Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected - CTFMON.EXE is disabled/masked


  • This topic is locked This topic is locked
2 replies to this topic

#1 Shabtai

Shabtai

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 10 May 2009 - 10:27 AM

Please help resolve this problem -
I'm using a dual language system on Windows Media Center (SP3) which is basically like WinXP Pro.
Using Regional and Language Options program in the Control Panel is basically useless since the Language Bar is disabled.
I read in one of the forums on the Internet that ctfmon.exe is probably disabled or masked by a trojan.
My ctfmon.exe is listed in c:\Windows\System32. Double-click or commandline says the system can not locate this file.
I have attached the Attach.txt in a zip file and here is the DDS output.
Many thanks,


DDS (Ver_09-03-16.01) - NTFSx86
Run by Shabtai at 11:00:16.76 on Sun 05/10/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.319 [GMT -4:00]

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DVRMSToolbox\DVRMSFileWatcherService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
svchost.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Desktop Sidebar\dsidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\GPSoftware\Directory Opus\dopus.exe
C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Shabtai\Desktop\dds.scr

============== Pseudo HJT Report ===============

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop&parm1=seconduser
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = hxxp://update.spysubtract.com/spdbupdcomplete.php?220=&431=&120=2.65&160=1230676&170=1&210=Other&310=1012&150=60&155=60&130=t&225=n&215=&430=38c834d0&195=2.61&171=&172=&500=2&501=0
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: D: {851566b1-9136-3a34-80f2-523bcc487e2a} - c:\windows\system32\xwr91725.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [Gadwin PrintScreen] "c:\program files\gadwin systems\printscreen\PrintScreen.exe" /nosplash
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [SIDEBAR] "c:\program files\desktop sidebar\dsidebar.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized
uRun: [<NO NAME>]
uRun: [DOpus] c:\program files\gpsoftware\directory opus\dopus.exe
uRun: [Directory Opus Desktop Dblclk] "c:\program files\gpsoftware\directory opus\dopusrt.exe" /dblclk
uRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [SansaDispatch] c:\program files\sandisk\sansa updater\SansaDispatch.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [Babylon Client] c:\program files\babylon\babylon-pro\Babylon.exe -AutoStart
mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
dRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\shabtai\startm~1\programs\startup\mailwa~1.lnk - c:\program files\firetrust\mailwasher pro\MailWasher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nokian~1.lnk - c:\program files\nokia\nnpcs\RunLauncher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\309731\program\Updates from HP.exe
IE: Customize Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Translate with &Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Translate.htm
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files\bonjour\ExplorerPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
LSP: c:\windows\system32\imon.dll
Trusted Zone: aol.com\free
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1232843845265
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {cafeefac-0014-0002-0011-abcdeffedcba} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://ive.bjs.com/dana-cached/setup/JuniperSetupSP1.cab
TCP: {9533B4FA-BA76-47A5-9AB3-D28510877DAF} = 208.67.222.222,208.67.220.220
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !saswinlogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Directory Opus Shell Execute Hook: {3cf9ece0-1a9f-11d2-8c73-00c06c2005de} - c:\program files\gpsoftware\directory opus\dopuslib.dll
LSA: Authentication Packages = msv1_0 relog_ap

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\shabtai\applic~1\mozilla\firefox\profiles\54b6oeqi.default\
FF - prefs.js: browser.startup.homepage - hxxp://e.my.yahoo.com/config/my_init?.intl=us&.partner=my&.from=i|http://www.google.com/
FF - component: c:\documents and settings\shabtai\application data\mozilla\firefox\profiles\54b6oeqi.default\extensions\{22119944-ed35-4ab1-910b-e619ea06a115}\components\rfproxy_27.dll
FF - component: c:\documents and settings\shabtai\application data\mozilla\firefox\profiles\54b6oeqi.default\extensions\{31513e58-f253-47ad-86db-d5f21e905429}\components\mintray-9178506d-2005072516-trunk.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\shabtai\application data\mozilla\plugins\npPxPlay.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npagent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npRACtrl.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll

============= SERVICES / DRIVERS ===============

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-2-24 15424]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2009-1-15 9968]
R1 saskutil;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 55024]
R2 dvrmsfilewatcherservice;DVRMSFileWatcherService;c:\program files\dvrmstoolbox\DVRMSFileWatcherService.exe [2008-10-19 20480]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2008-2-4 552064]
S2 IcRecUsb;IC Recorder Driver;c:\windows\system32\drivers\IcRecUsb.sys [2008-1-12 17432]
S3 CrystalSysInfo;CrystalSysInfo;c:\program files\mediacoder\SysInfo.sys [2007-9-25 15152]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2008-5-31 42112]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-6-16 7808]
S3 sasenum;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]

=============== Created Last 30 ================

2009-05-09 15:56 697 a------- c:\windows\system32\noise.Tha
2009-05-09 13:48 98,304 a------- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-09 13:44 180,770 a------- c:\windows\system32\dllcache\c_20932.nls
2009-05-08 21:19 <DIR> --d----- c:\docume~1\shabtai\applic~1\GPSoftware
2009-05-08 21:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\GPSoftware
2009-05-07 20:18 <DIR> --d----- C:\KODC Themes
2009-04-30 19:29 90,112 a------- c:\windows\unvise32.exe
2009-04-30 19:28 <DIR> --d----- c:\program files\The Rosetta Stone
2009-04-27 18:16 16,927,336 a------- c:\windows\system32\xa37734312.exe
2009-04-27 18:16 16,927,336 a------- c:\windows\system32\xa37721546.exe
2009-04-12 11:47 <DIR> --d----- c:\program files\Free WMA MP3 Converter
2009-04-11 11:11 16,927,336 a------- c:\windows\system32\xa2427859.exe
2009-04-11 11:11 16,927,336 a------- c:\windows\system32\xa2427375.exe
2009-04-11 10:57 16,927,336 a------- c:\windows\system32\xa1589109.exe
2009-04-11 10:57 16,927,336 a------- c:\windows\system32\xa1587734.exe
2009-04-11 08:42 16,927,336 a------- c:\windows\system32\xa42501703.exe
2009-04-11 08:42 16,927,336 a------- c:\windows\system32\xa42500515.exe
2009-04-10 20:58 <DIR> --d----- c:\windows\system32\inf32

==================== Find3M ====================

2009-04-05 21:29 20 ----h--- c:\docume~1\alluse~1\applic~1\PKP_DLbz.DAT
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2008-08-21 16:34 0 a------- c:\docume~1\alluse~1\applic~1\PKP_DLbx.DAT
2008-03-05 20:28 92,064 a------- c:\documents and settings\shabtai\mqdmmdm.sys
2008-03-05 20:28 79,328 a------- c:\documents and settings\shabtai\mqdmserd.sys
2008-03-05 20:28 66,656 a------- c:\documents and settings\shabtai\mqdmbus.sys
2008-03-05 20:28 25,600 a------- c:\documents and settings\shabtai\usbsermptxp.sys
2008-03-05 20:28 22,768 a------- c:\documents and settings\shabtai\usbsermpt.sys
2008-03-05 20:28 9,232 a------- c:\documents and settings\shabtai\mqdmmdfl.sys
2008-03-05 20:28 6,208 a------- c:\documents and settings\shabtai\mqdmcmnt.sys
2008-03-05 20:28 5,936 a------- c:\documents and settings\shabtai\mqdmwhnt.sys
2008-03-05 20:28 4,048 a------- c:\documents and settings\shabtai\mqdmcr.sys
2007-08-25 08:50 251 a------- c:\program files\wt3d.ini
2005-09-09 20:55 7,155,864 a------- c:\program files\NGhost10.msi
2005-09-09 20:55 35 a------- c:\program files\SCSSDist.ini
2004-08-04 01:56 4,639 a------- c:\program files\mplayer2.exe
2003-11-20 17:36 94,208 a------- c:\program files\TechInfo4.exe
2001-06-29 11:33 21,842 a------- c:\program files\common files\tppupd2k.dll
2001-03-14 00:22 0 a---h--- c:\docume~1\alluse~1\applic~1\sdpsenv.dat
1994-12-31 20:00 44 a------- c:\program files\common files\Track01.cda

============= FINISH: 11:01:05.73 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Shabtai

Shabtai
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:12 PM

Posted 18 May 2009 - 11:33 AM

Problem solved.
Thanks,

#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,946 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:03:12 PM

Posted 26 May 2009 - 12:53 AM

Thank you for letting us know. This topic shall now be closed.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users