did this, the above is what I saw in the error report. Not sure if this helps anything but it is unusual and I wanted to report it.
SSI01
Regular Member
 
Posts: 20
Joined: April 24th, 2011, 9:36 pm
Advertisement
Register to Remove

Re: Virus I got from web

Unread postby Carolyn » May 2nd, 2011, 7:00 am

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Download the latest version of Java Runtime Environment (JRE) 25 and save it to your desktop.
  • Scroll down to where it says JDK 6 Update 25 (JDK or JRE)
  • Click the Download JRE button to the right
  • Select the Windows platform from the dropdown menu.
  • Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6u25 with JavaFX 1 License Agreement". Click on Continue. The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add or Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u25-windows-i586.exe to install the newest version.
  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
        Applications and Applets
        Trace and Log Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.

===================================

Update Adobe Reader
  • You should Download and Install the newest version of Adobe Reader for reading pdf files.
  • Older versions may have vulnerabilities that malware can use to infect your system.
    • Go to start > control panel > programs and features.
    • Right click on Adobe Reader 9.4.1, click Uninstall & then follow the prompts to remove it.
  • Go Here to download and install Adobe Reader X (10.0.1).
    Note: Uncheck Free McAfee® Security Scan Plus (optional)

===================================

Registry Cleaners

I see that you have used Uniblue Registry Booster Registry Cleaner on this computer and have since uninstalled it.

I don't personally recommend the use of ANY registry cleaners.
Here is an excerpt from a discussion on regcleaners
Most reg cleaners aren't "bad" as such, but they aren't perfect and even the best have been known to cause problems.
The point we are trying to make is that the risk of using one far outweighs any benefit.
If it does work perfectly you will not see any difference
If it doesn't work properly you may end up with an expensive doorstop.


http://miekiemoes.blogspot.com/2008/02/registry-cleaners-and-system-tweaking_13.html
http://forums.whatthetech.com/Regcleaner_t42862.html

===================================

Remove Search Toolbar
  • Go to start > control panel > programs and features.
  • Right click on Search Toolbar, then click Uninstall & then follow the prompts to remove ir.

===================================

Run OTL Script

We need to run an OTL Fix

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Image textbox. Do not include the word Code
    Code: Select all
    :Files
    E:\Documents and Settings\All Users\Application Data\iolo\System Shield\Quarantined\A0002188.EXE.INFECTED
    E:\Documents and Settings\Owner\Desktop\COMPUTER MAINTENANCE & UPKEEP\Lagrange5.exe
    E:\Documents and Settings\Owner\Desktop\COMPUTER MAINTENANCE & UPKEEP\registrybooster.exe
    E:\Program Files\Search Toolbar
    
    :Commands
    [emptytemp]
    [ClearAllRestorePoints]
    

  • Then click the Run Fix button at the top.
  • Click Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

===================================

Image
Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop.

===================================

Please post the following in your next reply:
  • The OTL log
  • DDS.txt
  • Attach.txt
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Virus I got from web

Unread postby SSI01 » May 2nd, 2011, 9:49 am

I'm at the Oracle website - which one of the JDK6 Update 25s do I select - with JavaFX 1.3.1 SDK or JDK6 Update 25 w/NetBeans 7.0?
SSI01
Regular Member
 
Posts: 20
Joined: April 24th, 2011, 9:36 pm

Re: Virus I got from web

Unread postby Carolyn » May 2nd, 2011, 10:56 am

Java SE 6 Update 25 JRE
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Virus I got from web

Unread postby SSI01 » May 2nd, 2011, 11:22 am

OK here is (hopefully) everything that was supposed to have been obtained:

OTL log:
All processes killed
========== FILES ==========
E:\Documents and Settings\All Users\Application Data\iolo\System Shield\Quarantined\A0002188.EXE.INFECTED moved successfully.
E:\Documents and Settings\Owner\Desktop\COMPUTER MAINTENANCE & UPKEEP\Lagrange5.exe moved successfully.
E:\Documents and Settings\Owner\Desktop\COMPUTER MAINTENANCE & UPKEEP\registrybooster.exe moved successfully.
File\Folder E:\Program Files\Search Toolbar not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 165762 bytes

