Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

suspected malware.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

suspected malware.

Unread postby Tommie » May 5th, 2009, 12:54 am

Hi, I've scanned thru using AVG but found nothing. And i'm very sure there's something causing my laptop to lag so badly. Please help me to solve this problem. Thanks.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:06 PM, on 05/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\AnVir Task Manager Free\AnVir.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.sg/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.symantec.com/techsupp/servle ... d=Symantec
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tp.edu.sg:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.tp.edu.sg;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [AnVir Task Manager Free] "C:\Program Files\AnVir Task Manager Free\AnVir.exe" Minimized
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://flashpoker.ladbrokes.com/ladbrokes/FlashAX.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - (no file)
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: IBM HDD APS Logging Service (TPHDEXLGSVC) - IBM Corporation - C:\WINDOWS\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: Wintab32 - Unknown owner - C:\WINDOWS\system32\Wintab32.exe

--
End of file - 9926 bytes
Tommie
Regular Member
 
Posts: 116
Joined: September 22nd, 2005, 6:37 am
Top
Advertisement
Register to Remove

Re: suspected malware.

Unread postby MWR 3 day Mod » May 8th, 2009, 12:14 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am
Top

Re: suspected malware.

Unread postby jmw3 » May 9th, 2009, 12:47 am

Hello & Welcome to Malware Removal
Apologies for the late reply. As you can appreciate the board is very busy.
Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this ensure Notify me when a reply is postedis ticked on the POST A REPLY page.

In the meantime please note the following:
  • Any recommendations made are for your computer problems only and should NOT be used on any other computer.
  • Please DO NOT run any scans/tools or other fixes unless I ask you to. This is very important for several reasons. Here are just two of them:
    1. The tools that we use are very powerful and can cause >>irreparable damage<< to your computer if not used correctly.
    2. Commercial scanners, for the most part can not completely remove some of the more "resistant" infections. This makes it much more difficult to get rid of completely.
  • If you get stuck or are unsure of something please ask for a further explanation, do not guess.
  • It will require more than one round to properly clean your system. Continue to respond to this thread until I give you the All Clean! even if symptoms seemingly abate.
Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.
If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave & if there is no contact for that amount of time I will have to assume you have abandoned your topic.

Thanks

MRU P2P Policy
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

µTorrent.exe

I'd like you to read the MRU policy for P2P Programs.
Go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red) & any other P2P programs.

DDS
Download DDS.scr by sUBs from one of the following links & save it to your desktop.
http://download.bleepingcomputer.com/sUBs/dds.scr
http://www.forospyware.com/sUBs/dds
  • Double-Click on dds.scr and a command window will appear. This is normal
  • Shortly after two logs will appear, DDS.txt & Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

Gmer
Download gmer.zip from Gmer here & save it to your desktop.
  • Right click on gmer.zip, select Extract All... & extract the contents to your desktop
  • Double click the Gmer.exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO

    Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post
  • Save it where you can easily find it, such as your desktop, and post it in reply
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Note: Do not run any programs while Gmer is running.

To post in next reply:
Contents of DDS log
Contents of Attach.txt
Contents of Gmer log
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: suspected malware.

Unread postby Tommie » May 9th, 2009, 6:14 am

DDS LOG:


DDS (Ver_09-03-16.01) - NTFSx86
Run by IT-CORP at 16:35:45.32 on 09/05/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1270.681 [GMT 8:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Norton AntiVirus 2005 *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Wintab32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\S24EvMon.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\AnVir Task Manager Free\AnVir.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\IT-CORP\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com.sg/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.symantec.com/techsupp/servle ... d=Symantec
uInternet Settings,ProxyServer = proxy.tp.edu.sg:80
uInternet Settings,ProxyOverride = *.tp.edu.sg;<local>
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\acrobat\activex\AcroIEHelper.ocx
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: FGCatchUrl: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\program files\flashget\jccatch.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: FlashGet GetFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\program files\flashget\getflash.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [AnVir Task Manager Free] "c:\program files\anvir task manager free\AnVir.exe" Minimized
mRun: [TPKMAPHELPER] c:\program files\thinkpad\utilities\TpKmapAp.exe -helper
mRun: [TpShocks] TpShocks.exe
mRun: [TPHOTKEY] c:\progra~1\thinkpad\pkgmgr\hotkey\TPHKMGR.exe
mRun: [TP4EX] tp4ex.exe
mRun: [EZEJMNAP] c:\progra~1\thinkpad\utilit~1\EzEjMnAp.Exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [IBMPRC] c:\ibmtools\utils\ibmprc.exe
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: [ACWLIcon] c:\program files\thinkpad\connectutilities\ACWLIcon.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 5.0\distillr\AcroTray.exe
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/house ... hcImpl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4 ... 42-win.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} - hxxps://flashpoker.ladbrokes.com/ladbrokes/FlashAX.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: ACNotify - ACNotify.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
Notify: tphotkey - tphklock.dll
LSA: Notification Packages = scecli pwdmon ACGina

