Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Odd looking file (Double-Stroke Z, Trade Mark symbol, Skull and Crossbones!)


  • Please log in to reply
11 replies to this topic

#1 spelk

spelk

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 22 November 2013 - 03:22 AM

Here's a weird one, I have a WinXP PC, with a hidden system file in the root of C:\ that is approximately 8 bytes in size. The filename shows up as the following image:

http://imgur.com/ywamEnr


Namely Unicode characters

ℤ™☠

U+2124, U+2122, U+2620

Double-Stroke Z, Trade Mark symbol, Skull and Crossbones.

I have no idea how it got there or what software created it, but it looks decidedly suspicious (although Symantec Endpoint Protection and Malwarebytes are detecting nothing).

Has anyone seen anything like this before?

 

Is this likely to be part of some malware?



BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 22 November 2013 - 03:42 AM

 
 

G'day spelk and Welcome to BC !

 

Lets try this first : Download and run the following programs in the order they are listed....copy and post the resulting logs in your reply/s.

 

RKill created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.

Malwarebytes Anti-Malware
AdwCleanercreated by Xplode.
Junkware Removal Toolcreated by thisisu.

 

RKill.

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from  the link provided, please let me know.

___________________________________________________

 

MBAM (Malwarebytes)

 * Double-click mbam-setup.exe and follow the prompts to install the program.
* At the finish of the installation, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version. <<< most important )
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here in your next Reply

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

_______________________________________________________________

 

 

AdwCleaner

* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on the Scan button.
* When the scan has finished click on the
Clean button.
* NOTE : Your computer will be
rebooted automatically. A text file will open after the restart.
* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner.txt as well.
Once I OK the log, please click the Uninstall button to fully remove all

___________________________________________________________

 

 

Junkware Removal Tool

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#3 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 22 November 2013 - 04:58 AM

click on "Follow This Topic"...located on the right hand side of the page near the top.......then all replies etc etc will be immediately forwarded to your inbox


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#4 spelk

spelk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 22 November 2013 - 05:03 AM

RKill Log

 

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/22/2013 09:58:49 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
   "DisableSR" = dword:00000001

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\assembly\GAC_MSIL\WcfSvcHost\9.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_WcfSvcHost_31bf3856ad364e35_9.0.0.0_x-ww_e0abf5ea [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com

  20 out of 15191 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 11/22/2013 09:59:49 AM
Execution time: 0 hours(s), 0 minute(s), and 59 seconds(s)
 



#5 spelk

spelk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 22 November 2013 - 05:21 AM

MalwareBytes Log

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.22.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
(username) :: (pcname) [administrator]

22/11/2013 10:03:37
mbam-log-2013-11-22 (10-03-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 440944
Time elapsed: 14 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#6 spelk

spelk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 22 November 2013 - 05:47 AM

AdwCleaner Log

 

I'd previously run AdwCleaner this morning, so I'm going to include both S logs.

 

 

 

# AdwCleaner v3.012 - Report created 22/11/2013 at 08:35:59
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : (username) - (pcname)
# Running from : C:\Downloads\Software\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\(username)\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\(username)\Application Data\Mozilla\Firefox\Profiles\uci1zeng.default\FoxTab

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7854F00C-DC77-477E-A10E-603F48442D3B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Description
Key Deleted : HKLM\Software\OpenCandy
Key Deleted : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0.1 (en-GB)

[ File : C:\Documents and Settings\(username)\Application Data\Mozilla\Firefox\Profiles\uci1zeng.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://(homepage)/portal/|[...]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Documents and Settings\(username)\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [2314 octets] - [22/11/2013 08:33:27]
AdwCleaner[S0].txt - [2269 octets] - [22/11/2013 08:35:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2329 octets] ##########

 

 

 

Second run

 

 

 

# AdwCleaner v3.012 - Report created 22/11/2013 at 10:30:42
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : (username) - (pcname)
# Running from : C:\Downloads\Software\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\Description

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0.1 (en-GB)

[ File : C:\Documents and Settings\(username)\Application Data\Mozilla\Firefox\Profiles\uci1zeng.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ File : C:\Documents and Settings\(username)\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2314 octets] - [22/11/2013 08:33:27]
AdwCleaner[R1].txt - [1123 octets] - [22/11/2013 10:29:19]
AdwCleaner[S0].txt - [2409 octets] - [22/11/2013 08:35:59]
AdwCleaner[S1].txt - [1047 octets] - [22/11/2013 10:30:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1107 octets] ##########



#7 spelk

spelk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 22 November 2013 - 05:55 AM

JRT Log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by (username) on 22/11/2013 at 10:47:31.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\big fish games"
Successfully deleted: [Folder] "C:\Documents and Settings\(username)\Application Data\big fish games"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\(username)\Application Data\mozilla\firefox\profiles\uci1zeng.default\prefs.js

user_pref("extensions.ntk.recentClosedPers", "hxxp://www.quartertothree.com/game-talk/forumdisplay.php?f=6::Games - Quarter To Three Forums;hxxp://www.boardgamegeek.com/::Boar


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/11/2013 at 10:50:54.20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#8 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 22 November 2013 - 05:58 AM

Please run TFC

Your desktop may disappear....dont panic.....if the tool asks for a reboot...please do so.

 

Then ::

Download  MiniToolBox MiniToolBox, Save it to your desktop and run it.
Close any Firefox browsers you may have open
Checkmark the following boxes:
•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
•List Users, Partitions and Memory size.
•List Minidump Files
 
Click Go and copy / paste the result (Result.txt).


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#9 spelk

spelk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 22 November 2013 - 06:56 AM

Results.txt

 

For the sake of security, I had to doctor the IP addresses and machine names, and network drives. I hope thats ok.

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by (username) (administrator) on 22-11-2013 at 11:23:12
Running from "C:\Documents and Settings\(username)\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15171 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82567LM-3 Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=static addr=xxx.xxx.xxx.120 register=PRIMARY
add dns name="Local Area Connection" addr=xxx.xxx.xxx.124 index=2
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : (pcname)

        Primary Dns Suffix  . . . . . . . : (domainname)

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : (domainname)

                                            (domainname)



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . : (domainname)

        Description . . . . . . . . . . . : Intel® 82567LM-3 Gigabit Network Connection

        Physical Address. . . . . . . . . : 00-22-19-XX-XX-XX

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : xxx.xxx.xxx.29

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : xxx.xxx.xxx.254

        DHCP Server . . . . . . . . . . . : xxx.xxx.xxx.120

        DNS Servers . . . . . . . . . . . : xxx.xxx.xxx.120

                                            xxx.xxx.xxx.124

        Lease Obtained. . . . . . . . . . : 22 November 2013 11:19:05

        Lease Expires . . . . . . . . . . : 22 November 2013 15:19:05

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  xxx.xxx.xxx.120

DNS request timed out.
    timeout was 2 seconds.


Pinging google.com [173.194.34.174] with 32 bytes of data:



Reply from 173.194.34.174: bytes=32 time=6ms TTL=47

Reply from 173.194.34.174: bytes=32 time=6ms TTL=47



Ping statistics for 173.194.34.174:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 6ms, Maximum = 6ms, Average = 6ms

Server:  mrc120.mrc.soton.ac.uk
Address:  xxx.xxx.xxx.120

DNS request timed out.
    timeout was 2 seconds.


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=163ms TTL=40

Reply from 206.190.36.45: bytes=32 time=185ms TTL=40



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 163ms, Maximum = 185ms, Average = 174ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 22 19 2d 5b dd ...... Intel® 82567LM-3 Gigabit Network Connection
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    xxx.xxx.xxx.254    xxx.xxx.xxx.29      10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      xxx.xxx.xxx.0    255.255.255.0     xxx.xxx.xxx.29    xxx.xxx.xxx.29      10
     xxx.xxx.xxx.29  255.255.255.255        127.0.0.1       127.0.0.1      10
   xxx.xxx.255.255  255.255.255.255     xxx.xxx.xxx.29    xxx.xxx.xxx.29      10
        224.0.0.0        240.0.0.0     xxx.xxx.xxx.29    xxx.xxx.xxx.29      10
  255.255.255.255  255.255.255.255     xxx.xxx.xxx.29    xxx.xxx.xxx.29      1
Default Gateway:     xxx.xxx.xxx.254
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/22/2013 09:39:07 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!WS.Reputation.1 in File: c:\downloads\software\jrt.exe by: Auto-Protect scan.  Action: Quarantine succeeded.  Action Description: The file was quarantined successfully.

Error: (11/18/2013 03:20:00 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].

Error: (11/18/2013 07:21:58 AM) (Source: UserInit) (User: )
Description: Could not execute the following script \\SERVER1\NETLOGON\ilogin.bat. The network path was not found.
.

Error: (11/13/2013 03:20:14 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].

Error: (11/11/2013 03:20:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].

Error: (11/06/2013 03:19:50 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].

Error: (11/06/2013 11:16:12 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

Error: (11/05/2013 03:19:27 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].

Error: (11/04/2013 03:20:06 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].

Error: (10/30/2013 03:20:10 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {00000000-0000-0000-0000-000000000000} if volume is supported. [0x8000ffff] [hr = 0x8000ffff].


System errors:
=============
Error: (11/22/2013 11:20:40 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PBADRV

Error: (11/22/2013 11:16:53 AM) (Source: Service Control Manager) (User: )
Description: The GoodSync Server service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/22/2013 11:16:53 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/22/2013 11:16:53 AM) (Source: Service Control Manager) (User: )
Description: The Machine Debug Manager service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/22/2013 11:16:52 AM) (Source: Service Control Manager) (User: )
Description: The Sentinel Local License Manager service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/22/2013 11:16:52 AM) (Source: Service Control Manager) (User: )
Description: The Logitech Solar Keyboard Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (11/22/2013 11:16:52 AM) (Source: Service Control Manager) (User: )
Description: The UsbClientService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 200 milliseconds: Restart the service.

Error: (11/22/2013 11:16:52 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).

Error: (11/22/2013 10:32:29 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PBADRV

Error: (11/22/2013 10:23:20 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PBADRV


Microsoft Office Sessions:
=========================
Error: (06/03/2013 02:25:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 64 seconds with 60 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

7-Zip 9.20
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Administration Tools for File Server Management
Administration Tools for Print Management
Adobe AIR (Version: 3.7.0.1530)
Adobe Bridge 1.0 (Version: 001.000.004)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Help Center 2.1 (Version: 2.1)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Altap Salamander 2.54 (Version: 2.54)
Altap Salamander 3.0 beta 3 (x86) (Version: 3.0 beta 3 (x86))
AutoIt v3.3.8.1
AxCrypt 1.7.2867.0 (Version: 1.7.2867.0)
CCleaner (Version: 4.07)
CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
Check Point SmartConsole NGX R65 (Version: 6.0.3)
Check Point SmartConsole NGX R65 with Messaging Security (Version: 6.0.3)
Crystal Reports Basic for Visual Studio 2008 (Version: 10.5.0.0)
DeepBurner v1.9.0.228
Dia (remove only)
EmEditor Professional (32-bit) (Version: 13.0.6)
EndNote X6 (Version: 16.0.0.6348)
EPSON Printer Software
EPSON Scan
eReg (Version: 1.20.138.34)
Evernote v. 5.0.3 (Version: 5.0.3.1614)
File Shredder 2.0
FileZilla Client 3.7.3 (Version: 3.7.3)
foobar2000 v1.1.17 (Version: 1.1.17)
Free Download Manager 3.9.3
FreeMind (Version: 0.9.0)
GIMP 2.8.6 (Version: 2.8.6)
Gmvault (Version: 1.5-beta)
GoodSync (Version: 9.4.6.4)
Google Chrome (Version: 31.0.1650.57)
Google Update Helper (Version: 1.3.21.165)
IBM SPSS Statistics 21 (Version: 21.0.0.0)
ImgBurn (Version: 2.5.8.0)
Inkscape 0.48.4 (Version: 0.48.4)
Intel® Graphics Media Accelerator Driver
Intel® Network Connections 13.1.34.2 (Version: 13.1.34.2)
Intel® Matrix Storage Manager
IrfanView (remove only) (Version: 4.36)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
KeePass Password Safe 2.20.1
LastPass (uninstall only)
LiveWeb (Version: 4.00)
Log Parser 2.2 (Version: 2.2.10)
Logitech SetPoint 6.52 (Version: 6.52.74)
Logitech Solar App 1.10 (Version: 1.10.3)
Logitech Unifying Software 2.10 (Version: 2.10.37)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Compact Framework 2.0 SP2 (Version: 2.0.7045)
Microsoft .NET Compact Framework 3.5 (Version: 3.5.7283)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Assessment and Planning Toolkit (Version: 6.0.3939.0)
Microsoft Device Emulator version 3.0 - ENU (Version: 9.0.21022)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008 (Version: 9.0.21022)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066)
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft RichCopy 4.0 (Version: 4.0.216)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 4 SDK (Version: 4.0.60310.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2000 (Version: 8.00.194)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files  (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Compact 3.5 Design Tools ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 for Devices ENU (Version: 3.5.5386.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.2 (Version: 1.2.0.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Team Foundation Server 2010 Object Model (VSLS) - ENU (Version: 10.0.40219)
Microsoft Team Foundation Server 2010 Object Model for Lightswitch 2011 - ENU (Version: 10.0.40219)
Microsoft Visio Viewer 2010 (Version: 14.0.7015.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.21022)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft Visual Studio Web Authoring Component (Version: 12.0.4518.1066)
Microsoft Web Platform Installer 3.0 (Version: 3.0.5)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (Version: 3.5.21022)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (Version: 6.1.5288.17011)
Microsoft Windows SDK for Visual Studio 2008 Tools (Version: 6.1.5288.17011)
Microsoft Word Supplemental Macros (Version: 1.0.0.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 en-GB) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 24.1.1)
Mozilla Thunderbird 24.1.1 (x86 en-GB) (Version: 24.1.1)
Mp3tag v2.58 (Version: v2.58)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Music Manager
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Omron Health Management Software (Version: 1.50.0003)
Opera Stable 17.0.1241.53 (Version: 17.0.1241.53)
Paint.NET v3.5.10 (Version: 3.60.0)
PDF-Viewer (Version: 2.5.210.0)
PerformanceTest v8.0 (Version: 8.0.1024.0)
Picasa 3 (Version: 3.8)
PowerDVD DX (Version: 8.2.5024)
PuTTY version 0.62 (Version: 0.62)
Python 2.7.3 (Version: 2.7.3150)
QuickCam Drivers
Reference Manager 12 Professional Edition (Version: 12.0.0.2401)
ResearchSoft Direct Export Helper
Revo Uninstaller 1.95 (Version: 1.95)
SciTE4AutoIt3 2/28/2010 (Version: 2/28/2010)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
SpywareBlaster 4.4 (Version: 4.4.0)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
ST Microelectronics TPM Driver Installer (Version: 1.04.15)
Stardock Fences 2 (Version: 2.11)
Sublime Text 2.0.2
swMSM (Version: 12.0.0.1)
Symantec Endpoint Protection (Version: 12.1.1101.401)
Synology Assistant (remove only)
SystemTools DumpSec (Version: 2.8.6)
TightVNC 2.0.4 (Version: 2.0.4)
TreeSize Professional V6.0 (Version: 6.0)
TrueCrypt (Version: 7.1a)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit Edition
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) (Version: 1)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
UPEK TouchChip Fingerprint Reader (Version: 1.0.0)
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022)
VLC media player 2.0.8 (Version: 2.0.8)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - STMicroelectronics (stmtpm) System  (05/24/2007 1.00.04.15) (Version: 05/24/2007 1.00.04.15)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Mobile 5.0 SDK R2 for Pocket PC (Version: 5.00.1700.5.14343.06)
Windows Mobile 5.0 SDK R2 for Smartphone (Version: 5.00.1700.5.14343.06)
Windows Movie Maker 2.0 (Version: 2.0.0000)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Resource Kit Tools (Version: 5.2.3790)
Windows Server 2003 Administration Tools Pack (Version: 5.2.3790)
Windows Support Tools (Version: 5.1.2600.2180)
Windows Support Tools (Version: 5.2.3790.1830)
Winmail Opener 1.5 (Version: 1.5)
Winmail Reader 1.2.15
WinPatrol (Version: 29.0.2013)
XML Paper Specification Shared Components Pack 1.0

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 3291.52 MB
Available physical RAM: 2506.16 MB
Total Pagefile: 6419.71 MB
Available Pagefile: 5848 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.16 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:297.97 GB) (Free:117.18 GB) NTFS
3 Drive e: (HD-PCU2) (Fixed) (Total:465.76 GB) (Free:276.98 GB) NTFS
4 Drive f: (OKINAWA) (Fixed) (Total:931.51 GB) (Free:172.88 GB) NTFS
9 Drive m: (MAIL) (Fixed) (Total:14.65 GB) (Free:10.21 GB) NTFS
11 Drive o: () (Fixed) (Total:50 GB) (Free:47.96 GB) NTFS
13 Drive q: (MAIL-SYNC) (Fixed) (Total:15 GB) (Free:8.91 GB) NTFS

========================= Users: ========================================

User accounts for \\(pcname)

Admin                    Administrator            ASPNET                   
(PCNAME)               Guest                    HelpAssistant            
SUPPORT_388945a0         

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 


Edited by spelk, 22 November 2013 - 07:03 AM.


#10 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 22 November 2013 - 05:24 PM

Have you tried to delete the file ?

If so, does it return?

Is there any sign of it in the start ups ?

 

 

Your system is clean. The hidden file appears not to be the result of malware activity etc

 

However, if you are still in any doubt, you are quite free to post in the Malware forum for a more in depth search ::

 

(Preparation Guide For Requesting Help  starting at Step #6.)
 

 

Provide them with a link to this topic, if you decide to do that.


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#11 spelk

spelk
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:29 PM

Posted 25 November 2013 - 03:34 AM

Condobloke, thank you very much for your help with this issue. It's a relief to know that this file doesn't signify some sort of malware infection.

 

I initially tried to delete the file, but it said it was a system file and I wasn't allowed to delete it.

 

When I booted into safe mode, I couldn't find the file. I booted back normally, and it was still there, but this time I was able to delete it. The file was created in February 2012, and it doesn't look like its been modified since, so I'm guessing its just a bit of debris from some software install, and hopefully I'm free of it. It does have a very odd filename, which does raise suspicion - perhaps I'll never find out where it come from, but I'm satisfied with the resolution especially now that its been deleted.

 

Thanks again for your help with this matter. It was much appreciated.



#12 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,783 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 25 November 2013 - 04:22 AM

My Pleasure !


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users