Results 1 to 2 of 2

Thread: win32 fraudload edt

  1. #1
    Junior Member
    Join Date
    Jun 2011
    Posts
    1

    Default win32 fraudload edt

    Heres Log
    DDS (Ver_2011-06-03.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24
    Run by Vistor at 0:10:40 on 2011-06-05
    Microsoft Windows XP Professional 5.1.2600.3.936.86.1033.18.2814.1953 [GMT -4:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    FW: AVG Firewall *Disabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k Akamai
    C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
    C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\conime.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Styler\Styler.exe
    C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\DOCUME~1\Vistor\LOCALS~1\Temp\Ddx.exe
    C:\Program Files\AIM\aim.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uURLSearchHooks: H - No File
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: BHO Class: {dd92de22-ed91-4560-b788-dee2b26612e6} - c:\program files\devicevm\browser configuration utility\IEHelper.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: StylerToolBar: {d2f8f919-690b-4ea2-9fa7-a203d1e04f75} - c:\program files\styler\tb\StylerTB.dll
    {555d4d79-4bd2-4094-a395-cfc534424a05}
    uRun: [YDZ1QVAGOJ] c:\docume~1\vistor\locals~1\temp\Ddx.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    dRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
    dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    StartupFolder: c:\docume~1\vistor\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
    StartupFolder: c:\docume~1\vistor\startm~1\programs\startup\styler.lnk - c:\documents and settings\vistor\application data\microsoft\installer\{e9ecf354-2422-4fdb-9abf-d8adac0ef941}\_585b207a.exe
    uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    uPolicies-explorer: NoInstrumentation = 1 (0x1)
    dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    Trusted Zone: pps.tv
    Trusted Zone: ppstream.com
    Trusted Zone: webscache.com
    DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
    DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} - hxxp://nxcache.nexon.net/mabinogi/renderer/mabiweb.2010.5.03.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{C8E340E2-9C64-4B29-853E-6699F48CF48F} : DhcpNameServer = 192.168.1.1 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Notify: Antiwpa - antiwpa.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\vistor\application data\mozilla\firefox\profiles\iwweaoy5.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - about:home
    FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\documents and settings\vistor\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
    R1 MpKsl0f19e3d6;MpKsl0f19e3d6;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{912e447d-422b-46f1-bac8-3cd4c8979dcb}\MpKsl0f19e3d6.sys [2011-6-4 28752]
    R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
    R2 BCUService;Browser Configuration Utility Service;c:\program files\devicevm\browser configuration utility\BCUService.exe [2010-8-1 212232]
    R2 ES lite Service;ES lite Service for program management.;c:\program files\gigabyte\easysaver\essvr.exe [2010-8-1 68136]
    R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-12-25 632792]
    S1 MpKsl18d89695;MpKsl18d89695;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{554de8e2-9825-46c6-8d40-d35191c99137}\mpksl18d89695.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{554de8e2-9825-46c6-8d40-d35191c99137}\MpKsl18d89695.sys [?]
    S1 MpKsl50475657;MpKsl50475657;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{54ec0980-d55a-4088-974a-74478ad2500b}\mpksl50475657.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{54ec0980-d55a-4088-974a-74478ad2500b}\MpKsl50475657.sys [?]
    S1 MpKsl7bea47a4;MpKsl7bea47a4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ee21a650-379e-4276-8c0f-419b3c0dddea}\mpksl7bea47a4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ee21a650-379e-4276-8c0f-419b3c0dddea}\MpKsl7bea47a4.sys [?]
    S1 MpKslb72677d0;MpKslb72677d0;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fc52f683-b66e-4209-aee7-a94ec97aae88}\mpkslb72677d0.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{fc52f683-b66e-4209-aee7-a94ec97aae88}\MpKslb72677d0.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-13 136176]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-8-1 1684736]