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\it-corp\applic~1\mozilla\firefox\profiles\ghohpro5.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin2.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin3.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin4.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin5.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin6.dll
FF - plugin: c:\program files\k-lite codec pack\quicktime\plugins\npqtplugin7.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npff_gdm.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

============= SERVICES / DRIVERS ===============

R0 Shockprf;Shockprf;c:\windows\system32\drivers\shockprf.sys [2007-5-24 59776]
R0 TPDiskPM;TPDiskPM;c:\windows\system32\drivers\TPDiskPM.sys [2007-5-24 14208]
R1 ANC;ANC;c:\windows\system32\drivers\ANC.sys [2007-5-24 11520]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-11 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2007-5-24 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-11 108552]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.sys [2007-5-24 6016]
R1 ShockMgr;ShockMgr;c:\windows\system32\drivers\ShockMgr.sys [2007-5-24 4608]
R1 TPPWRIF;TPPWRIF;c:\windows\system32\drivers\TPPWRIF.SYS [2007-5-24 4442]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-11 298776]
R2 ibmfilter;ibmfilter;c:\windows\system32\drivers\ibmfilter.sys [2004-12-16 63616]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [1980-1-1 14336]
R2 PGPdisk;PGPdisk;c:\windows\system32\drivers\PGPdisk.sys [2007-5-24 138720]
R2 PGPsdkDriver;PGPsdkDriver;c:\windows\system32\drivers\PGPsdk.sys [2007-5-24 26624]
R3 TPInput;TPInput;c:\windows\system32\drivers\TPInput.sys [2007-5-24 6016]
S2 MCUSBICD2;Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS);c:\windows\system32\drivers\icd2w2k.sys [2004-3-22 12427]
S2 MCUSBICD2LDR;Microchip MPLAB ICD 2 Firmware Loader Driver (ICD2W2KL.SYS);c:\windows\system32\drivers\icd2w2kl.sys [2004-3-22 16556]
S3 CD-Lock;CD-Lock;\??\e:\cdm.sys --> e:\cdm.sys [?]
S3 W2usbpad;W2usbpad;c:\windows\system32\drivers\w2usbpad.sys [2007-5-31 24576]
S3 Wtcls2k;Wtcls2k;c:\windows\system32\drivers\wtcls2k.sys [2007-5-31 12800]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2006-12-2 2805000]
S4 PGPsdkServ;PGPsdkService;c:\windows\system32\PGPsdkServ.exe [2007-5-24 77824]

=============== Created Last 30 ================

2009-05-08 23:07 <DIR> --d----- c:\program files\Total War
2009-05-08 23:07 0 a------- c:\windows\_INS33IS._MP
2009-05-08 23:07 268 a------- c:\windows\_delis32.ini
2009-05-07 09:16 <DIR> --d----- c:\docume~1\it-corp\applic~1\TVU networks
2009-05-06 11:39 <DIR> --d----- c:\program files\ChartNexus
2009-05-05 18:33 <DIR> --d----- c:\docume~1\it-corp\applic~1\Malwarebytes
2009-05-05 18:33 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-05 18:33 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-05 18:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-05 18:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-05 13:07 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-05 12:43 <DIR> --d----- c:\program files\Trend Micro
2009-05-05 12:16 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-04-11 10:43 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-04-11 10:43 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-04-11 10:43 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-11 10:42 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-04-11 10:42 <DIR> --d----- c:\program files\AVG
2009-04-11 10:42 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-04-10 16:26 <DIR> --d----- c:\docume~1\it-corp\applic~1\Samsung
2009-04-10 16:25 5,632 a------- c:\windows\system32\drivers\StarOpen.sys