User: Owner
->Temp folder emptied: 943342 bytes
->Temporary Internet Files folder emptied: 170735063 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 3404227 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 13258 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2602748 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33982 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 66400460 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 20440707 bytes

Total Files Cleaned = 253.00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.22.3 log created on 05022011_105457

Files\Folders moved on Reboot...
E:\Documents and Settings\Owner\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
File\Folder E:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_d0.dat not found!
E:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\PH166PD2\viewtopic[1].php moved successfully.
E:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File\Folder E:\WINDOWS\temp\Perflib_Perfdata_b14.dat not found!

Registry entries deleted on Reboot...



DDS txt:
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Owner at 11:14:01.42 on Mon 05/02/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1286 [GMT -4:00]
.
AV: System Shield *Enabled/Updated* {2565CEEE-6BDB-4A6D-AD6D-F682F2695014}
.
============== Running Processes ===============
.
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
svchost.exe
E:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
E:\WINDOWS\system32\svchost.exe -k hpdevmgmt
E:\Program Files\Google\Update\GoogleUpdate.exe
E:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\WINDOWS\System32\svchost.exe -k HPZ12
E:\Program Files\CDBurnerXP\NMSAccessU.exe
E:\WINDOWS\System32\svchost.exe -k HPZ12
E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
E:\WINDOWS\system32\svchost.exe -k imgsvc
E:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
E:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
E:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
E:\Program Files\iolo\System Mechanic Professional\System Shield\ioloSSTray.exe
E:\Program Files\Common Files\Java\Java Update\jusched.exe
E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
E:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
E:\Documents and Settings\Owner\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.foxnews.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - e:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - e:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - e:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - e:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - e:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - e:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - e:\program files\msn toolbar\platform\4.0.0417.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - e:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE e:\windows\system32\NvCpl.dll,NvStartup
mRun: [MSN Toolbar] "e:\program files\msn toolbar\platform\4.0.0417.0\mswinext.exe"
mRun: [Microsoft Default Manager] "e:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [HP Software Update] e:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Carbonite Backup] e:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "e:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "e:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "e:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - e:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - e:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: e:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - e:\program files\microsoft office\office\OSA9.EXE
IE: Google Sidewiki... - e:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
LSP: e:\windows\system32\iavlsp.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resour ... se6886.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 3190617328
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - e:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AMP;AMP;e:\windows\system32\drivers\amp.sys [2010-1-19 127016]
R2 AMPSE;AMPSE;e:\windows\system32\drivers\ampse.sys [2010-1-19 1118248]
R2 ioloFileInfoList;iolo FileInfoList Service;e:\program files\iolo\common\lib\ioloServiceManager.exe [2010-10-21 724152]
R2 ioloSystemService;iolo System Service;e:\program files\iolo\common\lib\ioloServiceManager.exe [2010-10-21 724152]
R2 vseamps;vseamps;e:\program files\common files\authentium\antivirus5\vseamps.exe [2010-1-19 121384]
