Win32/Alureon.gen

hary

unread,

Nov 11, 2008, 8:52:01 AM11/11/08

to

I am hoping this is a false positive, but a scan with MS Malious Removal Tool
has found this trojan.
It does not show with Avg/ Spybot or HJT.

I can't find its location to delete it, or even if its running.

Any idea how to remove it.

David H. Lipman

unread,

Nov 11, 2008, 9:02:37 AM11/11/08

to

From: "hary" <ha...@discussions.microsoft.com>

This trojan is associated with the TDSServ RootKit.

* I STRONGLY suggest Expert Assistance ! *

Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

Then post the contents of the HJT log in your post in one of the below expert forums...

{ Please - Do NOT post the HJT Log here ! }

Forums where you can get expert advice for HiJack This! (HJT) Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

PA Bear [MS MVP]

unread,

Nov 11, 2008, 4:51:04 PM11/11/08

to

What David said.

teenvar83

unread,

May 28, 2009, 3:58:35 AM5/28/09

to

welll to rid of this i'll suggest avast antivirus install it... after
installation u will be asked for boot scan and restart click yes but
restart later ... first fully update antivirus and after updating
restart ur PC and let the boot scan happen and delete virus
manually...this might help...

--
teenvar83
------------------------------------------------------------------------
teenvar83's Profile: http://forums.techarena.in/members/101694.htm
View this thread: http://forums.techarena.in/microsoft-security/1069876.htm

http://forums.techarena.in

David H. Lipman

unread,

May 28, 2009, 6:20:11 AM5/28/09

to

From: "teenvar83" <teenvar8...@DoNotSpam.com>

| welll to rid of this i'll suggest avast antivirus install it... after installation u
| will be asked for boot scan and restart click yes but restart later ... first fully
| update antivirus and after updating restart ur PC and let the boot scan happen and
| delete virus manually...this might help... -- teenvar83

Actually, no.

This is a Trojan RootKit.

Anyone who has the Alureon should seek professional assistance.

Milo

unread,

May 30, 2009, 4:08:26 AM5/30/09

to

Well if am not mistaken... we are all professional here

or if you are in the US, call in 866 727 2338 for a direct assistance if we
can start by sending us a Hijackthis log and Hijackthis Startup list log

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:OKZ8m333...@TK2MSFTNGP02.phx.gbl...

Milo

unread,

May 30, 2009, 4:16:50 AM5/30/09

to

The indication of your report is Win32/Alureon.gen ( generic / heurisitic
detection ) it means its has a similar but not exact behavior and or binary
file to the specific Win32/Alureon.*
so as a follow up to the post I previously indicated. If you can post which
am sure you use an application or a tool to get this detection.

Please attached the log.... ( text copy location of the file )

example:
C:\where\whatfile.exe was indicated and how many

"teenvar83" <teenvar8...@DoNotSpam.com> wrote in message
news:teenvar8...@DoNotSpam.com...

Qdog

unread,

Jul 14, 2009, 7:06:52 PM7/14/09

to

I believe I have this virus...I downloaded a bitorrent (audio file) and
I was on Youtube prior to receiving this nasty virus...I downloaded
malwarebytes and I am going to run a scan...I have Sypbot and
Superantispyware and I run Iolo Anitvirus with System Mechanic
features...My Antivirus keeps blocking something called
w32/Alureon.C!Generic...since receiving this virus I have noticed
website redirects and video card failures...I did a HighJackThis scan
and here is my log... Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:18:20 AM, on 7/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA
iP6000D\PDUiP6000DMemCrdMgr.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA
Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA
Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Canon\Memory Card Utility\iP6700D\PDUiP6700DMon.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA
iP6000D\PDUiP6000DTskbr.exe
C:\Program Files\Canon\Memory Card Utility\PIXMA
iP6000D\PDUiP6000DMon.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\iolo\System Mechanic
Professional\AntiVirus\ioloAV.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\USBStorage\USBDetector.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
C:\Program Files\TimeLeft3\TimeLeft.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Razer\Lycosa\razertra.exe
C:\Program Files\Razer\Copperhead\razertra.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\iolo\System Mechanic
Professional\AntiVirus\iAVEmailScanner.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
= http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper -
{68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program
Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Toolbar Helper -
{AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google
Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO -
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch -
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google
Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared
Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program
Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster
X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Lycosa] "C:\Program
Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [razer] C:\Program
Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program
Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [PDUiP6700DMon] C:\Program Files\Canon\Memory Card
Utility\iP6700D\PDUiP6700DMon.exe
O4 - HKLM\..\Run: [PDUiP6000DTskbr] C:\Program Files\Canon\Memory Card
Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe
O4 - HKLM\..\Run: [PDUiP6000DMon] C:\Program Files\Canon\Memory Card
Utility\PIXMA iP6000D\PDUiP6000DMon.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program
Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System
Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program
Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program
Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
O4 - HKLM\..\Run: [net] "C:\WINDOWS\system32\net.net"
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA
Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search
& Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program
Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: TimeLeft.lnk = C:\Program Files\TimeLeft3\TimeLeft.exe
O4 - Global Startup: REALTEK RTL8187 Wireless LAN Utility.lnk =
C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Add to TimeLeft Auction Watch -
{21196042-830F-419f-A594-F9D456A6C29A} - C:\Program
Files\TimeLeft3\TLIntergIE.html
O9 - Extra 'Tools' menuitem: Add to TimeLeft Auction Watch -
{21196042-830F-419f-A594-F9D456A6C29A} - C:\Program
Files\TimeLeft3\TLIntergIE.html
O9 - Extra button: Send to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl
Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.8.110.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) -
http://powersoccer.foxsoccer.com/common/applet/PowerLoader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
-
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238622818953
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software
AutoUpdate Support Package) -
http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15107/CTPID.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
C:\Program Files\Google\Google
Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program
Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs
- C:\Program Files\Common Files\Creative Labs
Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology
Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative
Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program
Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) -
Unknown owner - C:\Program Files\NVIDIA
Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Desktop Manager 5.7.806.10245
(GoogleDesktopManager-061008-081103) - Google - C:\Program
Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate1c984d56830263a)
(gupdate1c984d56830263a) - Google Inc. - C:\Program
Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown
owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner
- C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun
Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner -
C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner -
C:\Program Files\NVIDIA
Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program
Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Canon PIXMA iP6000D Memory Card Manager
(PDUiP6000DMemCrdMgr) - CANON INC. - C:\Program Files\Canon\Memory Card
Utility\PIXMA iP6000D\PDUiP6000DMemCrdMgr.exe
O23 - Service: PnkBstrA - Unknown owner -
C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner -
C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 12490 bytes

