Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Security Central infection. Full details included

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Security Central infection. Full details included

Unread postby Tapster » December 21st, 2009, 4:19 pm

info.txt


info.txt logfile of random's system information tool 1.06 2009-12-21 22:13:39

======Uninstall list======

-->"C:\Program Files\Common Files\aolshare\Coach\AolCInUn.exe" -lang="en-uk"
-->C:\PROGRA~1\COMMON~1\AOL\ACS\AcsUninstall.exe /c
-->C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
-->C:\PROGRA~1\GOTOSO~1\VADERE~1\UNWISE.EXE C:\PROGRA~1\GOTOSO~1\VADERE~1\INSTALL.LOG
-->C:\PROGRA~1\Norman\NORMAN~1\UNWISE.EXE C:\PROGRA~1\Norman\NORMAN~1\INSTALL.LOG
-->C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
-->C:\Program Files\Common Files\aolshare\Aolunins_uk.exe
-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
-->MsiExec.exe /I{8B543A39-9401-44F4-B572-069E64C15189}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9CFBD8-8F77-4DCD-8CB5-CDD5F653C872}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AFA4872-16B2-419E-ADCA-8E96E739115D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F4E57F49-84B4-4CF2-B0A1-8CA1752BDF7E}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3ivx D4 4.5.1 (remove only)-->"C:\Program Files\3ivx\3ivx D4 4.5.1\uninstall.exe"
Acronis True Image Home-->MsiExec.exe /X{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft MediaImpression for Kodak-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{661F85B9-FB7F-4884-BFCB-09C71930BA8F}\setup.exe" -l0x9
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Avanquest update-->C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x0009 -removeonly
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon MP Navigator EX 1.0-->"C:\Program Files\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 1.0\uninst.ini
Canon MP210 series User Registration-->C:\Program Files\Canon\IJEREG\MP210 series\UNINST.EXE
Canon MP210 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series /L0x0009
Canon My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Compel Adaptec WinASPI-->"C:\Program Files\WinASPI\unins000.exe"
ConvertHelper 2.2-->"C:\Program Files\ConvertHelper\unins000.exe"
Copernic Agent Basic-->"C:\WINDOWS\CopernicAgentUninstall.exe" /ARGSFILE="C:\Program Files\Copernic Agent\unwise.dat"
Copernic Desktop Search - Home-->C:\Program Files\Copernic Desktop Search 2\uninst.exe
Data Doctor Recovery Memory Card (Demo)-->C:\Program Files\Data Doctor Recovery Memory Card (Demo)\Uninstall.exe
Data Doctor Recovery Memory Card 3.0.1.5-->C:\Program Files\Data Doctor Recovery Memory Card\Uninstall.exe
EVEREST Ultimate Edition v4.00-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
ExplorerXP (remove only)-->C:\Program Files\ExplorerXP\Uninst.exe
FaxTools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F45298E5-0083-426F-A668-1A2C5F04B8A0}\setup.exe" -l0x9 ControlPanel
Firefox Preloader-->"C:\Program Files\FirefoxPreloader\unins000.exe"
FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe
GearDrvs-->MsiExec.exe /I{228F6876-A313-40A3-91C0-C3CBE6997D09}
GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}
GIMP 2.6.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
Google SketchUp 7.1-->MsiExec.exe /X{AFD9E698-03C2-4E88-80A6-1496562D4304}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_D57B8B2BCE0DE3EE.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"D:\Documents and Settings\Windows User\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
HP Image Zone Express-->MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
L&H TTS3000 British English-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSENG.inf, Uninstall
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech QuickCam-->MsiExec.exe /X{364EC092-93CF-4DDC-9D7A-7278452028E0}
Macromedia Flash Player 8-->MsiExec.exe /X{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}
Macromedia Shockwave Player-->MsiExec.exe /X{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mares DRAK 1.0-->C:\Program Files\InstallShield Installation Information\{2923AC37-3DCB-4591-BE41-CC7448BD3E09}\setup.exe -runfromtemp -l0x0409