R2 vsedsps;vsedsps;e:\program files\common files\authentium\antivirus5\vsedsps.exe [2010-1-19 117288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;e:\windows\system32\drivers\nvhda32.sys [2004-1-3 91496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);e:\program files\google\update\GoogleUpdate.exe [2010-12-26 136176]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;e:\windows\system32\drivers\ADM8511.SYS [2004-1-3 20160]
S3 cpuz132;cpuz132;\??\e:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> e:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
S3 gupdatem;Google Update Service (gupdatem);e:\program files\google\update\GoogleUpdate.exe [2010-12-26 136176]
S3 vseqrts;vseqrts;e:\program files\common files\authentium\antivirus5\vseqrts.exe [2010-1-19 158248]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;e:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2011-05-02 14:54:57 -------- d-----w- E:\_OTL
2011-05-02 14:34:49 73728 ----a-w- e:\windows\system32\javacpl.cpl
2011-04-30 18:21:23 -------- d-----w- e:\program files\ESET
2011-04-30 12:53:47 38224 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys
2011-04-30 12:53:42 20952 ----a-w- e:\windows\system32\drivers\mbam.sys
2011-04-30 12:53:42 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2011-04-24 13:33:42 -------- d-----w- e:\docume~1\owner\applic~1\Driver Smith
2011-04-24 13:33:37 -------- d-----w- e:\program files\DriverSmith
2011-04-23 19:45:40 4984 ----a-w- e:\windows\system32\drivers\nvphy.bin
2011-04-23 19:45:38 446464 ----a-w- e:\windows\system32\nvunrm.exe
2011-04-23 15:16:15 -------- d-----w- e:\program files\Realtek AC97
2011-04-23 15:15:53 204800 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2011-04-23 15:15:52 757760 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2011-04-23 15:15:52 69715 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2011-04-23 15:15:52 5632 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2011-04-23 15:15:52 274432 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2011-04-23 15:15:48 200836 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2011-04-23 15:15:47 331908 ----a-w- e:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2011-04-23 04:34:58 1974616 ----a-w- e:\windows\system32\D3DCompiler_42.dll
2011-04-23 04:30:37 -------- d-----w- e:\windows\Logs
2011-04-20 17:13:20 -------- d-----w- e:\windows\system32\wbem\repository\FS
2011-04-20 17:13:20 -------- d-----w- e:\windows\system32\wbem\Repository
2011-04-20 15:10:08 837224 ----a-w- e:\windows\system32\nvhdagenco322040.dll
2011-04-20 15:10:00 944232 ----a-w- e:\windows\system32\nvdispco3220140.dll
2011-04-20 15:10:00 855656 ----a-w- e:\windows\system32\nvgenco322060.dll
2011-04-20 15:01:45 -------- d-----w- e:\program files\SystemRequirementsLab
2011-04-19 12:27:30 -------- d-----w- e:\windows\pss
2011-04-18 01:30:06 888424 ----a-w- e:\windows\system32\nvdispco32.dll
2011-04-18 01:30:06 813672 ----a-w- e:\windows\system32\nvgenco32.dll
2011-04-08 02:15:38 580200 ----a-w- e:\windows\system32\easyUpdatusAPIU.dll
.
==================== Find3M ====================
.
2011-05-02 14:33:46 472808 ----a-w- e:\windows\system32\deployJava1.dll
2011-04-23 02:46:47 240592 ----a-w- e:\windows\system32\nvdrsdb0.bin
2011-04-23 02:46:47 1 ----a-w- e:\windows\system32\nvdrssel.bin
2011-04-23 02:46:41 240592 ----a-w- e:\windows\system32\nvdrsdb1.bin
2011-03-15 19:24:20 87688 ----a-w- e:\windows\system32\IncContxMenu.dll
2011-03-15 19:23:32 11776 ----a-w- e:\windows\system32\smrgdf.exe
2011-03-15 19:23:26 29696 ----a-w- e:\windows\system32\iolobtdfg.exe
2011-03-15 19:21:16 2234552 ----a-w- e:\windows\system32\Incinerator.dll
2011-03-07 05:33:50 692736 ----a-w- e:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- e:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- e:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- e:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ------w- e:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- e:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- e:\windows\system32\html.iec
2011-02-15 12:56:39 290432 ----a-w- e:\windows\system32\atmfd.dll
2011-02-09 20:46:52 249856 ------w- e:\windows\Setup1.exe
2011-02-09 20:46:51 73216 ----a-w- e:\windows\ST6UNST.EXE
2011-02-09 13:53:52 270848 ----a-w- e:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- e:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- e:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- e:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- e:\windows\system32\mstscax.dll
2011-02-02 02:19:21 720896 ----a-w- e:\windows\iun6002.exe
.
============= FINISH: 11:14:50.60 ===============



Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/3/2004 2:20:34 AM
System Uptime: 5/2/2011 11:05:23 AM (0 hours ago)
.
Motherboard: | | NF-CK804
Processor: AMD Athlon(tm) 64 Processor 3000+ | Socket 939 | 1809/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 1863 GiB total, 1532.187 GiB free.
E: is FIXED (NTFS) - 298 GiB total, 275.355 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
5700_Help
7-Zip 4.65
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
AVSDK5
BPD_Scan
BPDSoftware
BPDSoftware_Ini
BufferChm
BVAir B747-400 FS9
Canadair Agonaut 3.0 for FS2004
Canadair C-4 Argonaut for FS2004
CCleaner
CDBurnerXP
Classic Wings Cierva C.30 For Fs9
Classic Wings Junkers K-47 & A-48 For Fs9
DC3_RR41P
Destinations
DH106 Comet 1 and 2 for FS2004
DocProc
DocumentViewerQFolder
Douglas DC-4 and C-54 3.0 for FS2004
Driver Detective
DriverSmith
EditVoicepack
ESET Online Scanner v3
Fax
Flight One Software Spirit of St. Louis
FS2004 Night Time
FS9 Sproat Lake Mars Water Bomber Base
FSACC
FullDPAppQFolder
Game Booster
Golden Age Simulations Taylor J-2 Cub for FS9
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Handley Page Hermes for FS2004
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Customer Participation Program 8.0
HP Imaging Device Functions 8.0
HP OCR Software 8.0
HP Officejet All-In-One Series
HP Photosmart Essential
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
IL-2 Sturmovik 1946
Ilyushin IL-14 for FS2004
Intel(R) Network Connections Drivers
iolo technologies' System Mechanic Professional
J5700
Java Auto Updater
Java(TM) 6 Update 25
K-Lite Codec Pack 6.4.0 (Full)
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Office 2000 Standard
Microsoft Search Enhancement Pack
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystere IVA
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Install Application
NVIDIA nView Desktop Manager
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
OpenOffice.org 3.2
Pacific Fighters
Piper PA18 Cubdrivers Supercub
ProductContext
Rarewings General Aviation GA-43 for FS9
Rarewings General Aviation Ga-43j for FS9
Rarewings.com Miller Hm-4 Aeroval for FS9
Realtek AC'97 Audio
Scan
SE161 Languedoc for FS2004
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Short Empire for FS2004
Short Solent for FS2004
Silent Hunter 4 Wolves of the Pacific
Sniper Elite
SolutionCenter
Status
System Requirements Lab
The Horten HO 18 C "Amerika-Bomber"
Toolbox
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2362765)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Vickers Viking for FS2004
Vickers Viscount for FS2004
Virtavia F-106 Delta Dart FS9
Virtavia Gloster Javelin FS9
WebFldrs XP
WebReg
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 11
.
==== Event Viewer Messages From Past Week ========
.
5/2/2011 10:55:58 AM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error: An instance of the service is already running.
5/2/2011 10:55:00 AM, error: Service Control Manager [7034] - The vseamps service terminated unexpectedly. It has done this 1 time(s).
5/2/2011 10:55:00 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
5/2/2011 10:54:58 AM, error: Service Control Manager [7034] - The vsedsps service terminated unexpectedly. It has done this 1 time(s).
5/2/2011 10:54:58 AM, error: Service Control Manager [7034] - The NMSAccess service terminated unexpectedly. It has done this 1 time(s).
5/2/2011 10:54:58 AM, error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s).
5/2/2011 10:54:58 AM, error: Service Control Manager [7034] - The iolo FileInfoList Service service terminated unexpectedly. It has done this 1 time(s).
5/2/2011 10:54:58 AM, error: Service Control Manager [7031] - The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
5/2/2011 10:54:57 AM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
4/29/2011 11:12:59 AM, error: System Error [1003] - Error code 100000d1, parameter1 0a1f0038, parameter2 00000002, parameter3 00000000, parameter4 f745ed8f.
4/29/2011 11:10:26 AM, error: nvgts [9] - The device, \Device\Scsi\nvgts1, did not respond within the timeout period.
4/29/2011 10:52:26 AM, error: System Error [1003] - Error code 1000000a, parameter1 89e77aec, parameter2 00000002, parameter3 00000000, parameter4 806f4413.
4/29/2011 10:48:25 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
4/29/2011 10:42:08 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdPPM FileDisk Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip WS2IFSL
4/29/2011 10:42:08 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2011 10:42:08 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2011 10:42:08 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2011 10:42:08 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
4/29/2011 10:41:38 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/29/2011 10:41:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
4/29/2011 10:41:34 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}
4/29/2011 10:41:08 AM, error: sfsync02 [12] -
4/27/2011 12:20:16 AM, error: VolSnap [20] - The shadow copy of volume C: was aborted because of a failed free space computation.
.
==== End Of File ===========================
SSI01
Regular Member
 
