Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cryptor, Sheur2.AFIE, Generic13.ATKI and many more ---HELP!!!!


  • This topic is locked This topic is locked
2 replies to this topic

#1 chas_a

chas_a

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 22 May 2009 - 07:18 PM

Had my first problem with this computer this past Tuesday - on the verge of a full re-format but thought I'd give this a shot. Any help is appreciated!!

Windows XP Pro - Prior this this problem I only had AVG - Free Edition. as you can see from log - I've added a few programs since then.

When I started having the problem I couldn't get into Windows; it kept restarting itself in the middle of boot-up. I reinstalled the OS (did a repair install) and that got Windows running again. Since then I've run full scans of AVG, rmvirut.exe, malewarebytes' anti malware, superantispyware and atf cleaner - both in safe mode and in regular boot.

Here's the DDS log and attach.zip is attached.
Please let me know if you need more info and if there's any hope (prior to re-formatting)
Observation is that I have not opened Internet Explorer but it shows up as a process; and usually a few instances. Using Chrome until I get this fixed.

Also attached is a copy of the AVG Resident Shield Log - it exports to *.csv so I left it in that format


DDS (Ver_09-05-14.01) - NTFSx86
Run by Sweetart 4 at 19:53:40.09 on Fri 05/22/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.88 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Snappy Fax Version 4\sfpagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Sweetart 4\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\DOCUME~1\SWEETA~1\LOCALS~1\Temp\208069942.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Sweetart 4\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sweetart 4\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\BN5.tmp
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\TEMP\mp1kg.exe
C:\WINDOWS\TEMP\mp1kg.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Snappy Fax Version 4\sfpagent.exe
C:\Program Files\MSI\PC Alert 4\PCAlert4.exe
C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\Sweetart 4\Desktop\dds.scr
C:\Program Files\Internet Explorer\iexplore.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.cookiesbydesign.com/
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\ntos.exe,
BHO: c:\windows\system32\sdjee3inf.dll: {c6c7b2a1-00f3-42bd-f434-00aaba2c8953} - c:\windows\system32\sdjee3inf.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
uRun: [EPSON Stylus CX8400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticea.exe /fu "c:\windows\temp\E_S2D4.tmp" /EF "HKCU"
uRun: [reader_s] c:\documents and settings\sweetart 4\reader_s.exe
uRun: [Google Update] "c:\documents and settings\sweetart 4\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Diagnostic Manager] c:\docume~1\sweeta~1\locals~1\temp\208069942.exe
uRun: [Snappy Fax] c:\program files\snappy fax version 4\sf4.exe
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [Share-to-Web Namespace Daemon] c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Ulead AutoDetector] c:\program files\common files\ulead systems\autodetector\Monitor.exe
mRun: [Ulead Calendar Checker] c:\program files\ulead systems\ulead photo express 6\CalCheck.exe
mRun: [LiveMonitor] c:\program files\msi\live update 3\LMonitor.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Snappy Fax Printer Agent] "c:\program files\snappy fax version 4\sfpagent.exe"
mRun: [Snappy Fax Printer virtual printer agent] "c:\program files\snappy fax version 4\sfpagent.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pcaler~1.lnk - c:\program files\msi\pc alert 4\PCAlert4.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - c:\windows\system32\sistray.exe
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {05317530-B882-449D-9421-18D94FA3ED34} - hxxp://www.sis.com/ocis/OSInfo.cab
DPF: {16095503-786F-4097-AED6-5D567A26D760} - hxxp://www.sis.com/ocis/SiSAutodetectNT.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1159043473002
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} - hxxp://offers.e-centives.com/cif/download/bin/actxcab.cab
DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14-win.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LMIinit - LMIinit.dll
AppInit_DLLs: c:\progra~1\thunmail\testabd.dll
STS: c:\windows\system32\sdjee3inf.dll: {c6c7b2a1-00f3-42bd-f434-00aaba2c8953} - c:\windows\system32\sdjee3inf.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-5-4 325896]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-22 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-5-4 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-5-14 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-5-14 72944]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-7-5 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-7-5 298776]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
R3 PCAlertDriver;PCAlertDriver;c:\program files\msi\pc alert 4\NTGLM7X.sys [2006-9-23 28160]
R3 portmon2;Cyber20x Driver;c:\windows\system32\drivers\portmon2.sys [2001-7-22 7966]
S2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\lmirfsdriver.sys --> c:\windows\system32\drivers\LMIRfsDriver.sys [?]
S2 NmPar;NetMos Multi I/O Parallel Driver; [x]
S2 NmSer;NetMos Multi I/O Serial Driver; [x]
S3 PciCon;PciCon;\??\d:\pcicon.sys --> d:\PciCon.sys [?]
S3 pcm1394;pcm1394;\??\c:\windows\system32\pcm1394.sys --> c:\windows\system32\pcm1394.sys [?]
S3 restore;restore;\??\c:\windows\system32\drivers\restore.sys --> c:\windows\system32\drivers\restore.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-5-14 7408]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2009-05-22 19:50 0 a------- C:\130.tmp
2009-05-22 19:50 0 a------- C:\12F.tmp
2009-05-22 19:50 0 a------- C:\12E.tmp
2009-05-22 19:49 0 a------- C:\12D.tmp
2009-05-22 19:49 0 a------- C:\12C.tmp
2009-05-22 19:49 0 a------- C:\12B.tmp
2009-05-22 19:49 0 a------- C:\12A.tmp
2009-05-22 19:49 0 a------- C:\129.tmp
2009-05-22 19:49 0 a------- C:\128.tmp
2009-05-22 19:49 0 a------- C:\127.tmp
2009-05-22 19:49 0 a------- C:\126.tmp
2009-05-22 19:49 0 a------- C:\125.tmp
2009-05-22 19:49 63,488 a------- C:\124.tmp
2009-05-22 19:49 0 a------- C:\123.tmp
2009-05-22 19:49 15,000 a------- c:\windows\system32\sdjee3inf.dl_
2009-05-22 19:39 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2009-05-22 19:39 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-05-22 19:39 9,600 ac------ c:\windows\system32\dllcache\hidusb.sys
2009-05-22 19:39 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2009-05-22 15:12 0 a------- C:\101.tmp
2009-05-22 14:53 52,581 a------- c:\windows\system32\IntelCci.dll
2009-05-22 14:33 27,648 a------- c:\windows\system32\sfppm.dll
2009-05-22 14:32 <DIR> --d----- c:\program files\Snappy Fax Version 4
2009-05-22 13:58 0 a------- C:\AA.tmp
2009-05-22 13:58 0 a------- C:\A9.tmp
2009-05-22 13:58 0 a------- C:\A8.tmp
2009-05-22 13:58 0 a------- C:\A7.tmp
2009-05-22 13:58 0 a------- C:\A6.tmp
2009-05-22 13:58 0 a------- C:\A5.tmp
2009-05-22 13:57 0 a------- C:\A4.tmp
2009-05-22 13:57 0 a------- C:\A3.tmp
2009-05-22 13:57 0 a------- C:\A2.tmp
2009-05-22 13:57 0 a------- C:\A1.tmp
2009-05-22 13:57 0 a------- C:\A0.tmp
2009-05-22 13:57 0 a------- C:\8F.tmp
2009-05-22 13:57 0 a------- C:\8E.tmp
2009-05-22 13:57 0 a------- C:\8D.tmp
2009-05-22 13:57 0 a------- C:\8C.tmp
2009-05-22 13:57 0 a------- C:\8B.tmp
2009-05-22 13:57 <DIR> --dsh--- c:\windows\system32\wsnpoem
2009-05-22 13:57 51,712 a------- C:\8A.tmp
