Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C Drive Directory


  • Please log in to reply
9 replies to this topic

#1 rowal5555

rowal5555

    Just enough info to be armed & dangerous...


  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:11:37 AM

Posted 26 November 2006 - 05:01 PM

During Sept and Oct, the entries shown below appeared on the directory of my C: drive under the regular folders. The only info I get is Type: File, which isn't a great deal of help and why is a .dll stuck out there in limbo.
Any help to decide if they are safe to delete would be appreciated.

Posted Image

Cheers

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


BC AdBot (Login to Remove)

 


#2 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:37 PM

Posted 26 November 2006 - 07:08 PM

Any other problems at the time - maybe hard drive access issue? Are you using any sort of backup/imaging program?
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#3 rowal5555

rowal5555

    Just enough info to be armed & dangerous...

  • Topic Starter

  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:11:37 AM

Posted 26 November 2006 - 07:20 PM

Not that I can specifically recall as it is so long ago. Regularly have little niggles along the way but usually get them sorted. Used Nero Backitup a while ago to image the drive but that would have been prior to this I would think.

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:37 PM

Posted 26 November 2006 - 07:30 PM

Google searches about this lead to 2 things:
1) an infection
2) unhidden system restore points.

If you haven't done anything likely to affect the System Restore - then I'd suggest a thorough antivirus scan!
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#5 rowal5555

rowal5555

    Just enough info to be armed & dangerous...

  • Topic Starter

  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:11:37 AM

Posted 26 November 2006 - 07:39 PM

I tend to rely pretty much on the Windows Live OneCare Scan these days and it hasn't hiccupped yet. I'm off to town now so will set a scan going.
Any clues on the .dll?

Thanks

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#6 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:37 PM

Posted 26 November 2006 - 08:38 PM

I'd suggest that you not let the Windows scan work on your registry very often. The biggest problem that I've seen with registry's is caused by overcleaning. And, although this is a Microsoft tool, it can still hose your system if used too often.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#7 rowal5555

rowal5555

    Just enough info to be armed & dangerous...

  • Topic Starter

  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:11:37 AM

Posted 27 November 2006 - 01:43 AM

Well the scan came up with nobody seems to know what.

Posted Image

Will go and google Alureon.gen and see what happens

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#8 rowal5555

rowal5555

    Just enough info to be armed & dangerous...

  • Topic Starter

  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:11:37 AM

Posted 27 November 2006 - 07:37 AM

Whatever these files are, they are staying. In the above list there were also 2 files obviously relating to a printer I don't even have anymore which I deleted before posting.
I used BootSafe to boot into safe mode to run AdAware, Spybot, and Avast scans but then Windows refused to shut down and I ended up doing 2 hard shutdowns and a system restore back to Saturday so I could get running again. Went to the recycle bin and restored the 2 old printer files and that removed the device manager exclamation mark from my present printer - very weird.

I am now going to make a new folder named 'Don't Touch' and tuck away all the stray bits and just forget about them. Really drives home the truism "IF YOU DON'T KNOW WHAT IT IS - LEAVE IT ALONE." :thumbsup:

Thank you.

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 


#9 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:06:37 PM

Posted 27 November 2006 - 09:50 AM

The scan said that it was not able to fix the Alureon issue - and that it's a severe issue. That's something to worry about! I googled Alureon and it came up with many variants of the basic trojan.

I don't know if this thing infects your System Restore points - but I think that another online scan is called for.

Finally, it's important to get a complete Avast scan of your system - even if it means slaving your hard drive to another system and scanning it from there. Without it, you can't be sure that you've killed this bugger - and it may respawn and continue to give you problems.

Also, search these forums for Trojan cleaner tools and try them out - they may be able to get at the problem if Avast can't.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#10 rowal5555

rowal5555

    Just enough info to be armed & dangerous...

  • Topic Starter

  • Members
  • 2,644 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:St Kilda, Dunedin. South Island. NZ
  • Local time:11:37 AM

Posted 28 November 2006 - 05:53 AM

Thanks John. After 36 hours of solid scanning with everything I could lay my hands on, finally got this result
Posted Image

Along the way I got rid of, Alureon.gen, 5 of QHost-Al, PSkill-E, TrojanMedia-Codec, kdrjj.exe, mjlvi.exe and PlayerHost.dll, so the effort was well worth it. I've deleted all the stuff I originally posted about without ill effect so far. My 18yo stayed for a few days around that time and spent all his time on the computer so I'd say that might be where some of the trouble came from.

One other thing I have done is turn Resident Teatimer back on. I've always run it, but for some unfathomable reason I turned it off a while ago - never again. It would have queried several of my problems and alerted me to potential trouble much earlier. When I denied access for kdrjj.exe to hook on to System Winlogon??, Teatimer went totally berserk for at least half an hour.

Waiting on all the hours of scanning made me get up and do some much delayed work around the place so a good result all round.

Cheers

Edited by rowal5555, 28 November 2006 - 06:43 AM.

rowal5555 (Rob )                                                             

Avid supporter of Bleeping Computer's
Team 38444

You can help find a cure


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users