Pooter help needed please! Think I may have been got!

[chasroberts]

Just after logging off from YBW last night the pooter had a fit! Stated cranking up extra pages in IE and suchlike. I, of course, calm and collected as always, tried desperately to stop it using Task Manager to no avail. After 30 secs gave up and in desperation hit the power key. After a fortifying tipple, gingerly switched the computer on and the wifi button off. I ran AVG on a full system test, twice, and got a clean report (but see below). Then ran windows defender twice in both quick scan and full scan (45 mins!). Both tests came back negative. Both the Defender and AVG have been updated regularly.

CClean gave a list of stuff to clear out as usual and so I cleaned all the c**p out but noticed the following two files still listed:
C:\DOCUMEN~1\Toshiba\LOCALS~1\Temp\HDD_MU828it.dll 0.12Mb
C:\DOCUMEN~1\Toshiba\LOCALS~1\Temp|SJ-Utility.exe
2.21Mb
These were scheduled for removal by cclean but would not go despite being asked to on more than one occasion.

The AVG test gave the following results
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\ntoskrnl.exe

The result on all three files was 'change' and the status on all three was shown as 'changed'.

The question is obvious. Have I been zapped with sumfink 'orrible? If so any suggestions on a fix would put my mind in a much easier state.

As always, (creep mode - on)I throw myself on the mercy of those much sager than I in these matters (creep mode - off).
Many thanks in advance for advise thoughts etc.

Chas

 

[Aja]

Googling SJ-Utility.exe got me this..

Some sort of HDD locking device....
Donald

 

[Skyva_2]

My AVG scan has been giving me the same results [ QUOTE ]
The AVG test gave the following results
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\user32.dll
C:\WINDOWS\system32\ntoskrnl.exe

[/ QUOTE ]

Checking on Google says these are valid results and not due to infection.

"It is normal that AVG shows that files, the MBR or Boot record to have changed. These are done during normal maintenance, when you or windows updates files or have had to correct errors on the drive. The only time that you should worry is if they also show as infected.

To get AVG to quit showing them as changed, open the AVG Test Center, click the F3 key on your keyboard and tell it to accept the changes. If it still shows something as changed after this.. delete the file named AVG7QT.DAT in C:\ and AVG will rebuild it the next time it is run. "

 

[chasroberts]

Many thanks Donald. Had a quick look at that. Didn't make too much sense, but that's just me.

Just don't seem to remember seeing this in the results box before.

Chas

 

[chasroberts]

Thanks for that Keith. I appreciate the input. All seems to be OK at the moment, just hoping it was a glitch and no more.

Chas

 

[pappaecho]

ah it was you using IE was it? No wonder you are having problems, unless of course you have downloaded the 121 different software patches, so make it secure. Why not try something like Firefox, which does not screw up its buffers.
Seriously though, you might look at the error logs for the time and date when the incident occurred, and it might indicate what caused it. Often it is bad code or a bad driver (unsigned)

 

[tom652]

could also be caused by a web bot look for spybot its a free and very useful tool much quicker than windows defender. no I am in no way involved in the product just a happy user. sorted many spyware and trojan related that were not picked up by regular and expensive anti virus systems.