==================== Find3M ====================

2009-03-21 22:18 986,112 a------- c:\windows\system32\dllcache\kernel32.dll
2009-03-10 22:18 934,792 -------- c:\windows\system32\dllcache\WgaTray.exe
2009-03-10 22:18 239,496 -------- c:\windows\system32\dllcache\wgaLogon.dll
2009-03-06 22:00 284,160 a------- c:\windows\system32\pdh.dll
2009-03-06 22:00 284,160 a------- c:\windows\system32\dllcache\pdh.dll
2009-03-03 07:27 1,499,136 a------- c:\windows\system32\dllcache\shdocvw.dll
2009-02-21 05:44 3,067,904 a------- c:\windows\system32\dllcache\mshtml.dll
2009-02-19 17:50 18,432 a------- c:\windows\system32\dllcache\iedw.exe
2009-02-10 18:31 453,120 a------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-02-09 18:20 1,847,424 a------- c:\windows\system32\win32k.sys
2009-02-09 18:20 1,847,424 a------- c:\windows\system32\dllcache\win32k.sys
2009-02-09 18:01 728,576 a------- c:\windows\system32\lsasrv.dll
2009-02-09 18:01 728,576 a------- c:\windows\system32\dllcache\lsasrv.dll
2009-02-09 18:01 617,984 a------- c:\windows\system32\dllcache\advapi32.dll
2009-02-09 18:01 617,984 a------- c:\windows\system32\advapi32.dll
2009-02-09 18:01 473,088 a------- c:\windows\system32\dllcache\fastprox.dll
2009-02-09 18:01 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 18:01 401,408 a------- c:\windows\system32\dllcache\rpcss.dll
2009-02-09 18:01 715,264 a------- c:\windows\system32\ntdll.dll
2009-02-09 18:01 715,264 a------- c:\windows\system32\dllcache\ntdll.dll
2008-06-21 22:03 5,939 a------- c:\program files\install.log
2007-09-27 14:53 25,120 a------- c:\docume~1\it-corp\applic~1\GDIPFONTCACHEV1.DAT

============= FINISH: 16:36:29.53 ===============


Attach Log:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 24/05/2007 6:31:43 AM
System Uptime: 05/09/2009 4:14:53 PM (-2856 hours ago)

Motherboard: IBM | | 1872CA4
Processor: Intel(R) Pentium(R) M processor 1.86GHz | None | 1862/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 52 GiB total, 10.134 GiB free.
D: is CDROM ()
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP96: 05/05/2009 8:14:05 PM - System Checkpoint
RP97: 05/05/2009 11:24:04 PM - Installed Windows XP WgaNotify.
RP98: 06/05/2009 6:01:55 PM - Software Distribution Service 3.0
RP99: 07/05/2009 10:04:11 PM - System Checkpoint
RP100: 08/05/2009 10:29:29 PM - System Checkpoint