2009-05-22 13:36 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-22 13:36 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-22 12:27 4,736 ac------ c:\windows\system32\dllcache\usbd.sys
2009-05-22 12:27 4,736 a------- c:\windows\system32\drivers\usbd.sys
2009-05-22 12:27 13,240 ac------ c:\windows\system32\dllcache\slwdmsup.sys
2009-05-22 12:27 13,240 a------- c:\windows\system32\drivers\slwdmsup.sys
2009-05-22 12:27 61,824 ac------ c:\windows\system32\dllcache\nic1394.sys
2009-05-22 12:27 61,824 a------- c:\windows\system32\drivers\nic1394.sys
2009-05-22 12:27 180,360 ac------ c:\windows\system32\dllcache\ntmtlfax.sys
2009-05-22 12:27 180,360 a------- c:\windows\system32\drivers\ntmtlfax.sys
2009-05-22 12:27 404,990 ac------ c:\windows\system32\dllcache\slntamr.sys
2009-05-22 12:27 404,990 a------- c:\windows\system32\drivers\slntamr.sys
2009-05-22 12:26 12,160 ac------ c:\windows\system32\dllcache\fsvga.sys
2009-05-22 12:26 12,160 a------- c:\windows\system32\drivers\fsvga.sys
2009-05-22 12:26 0 a------- C:\D7.tmp
2009-05-22 12:26 36,352 ac------ c:\windows\system32\dllcache\disk.sys
2009-05-22 12:26 36,352 a------- c:\windows\system32\drivers\disk.sys
2009-05-22 12:26 27,392 ac------ c:\windows\system32\dllcache\fdc.sys
2009-05-22 12:26 27,392 a------- c:\windows\system32\drivers\fdc.sys
2009-05-22 12:26 0 a------- C:\D3.tmp
2009-05-22 12:26 0 a------- C:\D2.tmp
2009-05-22 12:26 0 a------- C:\D1.tmp
2009-05-22 12:26 0 a------- C:\D0.tmp
2009-05-22 12:26 0 a------- C:\CF.tmp
2009-05-22 12:25 0 a------- C:\CE.tmp
2009-05-22 12:25 0 a------- C:\CD.tmp
2009-05-22 12:25 0 a------- C:\CC.tmp
2009-05-22 12:25 0 a------- C:\CB.tmp
2009-05-22 12:25 0 a------- C:\CA.tmp
2009-05-22 12:25 0 a------- C:\C9.tmp
2009-05-22 12:25 0 a------- C:\C8.tmp
2009-05-22 12:25 0 a------- C:\C7.tmp
2009-05-22 12:25 0 a------- C:\C6.tmp
2009-05-22 12:25 0 a------- C:\C5.tmp
2009-05-22 12:25 0 a------- C:\C3.tmp
2009-05-22 09:26 0 a------- C:\C2.tmp
2009-05-22 09:26 0 a------- C:\C1.tmp
2009-05-22 09:18 <DIR> --d----- c:\windows\system32\CatRoot_bak
2009-05-22 09:17 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe
2009-05-22 09:17 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-05-22 09:17 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-05-22 09:17 2,136,064 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2009-05-22 09:17 2,180,480 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2009-05-22 09:17 2,015,744 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2009-05-22 09:17 2,057,728 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe
2009-05-22 09:16 453,632 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-05-22 09:15 0 a------- C:\B2.tmp
2009-05-22 09:15 0 a------- C:\B1.tmp
2009-05-22 09:15 0 a------- C:\B0.tmp
2009-05-21 17:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-05-21 17:25 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-21 17:25 <DIR> --d----- c:\docume~1\sweeta~1\applic~1\SUPERAntiSpyware.com
2009-05-21 17:25 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-05-21 17:24 0 a------- C:\89.tmp
2009-05-21 17:24 0 a------- C:\88.tmp
2009-05-21 17:24 0 a------- C:\87.tmp
2009-05-21 17:24 0 a------- C:\86.tmp
2009-05-21 17:24 0 a------- C:\85.tmp
2009-05-21 17:24 0 a------- C:\84.tmp
2009-05-21 17:24 0 a------- C:\83.tmp
2009-05-21 17:24 0 a------- C:\82.tmp
2009-05-21 17:24 0 a------- C:\81.tmp
2009-05-21 17:24 0 a------- C:\80.tmp
2009-05-21 15:12 0 a------- C:\6F.tmp
2009-05-21 15:08 <DIR> --d----- c:\docume~1\sweeta~1\applic~1\Malwarebytes
2009-05-21 15:08 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-21 15:08 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-21 14:41 0 a------- C:\5E.tmp
2009-05-21 14:41 0 a------- C:\5D.tmp
2009-05-21 14:41 0 a------- C:\5C.tmp
2009-05-21 14:41 0 a------- C:\5B.tmp
2009-05-21 14:41 0 a------- C:\5A.tmp
2009-05-21 14:41 0 a------- C:\59.tmp
2009-05-21 14:41 0 a------- C:\58.tmp
2009-05-21 14:41 0 a------- C:\57.tmp
2009-05-21 14:41 0 a------- C:\56.tmp
2009-05-21 14:41 0 a------- C:\55.tmp
2009-05-21 14:41 0 a------- C:\54.tmp
2009-05-21 14:40 0 a------- C:\53.tmp
2009-05-21 14:40 0 a------- C:\52.tmp
2009-05-21 14:40 0 a------- C:\51.tmp
2009-05-21 14:40 0 a------- C:\50.tmp
2009-05-21 14:40 0 a------- C:\4F.tmp
2009-05-21 14:40 0 a------- C:\4E.tmp
2009-05-21 14:22 0 a------- C:\4C.tmp
2009-05-21 14:22 0 a------- C:\4B.tmp
2009-05-21 14:22 0 a------- C:\4A.tmp
2009-05-21 14:22 0 a------- C:\49.tmp
2009-05-21 13:59 0 a------- C:\3E.tmp
2009-05-19 16:12 0 a------- C:\2C.tmp
2009-05-19 16:12 0 a------- C:\2B.tmp
2009-05-19 16:12 0 a------- C:\2A.tmp
2009-05-19 16:12 0 a------- C:\29.tmp
2009-05-19 16:12 0 a------- C:\28.tmp
2009-05-19 16:12 0 a------- C:\27.tmp
2009-05-19 16:12 0 a------- C:\26.tmp
2009-05-19 16:12 0 a------- C:\25.tmp
2009-05-19 16:12 0 a------- C:\23.tmp
2009-05-19 16:11 0 a------- C:\22.tmp
2009-05-19 16:11 0 a------- C:\21.tmp
2009-05-19 16:11 0 a------- C:\1E.tmp
2009-05-19 16:11 0 a------- C:\1C.tmp
2009-05-19 16:11 0 a------- C:\1A.tmp
2009-05-19 16:11 0 a------- C:\15.tmp
2009-05-19 16:11 0 a------- C:\12.tmp
2009-05-19 16:06 <DIR> --d----- c:\docume~1\sweeta~1\applic~1\AVGTOOLBAR
2009-05-19 15:59 34 a------- c:\windows\system32\BD5250DN.DAT
2009-05-19 15:47 0 a------- C:\A.tmp
2009-05-19 15:47 0 a------- C:\9.tmp
2009-05-19 15:47 0 a------- C:\8.tmp
2009-05-19 15:47 0 a------- C:\7.tmp
2009-05-19 15:47 0 a------- C:\6.tmp
2009-05-19 15:46 0 a------- C:\5.tmp
2009-05-19 15:35 28,288 ac------ c:\windows\system32\dllcache\xjis.nls
2009-05-19 15:33 101,376 ac------ c:\windows\system32\dllcache\srusbusd.dll
2009-05-19 15:32 20,736 ac------ c:\windows\system32\dllcache\ramdisk.sys
2009-05-19 15:31 92,416 ac------ c:\windows\system32\dllcache\mga.sys
2009-05-19 15:30 81,976 ac------ c:\windows\system32\dllcache\imjpdct.dll
2009-05-19 15:29 20,541 ac------ c:\windows\system32\dllcache\fpadmdll.dll
2009-05-19 15:28 66,082 ac------ c:\windows\system32\dllcache\c_20284.nls
2009-05-19 15:27 49,664 ac------ c:\windows\system32\dllcache\adrot.dll
2009-05-19 15:26 598,071 ac------ c:\windows\system32\dllcache\fpmmc.dll
2009-05-19 15:22 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-05-19 15:22 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-05-19 15:22 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-05-19 15:22 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-05-19 15:22 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2009-05-19 15:22 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-05-19 15:20 32,768 ac------ c:\windows\system32\dllcache\icwdl.dll
2009-05-19 15:13 182,912 ac------ c:\windows\system32\dllcache\ndis.sys
2009-05-19 15:11 0 a------- c:\windows\system32\109.tmp
2009-05-19 15:11 120 a------- c:\windows\system32\104.tmp
2009-05-19 14:55 24,661 ac------ c:\windows\system32\dllcache\spxcoins.dll
2009-05-19 14:55 13,312 ac------ c:\windows\system32\dllcache\irclass.dll
2009-05-19 14:55 24,661 a------- c:\windows\system32\spxcoins.dll
2009-05-19 14:55 13,312 a------- c:\windows\system32\irclass.dll
2009-05-19 10:40 536,428,544 a------- c:\windows\MEMORY.DMP
2009-05-18 20:02 44 a------- c:\windows\system32\tcpd.dll
2009-05-18 20:02 9 a------- c:\windows\system32\iphy.dll
2009-05-18 20:02 3 a------- c:\windows\system32\fhpatch.dll
2009-05-18 20:02 0 a------- c:\windows\system32\fiplock.dll
2009-05-18 19:34 664 a------- c:\windows\system32\d3d9caps.dat
2009-05-18 19:01 <DIR> --d----- c:\windows\system32\3361
2009-05-18 19:01 108,336 a------- c:\windows\system32\MSWINSCK.OCX
2009-05-18 19:01 <DIR> --d----- c:\windows\dhcp
2009-05-18 13:44 <DIR> --d----- C:\Integration

==================== Find3M ====================

2009-05-19 16:21 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-19 16:21 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-19 16:21 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-19 15:46 182,912 a------- c:\windows\system32\drivers\ndis.sys
2009-05-19 15:17 23,680 ac------ c:\windows\system32\emptyregdb.dat
2009-03-06 10:44 283,648 a------- c:\windows\system32\pdh.dll
2009-02-18 17:49 60,968 a------- c:\documents and settings\sweetart 4\GoToAssistDownloadHelper.exe
2008-12-12 18:46 1,993 ----h--- c:\docume~1\sweeta~1\applic~1\SCPSP6.DLL
2008-12-07 18:51 1,521 ---shr-- c:\docume~1\sweeta~1\applic~1\SCPSS6.DLL
2008-08-21 16:03 164 ac--h--- c:\documents and settings\all users\hpothb07.dat
2007-11-02 13:42 171 a---h--- c:\documents and settings\sweetart 4\hpothb07.dat
2009-02-10 00:19 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009020920090210\index.dat

============= FINISH: 19:54:23.70 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 chas_a

chas_a
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:50 AM

Posted 24 May 2009 - 03:17 PM

Had to move on with this computer - so I decided to reformat. Please close this thread.

May open a new thread with similar problems on another computer on my network if I don't decide to reformat that one too on Tuesday.

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:03:50 AM

Posted 28 May 2009 - 04:56 PM

Thanks for informing us.

Good luck with the other computer.

This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users