    S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
    S3 gupdatem;Google 更新服务 (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-13 136176]
    S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [2011-1-11 133632]
    S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2011-1-11 79360]
    S3 NAVENG;NAVENG;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\naveng.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVENG.SYS [?]
    S3 NAVEX15;NAVEX15;\??\c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\navex15.sys --> c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20080829.024\NAVEX15.SYS [?]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2011-06-05 03:02:38 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{912e447d-422b-46f1-bac8-3cd4c8979dcb}\MpKsl0f19e3d6.sys
    2011-06-05 02:41:27 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
    2011-06-05 02:36:05 230912 ----a-w- c:\windows\Dvyhoa.exe
    2011-06-05 02:18:14 -------- d-----w- c:\documents and settings\all users\application data\UAB
    2011-06-05 02:18:10 -------- d-----w- c:\documents and settings\vistor\local settings\application data\PC_Drivers_Headquarters
    2011-06-05 02:18:05 -------- d-----w- c:\documents and settings\all users\application data\PC Drivers HeadQuarters
    2011-06-05 02:16:58 -------- d-----w- c:\program files\PC Drivers HeadQuarters
    2011-06-04 20:32:04 71496 ----a-w- c:\windows\system32\rdboot32.exe
    2011-06-04 19:28:50 -------- d-----w- c:\documents and settings\vistor\local settings\application data\O&O
    2011-06-04 19:07:37 -------- d-----w- c:\program files\Raxco
    2011-06-04 18:01:35 -------- d-----w- c:\documents and settings\vistor\local settings\application data\AeroSnapApp
    2011-06-04 18:01:35 -------- d-----w- c:\documents and settings\vistor\application data\AeroSnapApp
    2011-06-04 15:45:03 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{912e447d-422b-46f1-bac8-3cd4c8979dcb}\mpengine.dll
    2011-06-04 14:44:51 -------- d-----w- c:\program files\Vista Drive Icon
    2011-06-04 14:43:42 -------- d-----w- c:\program files\Taskbar Shuffle
    2011-06-04 14:42:49 -------- d-----w- c:\program files\AeroSnap
    2011-06-04 14:38:49 -------- d-----w- c:\documents and settings\vistor\application data\IconTweaker
    2011-06-04 14:38:49 -------- d-----w- c:\documents and settings\all users\application data\IconTweaker
    2011-06-04 14:38:47 -------- d-----w- c:\program files\IconTweaker
    2011-06-04 14:16:11 -------- d-----w- c:\documents and settings\vistor\application data\Styler
    2011-06-04 14:15:31 -------- d-----w- c:\program files\Styler
    2011-06-04 02:02:14 -------- d-----w- C:\ppsvodcache
    2011-06-04 01:29:39 -------- d-----w- c:\documents and settings\all users\application data\DivX
    2011-06-03 23:12:24 -------- d-----w- c:\documents and settings\all users\application data\IObit
    2011-06-03 20:52:11 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
    2011-06-03 20:51:51 -------- d-----w- c:\program files\common files\xing shared
    2011-06-03 20:51:34 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
    2011-06-03 20:51:28 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
    2011-06-03 20:25:11 -------- d-----w- c:\documents and settings\vistor\Adobe Photoshop CS5.1
    2011-06-03 20:20:51 -------- d-----w- c:\documents and settings\vistor\application data\com.adobe.downloadassistant.AdobeDownloadAssistant
    2011-06-03 02:06:58 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2011-06-03 00:48:10 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
    2011-06-03 00:48:10 32656 ----a-w- c:\windows\system32\msonpmon.dll
    2011-06-03 00:42:00 -------- d-----w- c:\program files\Microsoft Visual Studio 8
    2011-06-03 00:41:07 -------- d-----w- c:\windows\SHELLNEW
    2011-06-02 21:26:39 -------- d-----w- c:\documents and settings\vistor\local settings\application data\Microsoft Help
    2011-06-02 21:18:57 -------- d-----w- c:\documents and settings\vistor\local settings\application data\SoftGrid Client
    2011-06-02 21:18:54 -------- d-----w- c:\documents and settings\vistor\application data\SoftGrid Client
    2011-06-02 21:13:05 -------- d-----w- c:\documents and settings\vistor\application data\TP
    2011-06-01 01:45:47 -------- d-----w- c:\documents and settings\vistor\application data\Softplicity
    2011-06-01 01:23:36 -------- d-----w- c:\documents and settings\vistor\local settings\application data\Conduit
    2011-06-01 01:23:06 -------- d-----w- c:\documents and settings\vistor\application data\GetRightToGo
    2011-06-01 00:47:55 304128 ----a-w- c:\windows\IsUninst.exe
    2011-06-01 00:47:53 -------- d-----w- c:\documents and settings\vistor\WINDOWS
    2011-05-31 20:11:43 -------- d-----w- c:\documents and settings\vistor\local settings\application data\Downloaded Installations
    2011-05-31 19:58:19 -------- d-----w- c:\windows\system32\winrm
    2011-05-31 19:58:11 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
    2011-05-31 03:06:43 -------- d-----w- c:\documents and settings\vistor\application data\Digiarty
    2011-05-31 02:22:33 -------- d-----w- c:\program files\Digiarty
    2011-05-31 01:59:06 -------- d-----w- c:\documents and settings\vistor\local settings\application data\FLVService
    2011-05-31 01:00:08 -------- d-----w- c:\documents and settings\vistor\application data\AnvSoft
    2011-05-31 00:40:49 -------- d-----w- c:\program files\Total Video Converter
    2011-05-31 00:36:06 -------- d-----w- c:\program files\common files\SWF Studio
    2011-05-31 00:35:57 -------- d-----w- c:\program files\Riva
    2011-05-31 00:25:34 -------- d-----w- c:\program files\YouTube Downloader
    2011-05-30 15:50:11 175616 ----a-w- c:\windows\system32\unrar.dll
    2011-05-30 15:50:07 839680 ----a-w- c:\windows\system32\lameACM.acm
    2011-05-30 15:50:07 631808 ----a-w- c:\windows\system32\xvidcore.dll
    2011-05-30 15:50:07 237568 ----a-w- c:\windows\system32\yv12vfw.dll
    2011-05-30 15:50:07 151552 ----a-w- c:\windows\system32\ac3acm.acm
    2011-05-30 15:50:06 80896 ----a-w- c:\windows\system32\ff_vfw.dll
    2011-05-30 15:50:06 243200 ----a-w- c:\windows\system32\xvidvfw.dll
    2011-05-30 15:50:02 -------- d-----w- c:\program files\K-Lite Codec Pack
    2011-05-30 15:46:45 -------- d-----w- c:\documents and settings\vistor\local settings\application data\WMTools Downloaded Files
    2011-05-26 22:32:17 -------- d-----w- c:\windows\OPTIONS
    2011-05-26 21:41:13 -------- d-----w- c:\documents and settings\vistor\local settings\application data\Temp
    2011-05-26 21:41:08 -------- d-----w- c:\documents and settings\vistor\local settings\application data\Google
    2011-05-26 05:57:08 65536 ----a-w- c:\windows\system32\frapsvid.dll
    2011-05-26 00:56:55 -------- d-----w- c:\documents and settings\vistor\local settings\application data\ATI
    2011-05-25 02:23:22 -------- d-----w- c:\documents and settings\vistor\local settings\application data\Wildtangent
    2011-05-21 22:24:32 -------- d-----w- c:\windows\system32\wbem\repository\FS
    2011-05-21 22:24:32 -------- d-----w- c:\windows\system32\wbem\Repository
    2011-05-21 22:15:55 -------- d-----w- C:\AMD
    2011-05-21 22:09:27 -------- d-----w- c:\program files\common files\Logitech
    2011-05-21 22:09:26 -------- d-----w- c:\program files\MouseWare
    2011-05-21 22:09:13 -------- d-----w- C:\Compaq
    2011-05-21 22:03:00 -------- d-----w- c:\documents and settings\vistor\application data\DeviceDoctorSoftware
    2011-05-21 21:54:28 -------- d-----w- c:\windows\LastGood(2)
    2011-05-20 22:08:55 -------- d-----w- c:\documents and settings\vistor\application data\Unity
    2011-05-15 01:17:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    ==================== Find3M ====================
    .
    2011-06-05 03:02:40 17488 ----a-w- c:\windows\gdrv.sys
    2011-06-03 20:51:19 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2011-06-03 20:51:18 499712 ----a-w- c:\windows\system32\msvcp71.dll
    2011-03-11 14:10:38 471552 ----a-w- c:\windows\apppatch\aclayers.dll
    2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
    .
    ============= FINISH: 0:11:00.65 ===============

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi Infected25

    Which program finds that and where it is according to it?
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •