Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 2009 & related problems


  • This topic is locked This topic is locked
1 reply to this topic

#1 Salguod

Salguod

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:06 AM

Posted 07 March 2009 - 01:08 PM

Hello.

First, I don't think I am currently infected by Antivirus 2009, because AVG seems to have removed it. However, I am still getting the warnings at the top of my browser window that say I am infected and that my system is at risk (such as: "Warning! Your system is in danger. YOUR COMPUTER IS IN need OF full scanning." or "18 Trojans WERE found on your machine! !!!FREE VIRUS SCAN!!!"). AVG scans (the free version) tell me that there is an infection that it cannot clean, "userinit.exe," because it is a vital system file, but it is infected with a trojan called SHeur2.<file-extension> or something very similar. There's also some kind of "Speeddial" file called "win32hlp" that keeps coming back after I tried deleting it before.

Along with this infection, there are some other infection, but they have apparently been removed. Despite that, side effects from the infections still linger. For example, my normal NOD32 anti-virus was disabled, and I can't get it to run even after trying to use the "Repair" option that came with the installer. This started before I began getting the antivirus 2009 warnings. Also, my firefox google toolbar recently stopped working (the search box), and I'm not sure if it's because of the infection of not. I also can't see the little window that shows up when I move my mouse over something (to be clear: for example, I can usually see a short preview when I move my mouse over a forum topic, but now it's just a tiny box with nothing in it.

While these are the immediate problems, I also have concerns about Virtumonde. I was first infected by it in late December 08, but I was able to remove it (or so I thought) using Spybot S&D, the "Unlocker" tool, and CCleaner. It was also the first malware that, to the best of my memory, got past NOD32 in my 2 years of use. Since then, though, NOD32 had been very unreliable, letting a variety of malware enter my system, like Smitfraud and more variants of Virtumonde. These infections happened almost once a week, but I didn't really think of looking for more professional help since I had been able to apparently remove them with Spybot or just going to system32 to delete the suspicious ddl's and similar files that were created around the time of my infection (I know this is kind of dangerous, but I check too see their filename, Company, Description, and particularly Date Created). From this experience, I suspect that Virtumonde is the root of my problems with all of this malware, and I hope you will be able to help fix the hidden infection that is allowing all of this malware in.

Here's the log:

DDS (Ver_09-02-01.01) - NTFSx86
Run by HP_Owner at 10:28:50.87 on Sat 03/07/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1470.859 [GMT -5:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Documents and Settings\HP_Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Owner\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://en.wikipedia.org/wiki/Main_Page
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearch Bar = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Page = hxxp://www.google.com
mStart Page = hxxp://en.wikipedia.org/wiki/Main_Page
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://register.hp.com/servlet/WebReg.servlets.ProdReg1Servlet?appID=java_wreg_wreg_genpg&prodOS=011&gwCountry=US&language=en&PURCH_DT_MONTH=03&PURCH_DT_DAY=14&PURCH_DT_YEAR=2006&PROD_SERIAL_ID=MXG61000SD&application=305&modelID=EK460AV&LF=blue
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = about:blank
mSearchAssistant = hxxp://www.google.com/ie
BHO: Google plugin: {684ee1db-cd52-4ca9-9ccf-93d5f6b419ba} - kmsvc32.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: NoExplorer - No File
{d1362a4f-e87b-4ff4-bd66-201811592f7f}
BHO: {fec738e9-e5ac-44b7-9632-4e9f54594cde}: {adda}
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [RamBooster] c:\program files\rambooster 2.0\Rambooster.exe
uRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startup
uRun: [Google Update] "c:\documents and settings\hp_owner\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [Camera Detector] c:\progra~1\acdsys~1\devdet~1\DEVDET~1.EXE -autorun
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mExplorerRun: [xccinit] c:\windows\system32\inf\rundll33.exe c:\windows\xccdf16_090131a.dll xccd16
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: c:\windows\temp\ntdll64.dll
Trusted Zone: nintendo.com\prefix
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/3/d/83d1fe15-fe0f-4bdf-b09c-4e3c49808ec7/LegitCheckControl.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} - hxxp://messenger.zone.msn.com/binary/Chess.cab31267.cab
DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Notify: hgGwWpOh - hgGwWpOh.dll
AppInit_DLLs: trggda.dll wcdwqq.dll szhbwr.dll cchvar.dll vhopve.dll gjvqih.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 c:\windows\system32\awtqnkhe

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_owner\applic~1\mozilla\firefox\profiles\qrsfu8mb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en.wikipedia.org/wiki/Main_Page
FF - plugin: c:\documents and settings\hp_owner\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\google updater\2.4.1508.6312\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000

============= SERVICES / DRIVERS ===============

R0 IKFileSec;File Security Driver;c:\windows\system32\drivers\ikfilesec.sys [2009-3-6 40840]
R1 IKSysFlt;System Filter Driver;c:\windows\system32\drivers\iksysflt.sys [2009-3-6 66952]
R1 IKSysSec;System Security Driver;c:\windows\system32\drivers\iksyssec.sys [2009-3-6 81288]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-3-6 356920]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-3-6 1079176]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-6-5 24652]
S2 Ias;Ias;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 pcistub;pcistub;\??\c:\windows\system32\pcistub.sys --> c:\windows\system32\pcistub.sys [?]

=============== Created Last 30 ================

2009-03-06 10:56 81,288 a------- c:\windows\system32\drivers\iksyssec.sys
2009-03-06 10:56 66,952 a------- c:\windows\system32\drivers\iksysflt.sys
2009-03-06 10:56 40,840 a------- c:\windows\system32\drivers\ikfilesec.sys
2009-03-06 10:56 29,576 a------- c:\windows\system32\drivers\kcom.sys
2009-03-06 10:55 <DIR> --d----- c:\program files\Spyware Doctor
2009-03-05 14:15 44,032 a------- c:\windows\system32\kjsvc32.dll
2009-03-05 14:04 44,032 a------- c:\windows\system32\kmsvc32.dll
2009-03-05 14:04 100 a------- c:\windows\system32\wh
2009-03-04 15:41 446 a------- c:\windows\system32\win32hlp.cnf
2009-03-04 12:53 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-03-04 12:44 <DIR> --d----- c:\program files\AVG
2009-03-04 12:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-03-04 12:05 <DIR> --d----- C:\Softpaq
2009-02-28 20:05 210,496 a------- c:\windows\system32\dllcache\SETAB3.tmp
2009-02-28 20:05 62,496 a------- c:\windows\system32\dllcache\OLDAB1.tmp
2009-02-28 20:05 41,216 a------- c:\windows\system32\dllcache\OLDAAD.tmp
2009-02-28 20:05 182,272 a------- c:\windows\system32\dllcache\OLDAA9.tmp
2009-02-28 20:05 166,720 a------- c:\windows\system32\dllcache\OLDAA5.tmp
2009-02-28 20:05 65,664 a------- c:\windows\system32\dllcache\OLDAA1.tmp
2009-02-28 20:05 397,056 a------- c:\windows\system32\dllcache\OLDA99.tmp
2009-02-28 20:05 166,912 a------- c:\windows\system32\dllcache\OLDA9D.tmp
2009-02-28 20:05 82,432 a------- c:\windows\system32\dllcache\OLDA95.tmp
2009-02-28 20:05 79,872 a------- c:\windows\system32\dllcache\OLDA91.tmp
2009-02-28 20:03 40,320 a------- c:\windows\system32\dllcache\OLDA1D.tmp
2009-02-28 20:02 169,984 a------- c:\windows\system32\dllcache\OLD9A1.tmp
2009-02-28 18:19 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2009-02-28 18:19 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-02-28 18:19 17,408 a------- c:\windows\system32\dllcache\xrxscnui.dll
2009-02-28 18:19 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2009-02-28 18:19 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2009-02-28 18:19 99,865 a------- c:\windows\system32\dllcache\xlog.exe
2009-02-28 18:19 16,970 a------- c:\windows\system32\dllcache\xem336n5.sys
2009-02-28 18:19 19,455 a------- c:\windows\system32\dllcache\wvchntxx.sys
2009-02-28 18:17 397,502 a------- c:\windows\system32\dllcache\vpctcom.sys
2009-02-28 18:16 50,688 a------- c:\windows\system32\dllcache\umaxscan.dll
2009-02-28 18:15 4,992 a------- c:\windows\system32\dllcache\toside.sys
2009-02-28 18:14 94,293 a------- c:\windows\system32\dllcache\sxports.dll
2009-02-28 18:13 37,040 a------- c:\windows\system32\dllcache\sonypi.sys
2009-02-28 18:12 157,696 a------- c:\windows\system32\dllcache\sisv256.dll
2009-02-28 18:11 16,640 a------- c:\windows\system32\dllcache\scmstcs.sys
2009-02-28 18:10 30,720 a------- c:\windows\system32\dllcache\rthwcls.sys
2009-02-28 18:09 128,286 a------- c:\windows\system32\dllcache\ptserli.sys
2009-02-28 18:08 30,282 a------- c:\windows\system32\dllcache\pcntn5hl.sys
2009-02-28 18:07 51,552 a------- c:\windows\system32\dllcache\ntgrip.sys
2009-02-28 18:06 19,968 a------- c:\windows\system32\dllcache\mxnic.sys
2009-02-28 18:05 8,320 a------- c:\windows\system32\dllcache\memcard.sys
2009-02-28 18:04 26,624 a------- c:\windows\system32\dllcache\irstusb.sys
2009-02-28 18:03 9,216 a------- c:\windows\system32\dllcache\ibmsgnet.dll
2009-02-28 18:02 165,888 a------- c:\windows\system32\dllcache\hpgt53.dll
2009-02-28 18:01 71,680 a------- c:\windows\system32\dllcache\fnfilter.dll
2009-02-28 18:00 7,296 a------- c:\windows\system32\dllcache\elmsmc.sys
2009-02-28 17:59 24,648 a------- c:\windows\system32\dllcache\dfe650.sys
2009-02-28 17:58 32,256 a------- c:\windows\system32\dllcache\diapi2NT.dll
2009-02-28 17:57 870,784 a------- c:\windows\system32\dllcache\ati3d1ag.dll
2009-02-28 12:28 <DIR> --d----- c:\windows\system32\3361
2009-02-28 12:27 <DIR> --d----- c:\windows\system32\inf
2009-02-27 02:54 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Auslogics
2009-02-27 02:54 <DIR> --d----- c:\program files\Auslogics
2009-02-19 21:31 <DIR> --d----- c:\docume~1\hp_owner\applic~1\PLT Scheme
2009-02-19 21:29 <DIR> --d----- c:\program files\PLT

==================== Find3M ====================

2009-03-06 14:06 255,857 a------- c:\windows\system32\senekalog.dat
2009-03-03 15:28 104,960 a------- c:\windows\system32\userinit.exe
2009-01-23 00:05 400 a------- c:\windows\system32\drivers\ehxlxt_356.set
2009-01-23 00:05 400 a------- c:\windows\system32\drivers\bjvtwin115.dat
2009-01-04 17:58 54,224 ac------ c:\docume~1\hp_owner\applic~1\GDIPFONTCACHEV1.DAT
2008-12-13 01:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2007-06-23 16:10 362 ac------ c:\docume~1\hp_owner\applic~1\wklnhst.dat

============= FINISH: 10:29:28.76 ===============

Attached Files


Edited by Salguod, 07 March 2009 - 03:12 PM.


BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 08 March 2009 - 04:37 PM

user requested to close this topic via pm.. So, I closed it..


Thank you for notify us.. I will now close this topic.. Please pm any Moderator or HJT Team should you need to re-open this topic..


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users