Posts: 20
Joined: April 24th, 2011, 9:36 pm

Re: Virus I got from web

Unread postby Carolyn » May 2nd, 2011, 5:49 pm

Are you having any problems with the computer now? Is flight simulator still acting up? Any other programs hanging?
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Virus I got from web

Unread postby SSI01 » May 2nd, 2011, 7:38 pm

Just finished running the sim to see if there were any improvements. I can now start, take-off and fly pretty well, no hangups during the sim. I used to be able to go into the "options" section and change the frame rate from 40FPS to "unlimited," as this was advice picked up from several FS websites saying it was better for the sim. I tried it this time and was able to make the change, however, when closing out "options" the screen went black (although the cursor was present and moved) and I finally had to ctrl-alt-del to close it down. I then got this msg:

szAppName: fs9.exe szAppVer: 9.1.0.40901 szModName: hungapp
szModVer: 0.0.0.0 offset: 00000000

and Error Report as follows:
E:\DOCUME~1\Owner\LOCALS~1\Temp\WER93.ae.dir00\fs9.exe.mdmp
E:\DOCUME~1\Owner\LOCALS~1\Temp\WER93.ae.dir00\appcomrat.txt

Something is causing FS to "hang up" on an action (for example, going from normal flight through "pause" to "options," then back to normal flight) while running and fail to return to the previous action or another action. I can't think of how else to describe it except to say it's like some sort of data keeps building somewhere in a cache or folder within the sim until it's full and can't be added to or cycled through, and then the sim freezes. Don't know how else to describe it.

I've tried digging through My Computer - E Drive - Documents and Settings to find the file tree as displayed in the Error Report but can't find the folders it's talking about. I just wanted to see if I could trace the path the report generated and locate the files it's talking about.

I've also noticed whenever you click on "My Computer," either from "Start" or the desktop icon, there is a pause of several seconds before the icons are displayed. They used to display instantaneously.
SSI01
Regular Member
 
Posts: 20
Joined: April 24th, 2011, 9:36 pm

Re: Virus I got from web

Unread postby SSI01 » May 2nd, 2011, 8:46 pm

OK I just tried it again and we're back to our old antics - we can start, taxi and take off, sound is excellent but the aircraft is greyed out (although interior details such as cockpit, cabin, etc are clear). I note there is a little jerkiness to the sim when panning around the exterior of the aircraft while on the ground or in flight - it didn't used to do that. As always I've had to ctrl-alt-del out of the sim. I am wondering, is there is a conflict between sound and video devices? I've downloaded and installed current drivers for both.

The error screen and report just came up, and the language is the same as that I've already provided above.

BTW, another question - I've got Carbonite off-site backup for this computer. It was running while the machine was infected. Does that mean Carbonite has saved my infection - or do they scrub incoming files for possible infections before they store them for customers?
SSI01
Regular Member
 
Posts: 20
Joined: April 24th, 2011, 9:36 pm

Re: Virus I got from web

Unread postby Carolyn » May 3rd, 2011, 6:23 am

BTW, another question - I've got Carbonite off-site backup for this computer. It was running while the machine was infected. Does that mean Carbonite has saved my infection - or do they scrub incoming files for possible infections before they store them for customers?


Backups of infected files would still be infected.

================================

I have not seen signs of an active infection in any of your logs. The slowness and Flight Simulator problems are not malware related.

This tutorial might help resolve these issues, What to do if your Computer is running slowly.

If you continue to have problems with Flight Simulator, try uninstalling then reinstalling the program. If that does not resolve the problem, I suggest that you post for assistance at one of these general troubleshooting forums.

http://forums.whatthetech.com/forums.html
http://www.techguy.org/
http://www.bleepingcomputer.com/forums/

================================


This is my general post for when your logs show no signs of malware ;)

Your log now appears to be clean. Congratulations!

Time for some housekeeping

Clean up with OTL

  • Double-click OTL.exe to start the program, This tool will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

You can now delete any tools we used if they remain on your Desktop.


Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.

General Security and Computer Health
Below are some steps to follow in order to dramatically lower the chances of reinfection. You may have already implemented some of the steps below, however you should follow any steps that you have not already implemented.

  • Set correct settings for files
    • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
    • Under Hidden files and folders if necessary select Do not show hidden files and folders.
    • If unchecked please check Hide protected operating system files (Recommended)
    • If necessary check Display content of system folders
    • If necessary Uncheck Hide file extensions for known file types.
    • Click OK

  • Make sure that you keep your antivirus updated
    New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.
    Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

  • Security Updates for Windows, Internet Explorer & Microsoft Office
    Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.
    Note: The update process uses ActiveX, so you will need to use internet explorer for it and allow the ActiveX control to install.

  • Update Non-Microsoft Programs
    Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.


Recommended Programs

I would recommend the download and installation of some or all of the following programs (if not already present), and the updating of them on a regular basis.

  • WinPatrol
    As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. For more information, please visit HERE.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

  • Malwarebytes' Anti-Malware or SuperAntiSpyware
    These are anti-malware applications that can thoroughly remove even the most advanced malware. They include a number of features, including a built in protection monitor that blocks malicious processes before they even start.
    You can download Malwarebytes' Anti-Malware from HERE. You can find a tutorial HERE.
    You can download SuperAntiSpyware from HERE.

  • Use an alternative Internet Browser
    Many of the exploits are directed to users of Internet Explorer. Try using a different browser instead:
    Firefox
    Opera


Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date.

Also please read this great article How to prevent Malware by miekiemoes.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine

Re: Virus I got from web

Unread postby SSI01 » May 3rd, 2011, 9:02 am

OK Carolyn, many thanks for your assistance - it is a tremendous load off my mind to know this thing is no longer incubating some sort of disaster! Also, your posting provided me with the housekeeping tips I was going to ask you about re: keeping this thing clean. I am providing this site's address to the spouse as well. A donation of some sort will be coming, we're on a fixed income but I think we can spare some for your noble efforts. Also - I just saw an email this morning relating to some kind of "Olympic Torch" virus that is supposed to be destructive of the "C sector" of a computer's hard drive, complete destruction & no remedy. You will probably be seeing traffic relating to this problem as well, if it is not a hoax. It's supposedly been verified by Snopes. Thought I'd give you a heads-up.
SSI01
Regular Member
 
Posts: 20
Joined: April 24th, 2011, 9:36 pm

Re: Virus I got from web

Unread postby Carolyn » May 3rd, 2011, 6:21 pm

Thank you :)

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Carolyn
MRU Emeritus
MRU Emeritus
 
Posts: 4701
Joined: April 18th, 2007, 9:36 am
Location: Maine
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: random/random and 63 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware