Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

HJT log, unsure of infection

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby IndiGenus » October 9th, 2007, 7:39 am

Okay can you please post a fresh HJT log for us and also let us know how it's running at this point.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA
Advertisement
Register to Remove

Unread postby IndiGenus » October 13th, 2007, 8:31 am

Hello,

It's been a few days and would like to check in to see how it's running. Also, would like to have you run a scan.

Download FindAWF:

Save the file to the Desktop
Double-click the FindAWF icon.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 1 then Enter to scan for bak folders
The scan may take a while, please be patient.

When done, a text file, Find AWF report is produced that we need to look at.
Please post it in your reply.

Please also post a fresh HJT log.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 15th, 2007, 1:13 am

I thought you had forgotten about me, but then i noticed a second page >_<

My computer is still slower than usual, but it's running O.K. at this point.

Logfile of HijackThis v1.99.1
Scan saved at 10:11:06 PM, on 14/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS2\System32\nvsvc32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS2\System32\WgaTray.exe
C:\WINDOWS2\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Utopia\Angel\Angel.exe
C:\WINDOWS2\System32\wuauclt.exe
C:\WINDOWS2\System32\devldr32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Griffin.MAIN\Desktop\Anti-suck\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forumsx.net/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS2\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS2\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS2\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Utopia Angel] "C:\Utopia\Angel\Angel.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6586510546
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS2\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS2\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)




once again the log file for the awf is too big to post, do you have instructions to shorten it?
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm

Unread postby IndiGenus » October 15th, 2007, 9:35 am

Open the FindAWF file in Notepad. Click View, then Status Bar.
Down in the lower right hand corner of the sceen post back how many lines it says there are. It will say Ln, ##. Post back the #.

Let's also just get at least part of the log posted. Can you copy and paste a portion of it that will fit into a reply here so we can see what is going on.

Also, are you having problems running any of your programs?
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 15th, 2007, 9:18 pm

theres 2065 lines

ind AWF report by noahdfear ©2006
Version 1.40

The current date is: 14/10/2007
The current time is: 21:04:06.15


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\ITUNES\BAK

31/07/2007 06:44 PM 271,672 iTunesHelper.exe
1 File(s) 271,672 bytes

Directory of C:\PROGRA~1\MESSEN~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\QUICKT~1\BAK

10/07/2006 07:19 PM 282,624 qttask.exe
1 File(s) 282,624 bytes

Directory of C:\UTOPIA\ANGEL\BAK

06/08/2007 12:01 PM 3,539,456 Angel.exe
1 File(s) 3,539,456 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK

17/05/2007 10:17 PM 68,856 GoogleToolbarNotifier.exe
1 File(s) 68,856 bytes

Directory of C:\PROGRA~1\GRISOFT\AVG7\BAK

01/08/2006 11:24 AM 358,447 avgcc.exe
1 File(s) 358,447 bytes

Directory of C:\PROGRA~1\VALVE\STEAM\BAK

22/12/2006 09:46 PM 43,077 AppUpdateStats.blob
04/10/2007 03:17 PM 858,367 ClientRegistry.blob
27/06/2007 05:06 PM 1,258,744 Steam.exe
22/12/2006 09:45 PM 3,859 Steam.log
04/10/2007 03:17 PM 28,434 Steamexe__237340__2007_10_4T23_17_8C9203.mdmp
5 File(s) 2,192,481 bytes

Directory of C:\DOCUME~1\GRIFFIN\DESKTOP\STUFFO~1\BAK

15/10/2006 09:43 AM 3,385,344 Angel.exe
05/09/2006 08:24 AM 577 ForumAgent.log
2 File(s) 3,385,921 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~1.0\READER\BAK

18/08/2005 10:49 AM 307,200 AdobeUpdateManager.exe
1 File(s) 307,200 bytes

Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK

10/11/2005 01:03 PM 36,975 jusched.exe
1 File(s) 36,975 bytes

Directory of C:\PROGRA~1\JAVA\JRE15~2.0_1\BIN\BAK

15/12/2006 03:23 AM 75,520 jusched.exe
1 File(s) 75,520 bytes

Directory of C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

09/04/2002 07:00 PM 74,240 E_S0BIC1.EXE
1 File(s) 74,240 bytes

Directory of C:\WINDOWS2\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

09/04/2002 07:00 PM 74,240 E_S0BIC1.EXE
1 File(s) 74,240 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