Can anyone help me remove this bugger?

--
Qdog
------------------------------------------------------------------------
Qdog's Profile: http://forums.techarena.in/members/114767.htm

1PW

unread,

Jul 14, 2009, 7:52:36 PM7/14/09

to

Qdog wrote:

Snip, snip...

1) Please do not steal the thread of another poster. That is
considered very rude.

2) Please don't post logs here. Post your log with one of the following:

(http://aumha.net/viewforum.php?f=30)
(http://forums.spywareinfo.com/index.php?&showforum=18)
(http://www.spywarewarrior.com/viewforum.php?f=5)
(http://www.bleepingcomputer.com/forums/forum22.html)
(http://www.dslreports.com/forum/cleanup)
(http://forum.malwareremoval.com/viewforum.php?f=11)
(http://www.cybertechhelp.com/forums/forumdisplay.php?f=25)
(http://www.atribune.org/forums/index.php?showforum=9)
(http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Her...)
(http://forums.spywareinfo.com/index.php?showforum=18)
(http://www.techmonkeys.co.uk/forums/viewforum.php?f=8)
(http://forum.networktechs.com/forumdisplay.php?f=130)
(http://forums.maddoktor2.com/index.php?showforum=17)
(http://forums.spywaretimes.com/index.php?showforum=2)
(http://www.bluetack.co.uk/forums/index.php?showforum=172)
(http://forums.techguy.org/f54-s.html)
(http://forums.tomcoyote.org/index.php?showforum=27)
(http://forums.subratam.org/index.php?showforum=7)
(http://www.5starsupport.com/ipboard/index.php?showforum=18)
(http://www.malwarebytes.org/forums/index.php?showforum=7)
(http://www.wilderssecurity.com/forumdisplay.php?f=26)
(http://makephpbb.com/phpbb/viewforum.php?f=2)
(http://forums.techguy.org/54-security/)
(http://forums.security-central.us/forumdisplay.php?f=13)
(http://castlecops.com/forum67.html)
(http://gladiator-antivirus.com/forum/index.php?showforum=170)
(http://www.lavasoftsupport.com/index.php?showforum=36)
(http://forum.piriform.com/index.php?showforum=12)

Regards,

Pete
--
1PW @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]

PA Bear [MS MVP]

unread,

Jul 14, 2009, 8:25:45 PM7/14/09

to

To avoid confusion, always begin a new thread about your specific problems.
State your IE version and full Windows version (e.g., WinXP SP3; Vista SP2)
in your first post.

We do NOT work with/interpret HJT logs in MS newsgroups.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Client - since 2002

Qdog wrote:
> I believe I have this virus...I downloaded a bitorrent (audio file) and
> I was on Youtube prior to receiving this nasty virus...I downloaded
> malwarebytes and I am going to run a scan...I have Sypbot and
> Superantispyware and I run Iolo Anitvirus with System Mechanic
> features...My Antivirus keeps blocking something called
> w32/Alureon.C!Generic...since receiving this virus I have noticed
> website redirects and video card failures...I did a HighJackThis scan
> and here is my log...

> Logfile of Trend Micro HijackThis v2.0.2
> Scan saved at 11:18:20 AM, on 7/12/2009
> Platform: Windows XP SP3 (WinNT 5.01.2600)
> MSIE: Internet Explorer v8.00 (8.00.6001.18702)
> Boot mode: Normal

<snip>

Qdog

unread,

Jul 15, 2009, 10:36:56 AM7/15/09

to

Oh I'm sorry...thank you for help.

1PW

unread,

Jul 15, 2009, 2:28:54 PM7/15/09

to

Qdog wrote:
> Oh I'm sorry...thank you for help.

Hello Qdog:

You're welcome. Come back with a new post of your own if you have a
specific question about /your/ HJT analysis and/or computer security.

HTH