Maxtor OneTouch-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{231F68F4-70E4-41A6-BEDA-7E7934169B54} /l1033
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft AutoRoute Express Europe 98-->C:\Program Files\Common Files\Microsoft Shared\Geography\Setup\acmsetup.exe /U /T SEU60809.stf
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel Viewer-->MsiExec.exe /I{95120000-003F-0409-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MindGenius Home 2-->MsiExec.exe /I{AE6D52CC-F476-4944-9610-6F1C2DD48E94}
Mobile Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}\setup.exe" -l0x9 -removeonly
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
Motorola SM56 Data Fax Modem-->rundll32.exe sm56co.dll,SM56UnInstaller
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
My Blood Pressure v2.11-->"C:\Program Files\My-BP\unins000.exe"
Next Generation Visualisations-->MsiExec.exe /I{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}
Norton 360 (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{2D617065-1C52-4240-B5BC-C0AE12157777}_1_0_0_184\{2D617065-1C52-4240-B5BC-C0AE12157777}.exe" /X
Norton 360 Help-->MsiExec.exe /I{1CA941F1-5006-487E-9FD4-09F812A7D6B8}
Norton 360-->MsiExec.exe /I{21829177-4DED-4209-AD08-490B3AC9C01A}
Norton 360-->MsiExec.exe /I{2D617065-1C52-4240-B5BC-C0AE12157777}
Norton 360-->MsiExec.exe /I{40DA9A54-48CA-4A2C-AEAF-F67715BB046E}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Authentification Component-->MsiExec.exe /I{3074EB89-1BCA-4AEF-AFF4-EFB4634C1923}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OGA Notifier 1.7.0105.35.0-->MsiExec.exe /I{B148AB4B-C8FA-474B-B981-F2943C5B5BCD}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
rjhExtensions-->C:\PROGRA~1\RJHEXT~1\UNWISE.EXE C:\PROGRA~1\RJHEXT~1\INSTALL.LOG
Safari-->MsiExec.exe /I{9C48DCA4-00C2-449C-88D8-B1EE1692B44F}
Seagate Manager Installer-->"C:\Program Files\InstallShield Installation Information\{71883667-71F2-48A1-AB72-28D518D8AC4A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Seagate Manager Installer-->MsiExec.exe /X{71883667-71F2-48A1-AB72-28D518D8AC4A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Security Update for Windows Media Encoder (KB954156)-->"C:\WINDOWS\$NtUninstallKB954156_WM9L$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)-->C:\WINDOWS\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SM56Tester-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8C546E2-8741-407E-8F27-DF848A084F61}\Setup.exe" -l0x9 -removeonly
SmartSound Quicktracks Plugin-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sony Ericsson PC Suite 1.20.224-->MsiExec.exe /I{7689CA7A-1270-425A-9959-EB4CB25EA29A}
SPBBC 32bit-->MsiExec.exe /I{77772678-817F-4401-9301-ED1D01A8DA56}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SuppSoft-->MsiExec.exe /I{022DA2C3-81C7-4003-A6BC-1BB147B20097}
Symantec Technical Support Controls-->MsiExec.exe /I{92B1B3CC-EC78-45B8-96D0-8B3F11495864}
Symantec Technical Support Web Controls-->MsiExec.exe /X{20C53FA2-4307-4671-A93F-9463B29DFCF1}
SymNet-->MsiExec.exe /I{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}
Total 3D Home, Landscape & Deck Premium Suite-->C:\PROGRA~1\TOTAL3~1\UNWISE.EXE C:\PROGRA~1\TOTAL3~1\INSTALL.LOG
Ulead PhotoImpact 10 SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A065EA0-0EEC-4E94-A2A0-40812576C122}\setup.exe" -l0x9
Ulead VideoStudio 9.0 SE DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EAB2384-C794-40ED-A9DD-3270A0D2BB76}\setup.exe" -l0x9
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe"
Update for Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
VirusTotal Uploader 2.0-->"C:\Program Files\VirusTotalUploader2\uninstall.exe"
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB908246-->"C:\WINDOWS\$NtUninstallKB908246$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB912067-->"C:\WINDOWS\$NtUninstallKB912067$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB914548-->"C:\WINDOWS\$NtUninstallKB914548$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
X10 Hardware(TM)-->C:\WINDOWS\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
Xvid 1.1.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"

=====HijackThis Backups=====

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) [2009-12-21]

======Security center information======

AV: Norton 360
FW: Norton 360

======System event log======

Computer Name: SUPERCOMPUTER
Event Code: 17
Message: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.nist.gov,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Record Number: 4138
Source Name: W32Time
Time Written: 20091204184204.000000+120
Event Type: error
User:

Computer Name: SUPERCOMPUTER
Event Code: 16
Message: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Record Number: 4136
Source Name: Windows Update Agent
Time Written: 20091204184105.000000+120
Event Type: error
User:

Computer Name: SUPERCOMPUTER
Event Code: 7000
Message: The Ulead Burning Helper service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 4113
Source Name: Service Control Manager
Time Written: 20091204184009.000000+120
Event Type: error
User:

Computer Name: SUPERCOMPUTER
Event Code: 16
Message: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Record Number: 2972
Source Name: Windows Update Agent
Time Written: 20091128091603.000000+120
Event Type: error
User:

Computer Name: SUPERCOMPUTER
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Record Number: 2668
Source Name: W32Time
Time Written: 20091128001009.000000+120
Event Type: warning
User:

=====Application event log=====

Computer Name: SUPERCOMPUTER
Event Code: 20
Message:
Record Number: 68015
Source Name: Google Update
Time Written: 20091127052317.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: SUPERCOMPUTER
Event Code: 20
Message:
Record Number: 68002
Source Name: Google Update
Time Written: 20091127042314.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: SUPERCOMPUTER
Event Code: 20
Message:
Record Number: 67990
Source Name: Google Update
Time Written: 20091127032316.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: SUPERCOMPUTER
Event Code: 20
Message:
Record Number: 67977
Source Name: Google Update
Time Written: 20091127022346.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

Computer Name: SUPERCOMPUTER
Event Code: 20
Message:
Record Number: 67965
Source Name: Google Update
Time Written: 20091127012325.000000+120
Event Type: error
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Apps\Softex\OmniPass;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\VXIPNP\WinNT\Bin;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"VXIPNPPATH"=C:\VXIPNP\
"DEFAULT_CA_NR"=CA6
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am
Advertisement
Register to Remove

Re: Security Central infection. Full details included

Unread postby Tapster » December 21st, 2009, 5:55 pm

And now....one of the shorter logs you have received!

:cheers:

ESET found no problems:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=b207261e40f565469b76c34b855ae7df
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-12-21 09:37:27
# local_time=2009-12-21 11:37:27 (+0200, South Africa Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 220 220 0 0
# scanned=152174
# found=0
# cleaned=0
# scan_time=4070


PC performance has been normal, ticking along at 0-9% CPU and nothing unexpected in the process list.

I hope this means we're getting close to the all clear.

Bye for now,

David
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Cypher » December 23rd, 2009, 5:31 am

Hi David.
I hope this means we're getting close to the all clear.

Please have patience we want to make sure your system is clean.

Your mentioned this in your first post.
Code: Select all
I've just done a Maywarebytes scan of the infected PC today there are now SIX infected items!!
I would like to get a look at the logs from the last two scans of Maywarebytes you ran.
Please launch malwarebytes anti-malware and click on Logs.
The logs are time dated, please post the logs from the last two scans in your next post.


Looking back over your logs i noticed this for the file i asked you to upload..
File gmer.exe received on 2009.12.17 16:43:54

And.
Filename: igc5shp9.exe

The file i asked you to upload was crtn67sb.exe.
Did you upload those files yourself?

Ok we need to check this file again.
Please be sure it's the results for crtn67sb.exe you post this time.

Upload a File to Jotti

Please go to jotti.org

Copy/paste this file and path into the white box at the top:
C:\Program Files\crtn67sb.exe

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.

If you have trouble using jotti try Virustotal


In your next reply.


  • The two Maywarebyteslogs.
  • jotti or virustotal results for crtn67sb.exe.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 2:39 pm

Hi Cypher, please see the pm that I've just sent you about the issues in your post.
I hoped the pm would get to you quicker than my replying to your post.
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 2:50 pm

Hi Cypher,

When I browsed to C:\program files\crtn67sb.exe using Virustotal just a few minutes ago it said:


"File has already been analysed:
MD5: f80f6e09e7f4bafe478ca0da6137e1e2
First received: 2009.12.15 10:56:33 UTC
Date: 2009.12.23 18:09:14 UTC [<1D]
Results: 0/39
Permalink: analisis/682fd0d13d7caf4b17a1eb9bafa0a3c3598139bb3623d3f5fba3bfbd0a6d424a-1261591754"


It gave me the option to re-analyse the file.
I re-analysed the file and the results were:


File crtn67sb.exe received on 2009.12.23 18:41:04 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/41 (0%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 40 and 57 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.5.0.43 2009.12.23 -
AhnLab-V3 5.0.0.2 2009.12.23 -
AntiVir 7.9.1.122 2009.12.23 -
Antiy-AVL 2.0.3.7 2009.12.23 -
Authentium 5.2.0.5 2009.12.23 -
Avast 4.8.1351.0 2009.12.23 -
AVG 8.5.0.430 2009.12.23 -
BitDefender 7.2 2009.12.23 -
CAT-QuickHeal 10.00 2009.12.23 -
ClamAV 0.94.1 2009.12.23 -
Comodo 3342 2009.12.23 -
DrWeb 5.0.1.12222 2009.12.23 -
eSafe 7.0.17.0 2009.12.23 -
eTrust-Vet 35.1.7193 2009.12.23 -
F-Prot 4.5.1.85 2009.12.23 -
F-Secure 9.0.15370.0 2009.12.23 -
Fortinet 4.0.14.0 2009.12.23 -
GData 19 2009.12.23 -
Ikarus T3.1.1.79.0 2009.12.23 -
Jiangmin 13.0.900 2009.12.23 -
K7AntiVirus 7.10.926 2009.12.22 -
Kaspersky 7.0.0.125 2009.12.23 -
McAfee 5841 2009.12.23 -
McAfee+Artemis 5841 2009.12.23 -
McAfee-GW-Edition 6.8.5 2009.12.23 -
Microsoft 1.5302 2009.12.23 -
NOD32 4712 2009.12.23 -
Norman 6.04.03 2009.12.23 -
nProtect 2009.1.8.0 2009.12.23 -
Panda 10.0.2.2 2009.12.15 -
PCTools 7.0.3.5 2009.12.23 -
Prevx 3.0 2009.12.23 -
Rising 22.27.02.02 2009.12.23 -
Sophos 4.49.0 2009.12.23 -
Sunbelt 3.2.1858.2 2009.12.23 -
Symantec 1.4.4.12 2009.12.23 -
TheHacker 6.5.0.3.108 2009.12.23 -
TrendMicro 9.120.0.1004 2009.12.23 -
VBA32 3.12.12.0 2009.12.23 -
ViRobot 2009.12.23.2105 2009.12.23 -
VirusBuster 5.0.21.0 2009.12.23 -
Additional information
File size: 293376 bytes
MD5...: f80f6e09e7f4bafe478ca0da6137e1e2
SHA1..: 719082766cf4f60c8bdaa2b2c9f6967ecbcf8722
SHA256: 682fd0d13d7caf4b17a1eb9bafa0a3c3598139bb3623d3f5fba3bfbd0a6d424a
ssdeep: 6144:Uwbg2xeuJgWM/S1tm/xCIoQPJVZCzw5bEPb3cV9iYpTkyTFHS2:Uw82IZWM
61tUXRd9IPb3cVZkyp/
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xb3f40
timedatestamp.....: 0x4b2763f0 (Tue Dec 15 10:24:48 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x6d000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x6e000 0x47000 0x46200 7.93 7b777c30b7f75e5eb654691bb1616dcb
.rsrc 0xb5000 0x2000 0x1400 3.38 710fb4291f153e98a3a03f3473b8bfd6

( 1 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess

( 0 exports )
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): PE_Patch.UPX, UPX, PE_Patch
packers (F-Prot): UPX
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: 1, 0, 15, 15281
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned





or, in Virustotal's so-called 'compacted' form:




File crtn67sb.exe received on 2009.12.23 18:41:04 (UTC)
Antivirus Version Last Update Result
a-squared 4.5.0.43 2009.12.23 -
AhnLab-V3 5.0.0.2 2009.12.23 -
AntiVir 7.9.1.122 2009.12.23 -
Antiy-AVL 2.0.3.7 2009.12.23 -
Authentium 5.2.0.5 2009.12.23 -
Avast 4.8.1351.0 2009.12.23 -
AVG 8.5.0.430 2009.12.23 -
BitDefender 7.2 2009.12.23 -
CAT-QuickHeal 10.00 2009.12.23 -
ClamAV 0.94.1 2009.12.23 -
Comodo 3342 2009.12.23 -
DrWeb 5.0.1.12222 2009.12.23 -
eSafe 7.0.17.0 2009.12.23 -
eTrust-Vet 35.1.7193 2009.12.23 -
F-Prot 4.5.1.85 2009.12.23 -
F-Secure 9.0.15370.0 2009.12.23 -
Fortinet 4.0.14.0 2009.12.23 -
GData 19 2009.12.23 -
Ikarus T3.1.1.79.0 2009.12.23 -
Jiangmin 13.0.900 2009.12.23 -
K7AntiVirus 7.10.926 2009.12.22 -
Kaspersky 7.0.0.125 2009.12.23 -
McAfee 5841 2009.12.23 -
McAfee+Artemis 5841 2009.12.23 -
McAfee-GW-Edition 6.8.5 2009.12.23 -
Microsoft 1.5302 2009.12.23 -
NOD32 4712 2009.12.23 -
Norman 6.04.03 2009.12.23 -
nProtect 2009.1.8.0 2009.12.23 -
Panda 10.0.2.2 2009.12.15 -
PCTools 7.0.3.5 2009.12.23 -
Prevx 3.0 2009.12.23 -
Rising 22.27.02.02 2009.12.23 -
Sophos 4.49.0 2009.12.23 -
Sunbelt 3.2.1858.2 2009.12.23 -
Symantec 1.4.4.12 2009.12.23 -
TheHacker 6.5.0.3.108 2009.12.23 -
TrendMicro 9.120.0.1004 2009.12.23 -
VBA32 3.12.12.0 2009.12.23 -
ViRobot 2009.12.23.2105 2009.12.23 -
VirusBuster 5.0.21.0 2009.12.23 -
Additional information
File size: 293376 bytes
MD5...: f80f6e09e7f4bafe478ca0da6137e1e2
SHA1..: 719082766cf4f60c8bdaa2b2c9f6967ecbcf8722
SHA256: 682fd0d13d7caf4b17a1eb9bafa0a3c3598139bb3623d3f5fba3bfbd0a6d424a
ssdeep: 6144:Uwbg2xeuJgWM/S1tm/xCIoQPJVZCzw5bEPb3cV9iYpTkyTFHS2:Uw82IZWM<br>61tUXRd9IPb3cVZkyp/<br>
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0xb3f40<br>timedatestamp.....: 0x4b2763f0 (Tue Dec 15 10:24:48 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 3 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>UPX0 0x1000 0x6d000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>UPX1 0x6e000 0x47000 0x46200 7.93 7b777c30b7f75e5eb654691bb1616dcb<br>.rsrc 0xb5000 0x2000 0x1400 3.38 710fb4291f153e98a3a03f3473b8bfd6<br><br>( 1 imports ) <br>&gt; KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess<br><br>( 0 exports ) <br>
RDS...: NSRL Reference Data Set<br>-
packers (Kaspersky): PE_Patch.UPX, UPX, PE_Patch
packers (F-Prot): UPX
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)<br>Win32 EXE Yoda's Crypter (34.3%)<br>Win32 Executable Generic (11.0%)<br>Win32 Dynamic Link Library (generic) (9.8%)<br>Generic Win/DOS Executable (2.5%)
sigcheck:<br>publisher....: n/a<br>copyright....: n/a<br>product......: n/a<br>description..: n/a<br>original name: n/a<br>internal name: n/a<br>file version.: 1, 0, 15, 15281<br>comments.....: n/a<br>signers......: -<br>signing date.: -<br>verified.....: Unsigned<br>
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Cypher » December 23rd, 2009, 3:01 pm

Hi David.
Thats great thank you.
Please post the malwarebytes logs when ready :)
Last edited by Cypher on December 23rd, 2009, 3:11 pm, edited 1 time in total.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:08 pm

Hello again Cypher,

When I browsed to C:\program files\crtn67sb.exe using Jotti, again just a few minutes ago it said:


"Jotti's malware scan
This file has been scanned before. The results for this previous scan are listed below.
Filename: igc5shp9.exe"



I asked for the file to be scanned again and received these results:



Jotti's malware scan
Filename: crtn67sb.exe
Status:
Scan finished. 1 out of 21 scanners reported malware.
Scan taken on: Wed 23 Dec 2009 19:57:38 (CET) Permalink

Additional info
File size: 293376 bytes
Filetype: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5: f80f6e09e7f4bafe478ca0da6137e1e2
SHA1: 719082766cf4f60c8bdaa2b2c9f6967ecbcf8722
Packer (Avast): UPX
Packer (Drweb): UPX
Packer (Kaspersky): PE_Patch.UPX, UPX




Scanners
[ArcaVir]
2009-12-23 Found nothing
[G DATA]
2009-12-23 Found nothing
[A-Squared]
2009-12-23 Found nothing
[Ikarus]
2009-12-23 Found nothing
[Avast! antivirus]
2009-12-23 Found nothing
[Kaspersky Anti-Virus]
2009-12-23 Found nothing
[Grisoft AVG Anti-Virus]
2009-12-22 Found nothing
[ESET NOD32]
2009-12-23 Found nothing
[Avira AntiVir]
2009-12-23 Found nothing
[Norman Virus Control]
2009-12-23 Found nothing
[Softwin BitDefender]
2009-12-23 Found nothing
[Panda Antivirus]
2009-12-23 Found nothing
[ClamAV]
2009-12-23 Found nothing
[Quick Heal]
2009-12-23 Found nothing
[CPsecure]
2009-12-23 Found nothing
[Sophos]
2009-12-23 Found nothing
[Dr.Web]
2009-12-23 Found nothing
[VirusBlokAda VBA32]
2009-12-22 Win32 Shadow Driver Install
[Frisk F-Prot Antivirus]
2009-12-23 Found nothing
[VirusBuster]
2009-12-23 Found nothing
[F-Secure Anti-Virus]
2009-12-23 Found nothing




RESULT!!

Even though I did exactly the same procedure with both scanning programs this time as last time the files scanned were registered as the one you asked for instead of the gmer.exe and igc5shp9.exe




OK, now for the Malwarebytes logs:

I now have seven Malwarebytes logs and I'm not sure which ones you want, so I'm posting them all in separate posts, starting with the oldest one here:



Malwarebytes' Anti-Malware 1.41
Database version: 2914
Windows 5.1.2600 Service Pack 3

06/10/2009 11:49:42
mbam-log-2009-10-06 (11-49-42).txt

Scan type: Quick Scan
Objects scanned: 109881
Time elapsed: 6 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:09 pm

Malwarebytes' Anti-Malware 1.41
Database version: 2930
Windows 5.1.2600 Service Pack 3

15/10/2009 14:56:59
mbam-log-2009-10-15 (14-56-59).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 220011
Time elapsed: 45 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:09 pm

Malwarebytes' Anti-Malware 1.41
Database version: 2930
Windows 5.1.2600 Service Pack 3

11/11/2009 11:44:40
mbam-log-2009-11-11 (11-44-40).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 217504
Time elapsed: 45 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:10 pm

Malwarebytes' Anti-Malware 1.41
Database version: 2930
Windows 5.1.2600 Service Pack 3

16/11/2009 16:24:10
mbam-log-2009-11-16 (16-24-10).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 222649
Time elapsed: 45 minute(s), 33 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:10 pm

Malwarebytes' Anti-Malware 1.41
Database version: 2930
Windows 5.1.2600 Service Pack 3 (Safe Mode)

07/12/2009 20:48:51
mbam-log-2009-12-07 (20-48-51).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 20008
Time elapsed: 1 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:11 pm

Malwarebytes' Anti-Malware 1.42
Database version: 3328
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09/12/2009 09:01:46
mbam-log-2009-12-09 (09-01-46).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 230314
Time elapsed: 46 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\xbwg.oko (Backdoor.Bot) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\security central (Rogue.SecurityCentral) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe xbwg.oko xugptq) Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\xbwg.oko (Backdoor.Bot) -> Delete on reboot.
D:\Documents and Settings\Windows User\Local Settings\temp\671.tmp (Backdoor.Bot) -> Quarantined and deleted successfully.
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:11 pm

Malwarebytes' Anti-Malware 1.42
Database version: 3328
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09/12/2009 09:53:38
mbam-log-2009-12-09 (09-53-38).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 230258
Time elapsed: 45 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Tapster » December 23rd, 2009, 3:15 pm

Phew!

That's a lot of posts!
I hope that's OK for you.

:)

System performance apparently A-OK as before.

Bye for now,

David
Tapster
Regular Member
 
Posts: 27
Joined: December 5th, 2009, 3:41 am

Re: Security Central infection. Full details included

Unread postby Cypher » December 24th, 2009, 7:21 am

Hi David.
Good work :thumbup:

your latest set of logs appear to be clean! :)

Now that you are clean, please follow these simple steps in order to keep your computer
clean and secure:



OTC

Download OTC by Old Timer and save it to your Desktop. This tool will remove all the tools we used to clean your pc.
  • Double-click OTC.exe
  • Click the CleanUp! button
  • Select Yes when the Begin cleanup Process? Prompt appears
  • If you are prompted to Reboot during the cleanup, select Yes
  • The tool will delete itself once it finishes, if not delete it by yourself

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.


Hide system files

  • Click Start > Open My Computer.
  • Go to Tools > Folder Options.
  • Select the View tab.
  • Scroll down to Hidden files and folders.
  • Select Do not show hidden files and folders.
  • Check (tick) Hide extensions of known file types.
  • Check (tick) Hide protected operating system files (Recommended).
  • Click OK.
  • Close My Computer.


Create a new, clean System Restore point

  • Create a new, clean System Restore point which you can use in case of future system problems:
  • Press Start >> All Programs >> Accessories >>System Tools >> System Restore
  • Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
  • Now remove old, infected System Restore points:
  • Next click Start >> Run and type cleanmgr in the box and press OK
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  • Press OK and Yes to confirm


Protection Programs
Don't forget to re-enable any protection programs we disabled during your fix.


Here are some free programs I recommend that could help you improve your computer's security.


Install Sitehound
SiteHound is a toolbar for Microsoft Internet Explorer and Mozilla Firefox which alerts you if you're about to enter a potentially dangerous website.
You can find more information and download it from Here


Install WinPatrol
As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.
For more information, please visit HERE


MVPS Hosts

Install MVPS Hosts File From Here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can Find the Tutorial HERE


Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check


Visit Microsoft often to get the latest updates for your computer
You can do that HERE

Read some information HERE On how to prevent Malware


Is your pc running slow?
Read What to do if your Computer is running slowly


I would be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Safe surfing and Happy holidays!
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 499 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware