Thread: Surprised my computer is still running
View Single Post
Old 07-01-2009, 01:20 AM   #1 (permalink)
Eculus
Registered User
 
Join Date: Jul 2009
Posts: 1
OS: Windows Vista 32 bit


Surprised my computer is still running
For about 3 months now, I have been getting redirected from google. I type in a term or word or whatever, and the links that I click on take me to sites with advertisements, or sites that can't display the page at all. It is very frustrating. I got AVG installed about 4 weeks ago, and it IMMEDIATELY caught 3-6 trojans, and a virus called polycrypt. When that happened, the google problem stopped. But about a week ago, the problem popped up AGAIN. AVG hasn't been removing anything up until today. The resident shield caught something in the directory C:\WINDOWS\System32\svchost.exe and the virus was called Heur. I have tried Malwarebytes, but every time, it freezes on a file "SOFTWARE.SAV" in the directory C:\WINDOWS\System32\SOFTWARE.SAV I don't know is this is a regular file or not but it's very frustrating. I have also tried Ad-Aware, but ift freezes on the same file. I have looked up different solutions for google redirect problem. I found out that there is a thing called a DNSChanger Trojan. I followed the steps for that, and I think I might have one. If I DO happen to have that, then it would explain my Windows Update problem I have been having for 5 months. I have been getting alot of BSOD's lately, and 2 days ago, I had to restart my computer 7 TIMES because of it. I need help bad. Thank you. The logs are atteched to this thread.


DDS (Ver_09-06-26.01) - NTFSx86
Run by Owner at 23:15:02.06 on Tue 06/30/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1982.931 [GMT -8:00]

SP: Lavasoft Ad-Watch Live! *enabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Windows\system32\PSIService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Owner\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=PRESARIO&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=PRESARIO&pf=laptop
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\sdra64.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [sysav] c:\users\owner\appdata\roaming\pcdefender.exe
uRun: [AdobeBridge]
uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
uRun: [userinit] c:\users\owner\appdata\roaming\sdra64.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30618; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www2.rasterwerks.com/game/phosphor/beta1.asp"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [igfxtray.exe] c:\program files\adobe\adobe photoshop cs4\Patch.exe
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-us.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} - hxxp://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 85.255.112.134,85.255.112.10
TCP: {21C8A1C2-1CCD-4B3A-AE03-C6036673E3E0} = 85.255.112.134,85.255.112.10
TCP: {AD596EFD-DA10-44D9-B21C-6CCF78DF5C86} = 85.255.112.134,85.255.112.10
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: avgrsstx.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\bth5xaws.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\bth5xaws.default\extensions\{81bf1d23-5f17-408d-ac6b-bd6df7caf670}\components\XpcomOpusConnector.dll
FF - component: c:\users\owner\appdata\roaming\mozilla\firefox\profiles\bth5xaws.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-8 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-12 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-12 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-28 906520]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-12 298776]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 951632]
R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-3-23 185640]
S2 gupdate1c9aeae306093e0;Google Update Service (gupdate1c9aeae306093e0);c:\program files\google\update\GoogleUpdate.exe [2009-3-26 133104]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-2-13 28672]
S3 MovRVDrv32;MovRVDrv32;c:\windows\system32\drivers\MovRVDrv32.sys [2009-1-11 3768]

=============== Created Last 30 ================

2009-06-30 15:30 <DIR> --d----- c:\users\owner\.housecall6.6
2009-06-30 12:46 <DIR> --dsh--- c:\users\owner\appdata\roaming\lowsec
2009-06-30 12:06 <DIR> --dsh--- c:\windows\system32\lowsec
2009-06-29 20:49 <DIR> --d----- c:\program files\Conduit
2009-06-29 20:49 <DIR> --d----- c:\program files\Demonoid
2009-06-29 10:49 <DIR> --d----- c:\users\owner\appdata\roaming\Regensoft
2009-06-29 10:47 <DIR> --d----- c:\users\owner\PSP Emulator
2009-06-29 02:31 <DIR> --d----- c:\programdata\AVG Security Toolbar
2009-06-29 02:31 <DIR> --d----- c:\progra~2\AVG Security Toolbar
2009-06-28 21:48 <DIR> --d----- c:\users\owner\appdata\roaming\Red Kawa
2009-06-28 20:55 <DIR> --d----- c:\users\owner\ZNES
2009-06-28 17:51 <DIR> --d----- c:\users\owner\appdata\roaming\Malwarebytes
2009-06-28 12:51 <DIR> --d----- c:\program files\AviSynth 2.5
2009-06-28 12:50 <DIR> --d----- c:\program files\Red Kawa
2009-06-28 12:49 9,130,463 a------- c:\users\owner\videora-ipodtouch-408-setup.exe
2009-06-28 00:22 <DIR> --d----- c:\users\owner\appdata\roaming\AVG8
2009-06-27 21:52 81,920 a------- c:\users\owner\appdata\roaming\ezpinst.exe
2009-06-27 21:52 47,360 a------- c:\windows\system32\drivers\pcouffin.sys
2009-06-27 21:52 47,360 a------- c:\users\owner\appdata\roaming\pcouffin.sys
2009-06-27 03:09 <DIR> --d----- C:\Temp
2009-06-27 02:50 <DIR> --d----- c:\users\owner\appdata\roaming\Xilisoft Corporation
2009-06-26 18:51 181,280 a------- c:\users\owner\msvcr71.zip
2009-06-26 18:50 <DIR> --d----- c:\users\owner\New Folder (2)
2009-06-26 18:50 6,143,972 a------- c:\users\owner\Dolphin_1546.zip
2009-06-25 21:32 <DIR> --d----- c:\program files\Audacity
2009-06-25 21:31 <DIR> --d----- c:\users\owner\Audacity
2009-06-24 20:44 140,616 a------- c:\users\owner\ThiefGoldSetup-dm.exe
2009-06-23 18:20 <DIR> --d----- c:\users\owner\Tracing
2009-06-23 03:01 <DIR> --d----- C:\Fraps
2009-06-23 02:59 <DIR> --d----- c:\users\owner\FRAPS v2.9.6 Full [Unlocked[sSniper]
2009-06-23 02:47 <DIR> a-d----- c:\programdata\TEMP
2009-06-22 23:08 <DIR> --d----- c:\program files\Thief2
2009-06-22 00:40 <DIR> --d----- c:\users\owner\New Folder
2009-06-22 00:36 <DIR> --d----- c:\users\owner\Peach
2009-06-22 00:34 <DIR> --d----- c:\users\owner\Butter
2009-06-21 22:23 <DIR> --d----- c:\users\owner\Grand Theft Anal 9
2009-06-21 19:37 898,293,056 a------- c:\users\owner\Thief - The Dark Project - Gold Edition Full.zip
2009-06-20 22:27 409,600 a------- c:\windows\system32\wrap_oal.dll
2009-06-20 22:27 114,688 a------- c:\windows\system32\OpenAL32.dll
2009-06-20 22:27 <DIR> --d----- c:\program files\OpenAL
2009-06-20 19:14 <DIR> --d----- c:\program files\common files\Logitech
2009-06-19 22:22 <DIR> --d----- c:\users\owner\Roms
2009-06-16 14:35 <DIR> --d----- c:\program files\common files\Macromedia
2009-06-16 14:34 <DIR> --d----- c:\programdata\Macromedia
2009-06-16 14:34 <DIR> --d----- c:\program files\Macromedia
2009-06-15 21:51 <DIR> --d----- c:\users\owner\appdata\roaming\DNA
2009-06-15 21:51 <DIR> --d----- c:\program files\DNA
2009-06-15 21:51 <DIR> --d----- c:\program files\BitTorrent
2009-06-13 18:58 <DIR> --d----- c:\program files\Trend Micro
2009-06-12 23:55 <DIR> --d----- c:\program files\iPod
2009-06-12 23:54 <DIR> --d----- c:\program files\iTunes
2009-06-12 22:45 <DIR> --d----- c:\programdata\Malwarebytes
2009-06-12 22:45 <DIR> --d----- c:\progra~2\Malwarebytes
2009-06-12 22:38 <DIR> --d----- c:\programdata\f-secure
2009-06-12 22:38 <DIR> --d----- c:\progra~2\f-secure
2009-06-12 21:23 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-06-12 21:18 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-06-12 21:18 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-06-12 21:18 327,688 a------- c:\windows\system32\drivers\avgldx86.sys
2009-06-12 21:18 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-06-12 21:18 <DIR> --d----- c:\program files\AVG
2009-06-12 20:21 <DIR> --d----- c:\users\owner\appdata\roaming\uTorrent
2009-06-05 11:42 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2009-06-05 11:42 39,424 a------- c:\windows\system32\drivers\usbaapl.sys

==================== Find3M ====================

2009-06-30 23:11 41,662 a------- c:\programdata\nvModes.dat
2009-06-30 23:11 41,662 a------- c:\progra~2\nvModes.dat
2009-06-27 21:52 143,360 a------- c:\windows\inf\infstrng.dat
2009-06-27 21:52 51,200 a------- c:\windows\inf\infpub.dat
2009-06-27 21:52 86,016 a------- c:\windows\inf\infstor.dat
2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll
2009-02-16 00:18 56 a---h--- c:\programdata\ezsidmv.dat
2009-02-16 00:18 56 a---h--- c:\progra~2\ezsidmv.dat
2009-01-16 17:26 13,025 a------- c:\users\owner\appdata\roaming\nvModes.dat
2009-01-12 16:33 174 a--sh--- c:\program files\desktop.ini
2009-01-12 16:23 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-18 23:38 927,744 a----r-- c:\users\owner\appdata\roaming\sdra64.exe
2006-11-02 04:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 04:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 04:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 04:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 01:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 01:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2005-05-17 13:01 1,649,152 a------- c:\users\owner\N v1.4.exe
2009-03-25 02:11 88 ---shr-- c:\windows\system32\5469390644.sys
2009-03-25 02:15 952 a--sh--- c:\windows\system32\KGyGaAvL.sys

============= FINISH: 23:16:51.91 ===============
Attached Files
File Type: zip New WinRAR ZIP archive.zip (5.9 KB, 1 views)
Eculus is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here