==== Installed Programs ======================

Access IBM
Access IBM Message Center
Adobe Acrobat 5.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 6.0
Adobe Shockwave Player
AGEIA PhysX v7.11.13
AnVir Task Manager Free
Apple Software Update
AVG 8.5
BlueSoleil
BroadBand on Mobile
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon iP1300
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
ChartNexus 2.4.1
Choice Guard
CIC Sign-it EX for Acrobat
Compatibility Pack for the 2007 Office system
Easy-WebPrint
EMAS
ePad USB Driver
Eusing Free Registry Cleaner
FlashGet 1.9.0.1012
Garena
HijackThis 2.0.2
Hotfix for Windows XP (KB909394)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
HouseCall 6.6
IBM 32-bit Runtime Environment for Java 2, v1.4.2
IBM Active Protection System
IBM DLA
IBM Integrated 56K Modem
IBM Rescue and Recovery with Rapid Restore
IBM SATA Power Management Driver
IBM Themes
IBM ThinkPad Configuration
IBM ThinkPad EasyEject Utility
IBM ThinkPad Keyboard Customizer Utility
IBM ThinkPad Power Management Driver
IBM ThinkPad Power Manager
IBM ThinkPad Presentation Director
IBM ThinkPad UltraNav Driver
IBM ThinkPad UltraNav Wizard
IBM ThinkVantage Technologies Welcome Message
IBM TrackPoint Accessibility Features
IBM Update Connector
Intel(R) Graphics Media Accelerator Driver
Intel(R) Sebring API
InterVideo WinDVD
Java(TM) 6 Update 13
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
K-Lite Codec Pack 4.5.3 (Full)
Malwarebytes' Anti-Malware
Microsoft .NET Compact Framework 1.0 SP3 Developer
Microsoft .NET Compact Framework 2.0
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft .NET Framework 3.5
Microsoft Application Error Reporting
Microsoft Device Emulator version 1.0 - ENU
Microsoft Document Explorer 2005
Microsoft Office XP Professional with FrontPage
Microsoft Robotics Developer Studio 2008
Microsoft Robotics Studio (1.5)
Microsoft Robotics Studio Help
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Mobile [ENU] Developer Tools
Microsoft Virtual PC 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual Studio 2005 Professional Edition - ENU
Microsoft Visual Studio 2005 Professional Edition - ENU Service Pack 1 (KB926601)
Microsoft XNA Framework
Microsoft XNA Framework Redistributable 1.0 Refresh
Microsoft XNA Framework Redistributable 2.0
MilkShape 3D 1.8.2
Mozilla Firefox (3.0.10)
MPLAB C18 v3.12 Student Edition
MSDN Library for Visual Studio 2005
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Paint.NET v3.36
PC-Doctor for Windows
PGP 8.0
PowerISO
QuickTime
Realterm 2.0.0.43
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile USB Modem ^^
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio
Samsung PC Studio 3 USB Driver Installer
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB937061)
Security Update for Microsoft Visual Studio 2005 Professional Edition - ENU (KB947738)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944338)
Security Update for Windows XP (KB944533)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB947864)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB963027)
Segoe UI
ShellExView
Shogun Total War
Skype™ 3.8
Sonic Express Labeler
Sonic RecordNow!
Sonic Update Manager
ThinkPad FullScreen Magnifier
ThinkPad Software Installer
ThinkVantage Access Connections
TVUPlayer 2.4.3.1
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
Update for Windows XP (KB946627)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Wallpapers
Warcraft III: All Products
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix - KB894476
Windows Media Player Firefox Plugin
Windows Presentation Foundation
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883517
Windows XP Hotfix - KB883523
Windows XP Hotfix - KB884020
Windows XP Hotfix - KB884868
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB885894
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB889673
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0

==== Event Viewer Messages From Past Week ========

08/05/2009 7:07:30 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.
05/05/2009 3:10:29 AM, error: Service Control Manager [7000] - The Microchip MPLAB ICD 2 Firmware Loader Driver (ICD2W2KL.SYS) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
05/05/2009 3:10:29 AM, error: Service Control Manager [7000] - The Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
03/05/2009 2:42:14 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8024002d: Office XP Service Pack 3.

==== End Of File ===========================


Gmer Log:

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-05-09 18:12:34
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT spqz.sys ZwCreateKey [0xB9EA80E0]
SSDT spqz.sys ZwEnumerateKey [0xB9EC6CA2]
SSDT spqz.sys ZwEnumerateValueKey [0xB9EC7030]
SSDT spqz.sys ZwOpenKey [0xB9EA80C0]
SSDT spqz.sys ZwQueryKey [0xB9EC7108]
SSDT spqz.sys ZwQueryValueKey [0xB9EC6F88]
SSDT spqz.sys ZwSetValueKey [0xB9EC719A]

INT 0x62 ? 8A1C8BF8
INT 0x63 ? 8A050F00
INT 0x82 ? 8A1C8BF8
INT 0x94 ? 8A050F00
INT 0xA4 ? 8A050F00
INT 0xB4 ? 8A050F00

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A1C71F8

AttachedDevice \FileSystem\Ntfs \Ntfs PGPsdk.sys (PGP Software Development Kit NT Driver/PGP Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{2D5A6FD3-050B-4F79-B2BD-A391DA2284E6} 894B41F8

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 TPInput.sys (IBM SATA Power Management Driver/IBM Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 PGPsdk.sys (PGP Software Development Kit NT Driver/PGP Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 TPInput.sys (IBM SATA Power Management Driver/IBM Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 PGPsdk.sys (PGP Software Development Kit NT Driver/PGP Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \Driver\usbuhci \Device\USBPDO-0 8A0161F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A15B1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8A15B1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8A15B1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8A15B1F8
Device \Driver\usbuhci \Device\USBPDO-1 8A0161F8
Device \Driver\usbuhci \Device\USBPDO-2 8A0161F8
Device \Driver\usbuhci \Device\USBPDO-3 8A0161F8
Device \Driver\usbehci \Device\USBPDO-4 89FEE1F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A1C91F8
Device \Driver\Cdrom \Device\CdRom0 89FAA1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A1C91F8
Device \Driver\Cdrom \Device\CdRom1 89FAA1F8
Device \Driver\atapi \Device\Ide\IdePort0 8A1C81F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A1C81F8
Device \Driver\atapi \Device\Ide\IdePort1 8A1C81F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e 8A1C81F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{E161A8D5-84A9-4FA1-85A0-EE313E7D74C6} 894B41F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 894B41F8
Device \Driver\PCI_PNP6004 \Device\00000077 spqz.sys
Device \Driver\NetBT \Device\NetbiosSmb 894B41F8
Device \Driver\sptd \Device\1028148504 spqz.sys

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8A0161F8
Device \Driver\usbuhci \Device\USBFDO-1 8A0161F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8947F1F8
Device \Driver\usbuhci \Device\USBFDO-2 8A0161F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8947F1F8
Device \Driver\usbuhci \Device\USBFDO-3 8A0161F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{FE70D9FF-311E-4845-814C-2796AA89BB37} 894B41F8
Device \Driver\usbehci \Device\USBFDO-4 89FEE1F8
Device \Driver\Ftdisk \Device\FtControl 8A1C91F8
Device \Driver\a8rxqlfg \Device\Scsi\a8rxqlfg1 89FA51F8
Device \Driver\a8rxqlfg \Device\Scsi\a8rxqlfg1Port2Path0Target0Lun0 89FA51F8
Device \FileSystem\Fastfat \Fat 8945A1F8
Device \FileSystem\Fastfat \Fat A76271F9

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs 8945D1F8
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Modules - GMER 1.0.15 ----

Module (noname) (*** hidden *** ) BA378000-BA37F880 (30848 bytes)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x38 0x46 0xF5 0x94 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x41 0xE9 0x14 0x84 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x83 0x46 0xC2 0xE9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x38 0x46 0xF5 0x94 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x41 0xE9 0x14 0x84 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x83 0x46 0xC2 0xE9 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9040820900063D11C8EF00054038389C\Usage@HandWritingFiles 984158875

---- Files - GMER 1.0.15 ----

File C:\RRUbackups\Documents and Settings 0 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP 0 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data 0 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft 0 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft\Protect 0 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft\Protect\CREDHIST 160 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft\Protect\S-1-5-21-85064697-1809139202-649963619-1005 0 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft\Protect\S-1-5-21-85064697-1809139202-649963619-1005\1d8c3369-2b90-4d15-bcf4-0b071f6847d4 388 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft\Protect\S-1-5-21-85064697-1809139202-649963619-1005\61d4ffae-231b-493b-af08-9104c06756a6 388 bytes
File C:\RRUbackups\Documents and Settings\IT-CORP\Application Data\Microsoft\Protect\S-1-5-21-85064697-1809139202-649963619-1005\Preferred 24 bytes
File C:\RRUbackups\hints.dat 8192 bytes
File C:\RRUbackups\pu.dat 224 bytes
File C:\RRUbackups\SAM 262144 bytes
File C:\RRUbackups\system 7077888 bytes
File C:\RRUbackups\system.dat 12288 bytes

---- EOF - GMER 1.0.15 ----
Tommie
Regular Member
 
Posts: 116
Joined: September 22nd, 2005, 6:37 am
Top

Re: suspected malware.

Unread postby jmw3 » May 9th, 2009, 11:20 am

Hi

Don't see anything suspicious in any of the logs, however one thing stands out that may be a cause of system slow down:
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: Norton AntiVirus 2005 *On-access scanning enabled* (Updated)
Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash.
Although Norton is missing from your Add/Remove Programs section of your Control Panel can you confirm you are only running AVG 8.5
If Norton AV was previously uninstalled, let me know and we will de-register it from your WMI.

Remove Programs
Click Start > Control Panel > Add/Remove Programs
Remove these programs by clicking Remove

Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1

If some programs listed are not present, please do not panic


Update Adobe Reader
Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version: Adobe Reader 9.1
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Adobe 9 is a large program and if you prefer a smaller program you can get Foxit 3 instead from http://www.foxitsoftware.com/pdf/rd_intro.php

Registry Cleaners

Re: Eusing Free Registry Cleaner

I don't personally recommend the use of ANY registry cleaners.
Here is an excerpt from a discussion on regcleaners:
Most reg cleaners aren't "bad" as such, but they aren't perfect and even the best have been known to cause problems.
The point we are trying to make is that the risk of using one far outweighs any benefit.
If it does work perfectly you will not see any difference
If it doesn't work properly you may end up with an expensive doorstop.

http://forums.whatthetech.com/Regcleaner_t42862.html

I see you have Malwarbytes' AntiMalware. Let's give that a run.

Malwarebytes' Anti-Malware
  • Open Malwarebytes' Anti-Malware, click the Update tab then Check for Updates
  • If an update is found, it will download and install the latest version & database version - version 1.36 & database version 2099 at the time of this post
  • Once the program has updated, click the Scanner tab & select Perform full scan, then click Scan
  • When the scan is complete, click OK, then Show Results to view the results
  • Be sure that everything is checked, and click Remove Selected
  • When completed, a log will open in Notepad. Please copy & paste the log back into your next reply
    Note:
  • The log is automatically saved by Malwarebytes' Anti-Malware & can be viewed by clicking the Logs tab
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either & let Malwarebytes' Anti-Malware proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.
If you receive an (Error Loading) error on reboot please reboot a second time . It is normal for this error to occur once & does not need to be reported unless it returns on future reboots.

To post in next reply:
Malwarebytes log
Update on how the computer is running / problems
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: suspected malware.

Unread postby Tommie » May 10th, 2009, 1:45 pm

Malwarebytes' Anti-Malware 1.36
Database version: 2099
Windows 5.1.2600 Service Pack 2

10/05/2009 2:16:23 PM
mbam-log-2009-05-10 (14-16-23).txt

Scan type: Full Scan (C:\|)
Objects scanned: 198537
Time elapsed: 1 hour(s), 12 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Glad to see that my computer is clean based on what I've seen from the results. I've checked that there are no Norton files in my computer anymore. So my main anti-virus will be AVG. You know there's this weird problem with my laptop.

Sometimes when I try to open any programs for example like Firefox or Windows media player, my taskbar will just hang there and I couldn't click on a single thing. Only when I plucked out my ethernet lan cable from my laptop, programs that were being clicked to opened previously will then start popping up all at 1 shot.

Not only this, sometimes when it comes to starting up or shutting down, I would need to do that in order for it to operate normally. How do I solve this?

Thanks.
Tommie
Regular Member
 
Posts: 116
Joined: September 22nd, 2005, 6:37 am
Top

Re: suspected malware.

Unread postby jmw3 » May 10th, 2009, 8:47 pm

Hello Tommie
If you want to deregister The Norton products do this:

**Note: Make sure you only delete [b]Norton products[/b]
  • Click Start > Run & copy/paste wbemtest into the Run box then click OK
  • Click Connect
  • Copy/paste root/securitycenter into the Namespace box then click Connect
  • Click Query
  • Copy/paste SELECT * FROM AntiVirusProduct under Enter Query then click Apply
  • If there is more than one result, it means there is more than one Antivirus program registered
  • Double-click on each result to view the properties for that Antivirus product
  • Identify the product(s) registered by scrolling down to companyName then click Close
  • In the Query Result window, click Delete for any Antivirus software that is no longer installed
  • Click Query
  • Copy/paste SELECT * FROM FirewallProduct under Enter Query then click Apply
  • If there is more than one result, it means there is more than one Firewall program registered
  • Double-click on each result to view the properties for that Firewall product
  • Identify the product(s) registered by scrolling down to companyName then click Close
  • In the Query Result window, click Delete for any Firewall software that is no longer installed
  • Click Close then Exit
With regard to the system lag all I can suggest is to follow the procedures outlined here: What to do if your Computer is running slowly

Let me know how you go. Bare in mind that this is a dedicated Malware Removal forum & as this problem does not appear to be malware related I may have to refer you elsewhere for specialist help.
User avatar
jmw3
MRU Emeritus
MRU Emeritus
 
Posts: 4621
Joined: February 12th, 2008, 2:36 am
Location: Port Hedland, Western Australia
Top

Re: suspected malware.

Unread postby NonSuch » May 15th, 2009, 9:42 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Advertisement
Register to Remove
Topic locked
  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 537 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index