271672 Jul 31 2007 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Aug 2 2007 "C:\WINDOWS2\Installer\{E0219810-16E4-437D-9165-93D7B22524F9}\iTunesIco.exe"
108096 Sep 12 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.0.70\iTunesSetupAdmin.exe"
116024 Jul 31 2007 "C:\Documents and Settings\All Users.WINDOWS2\Application Data\Apple Computer\Installer Cache\iTunes 7.3.2.6\iTunesSetupAdmin.exe"
282624 Jul 10 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
3545088 Oct 1 2007 "C:\Utopia\Angel\Angel.exe"
3375616 Aug 14 2006 "C:\Documents and Settings\Griffin\Desktop\Angel.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\bak\Angel.exe"
3376128 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
1516007 Jun 28 2007 "C:\Utopia\Angel\Update\angel184a2.exe"
1644885 Mar 10 2007 "C:\Documents and Settings\Griffin\Desktop\Update\angel181b.exe"
1479761 Oct 2 2007 "C:\Utopia\Angel\bak\Update\angel186a1.exe"
1407764 Jun 28 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\anti-suck\angel176b2.exe"
1452373 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Update\angel179b3.exe"
1372249 Jul 25 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Misc\Update\angel177a3.exe"
52272 Feb 6 2007 "C:\Program Files\Google\googletoolbar2user.exe"
15732984 Jul 21 2007 "C:\Documents and Settings\Griffin.MAIN\Desktop\Google_Earth_BZXD.exe"
69632 May 24 2007 "C:\Program Files\Google\Google Earth\googleearth.exe"
138168 Feb 6 2007 "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 May 17 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
26694 Jul 21 2007 "C:\Documents and Settings\Griffin.MAIN\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe"
421888 Oct 6 2007 "C:\Program Files\Grisoft\AVG7\avgcc.exe"
358447 Aug 1 2006 "C:\Program Files\Grisoft\AVG7\bak\avgcc.exe"
90484 Aug 31 2007 "C:\Program Files\Valve\Steam\AppUpdateStats.blob"
43077 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\AppUpdateStats.blob"
1055758 Aug 31 2007 "C:\Program Files\Valve\Steam\ClientRegistry.blob"
858367 Oct 4 2007 "C:\Program Files\Valve\Steam\bak\ClientRegistry.blob"
1258744 Jun 27 2007 "C:\Program Files\Valve\Steam\bak\Steam.exe"
573676 Aug 31 2007 "C:\Program Files\Valve\Steam\Steam.log"
3859 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\Steam.log"
28434 Oct 4 2007 "C:\Program Files\Valve\Steam\bak\Steamexe__237340__2007_10_4T23_17_8C9203.mdmp"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1001_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1001_app.pkv"
136 Jan 25 2007 "C:\Program Files\Valve\Steam\appcache\1002_app.pkv"
136 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1002_app.pkv"
80 Jun 7 2007 "C:\Program Files\Valve\Steam\appcache\1003_app.pkv"
79 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1003_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\100_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\100_app.pkv"
142 May 6 2006 "C:\Program Files\Valve\Steam\appcache\10_app.pkv"
142 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\10_app.pkv"
160 Jun 24 2006 "C:\Program Files\Valve\Steam\appcache\1200_app.pkv"
160 Jun 24 2006 "C:\Program Files\Valve\Steam\bak\appcache\1200_app.pkv"
59 May 6 2006 "C:\Program Files\Valve\Steam\appcache\120_app.pkv"
59 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\120_app.pkv"
77 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1210_app.pkv"
77 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1210_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1220_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1220_app.pkv"
150 Jul 17 2006 "C:\Program Files\Valve\Steam\appcache\1300_app.pkv"
150 Jul 17 2006 "C:\Program Files\Valve\Steam\bak\appcache\1300_app.pkv"
150 Jun 1 2006 "C:\Program Files\Valve\Steam\appcache\1306_app.pkv"
150 Jun 1 2006 "C:\Program Files\Valve\Steam\bak\appcache\1306_app.pkv"
76 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1309_app.pkv"
76 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1309_app.pkv"
145 May 6 2006 "C:\Program Files\Valve\Steam\appcache\130_app.pkv"
145 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\130_app.pkv"
64 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1313_app.pkv"
64 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1313_app.pkv"
123 Jun 13 2007 "C:\Program Files\Valve\Steam\appcache\1500_app.pkv"
123 Dec 7 2006 "C:\Program Files\Valve\Steam\bak\appcache\1500_app.pkv"
128 Jun 13 2007 "C:\Program Files\Valve\Steam\appcache\1502_app.pkv"
128 Dec 7 2006 "C:\Program Files\Valve\Steam\bak\appcache\1502_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1504_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1504_app.pkv"
119 Sep 19 2006 "C:\Program Files\Valve\Steam\appcache\1510_app.pkv"
119 Sep 19 2006 "C:\Program Files\Valve\Steam\bak\appcache\1510_app.pkv"
119 Dec 7 2006 "C:\Program Files\Valve\Steam\appcache\1520_app.pkv"
119 Dec 7 2006 "C:\Program Files\Valve\Steam\bak\appcache\1520_app.pkv"
124 Jan 9 2007 "C:\Program Files\Valve\Steam\appcache\1522_app.pkv"
121 Sep 29 2006 "C:\Program Files\Valve\Steam\bak\appcache\1522_app.pkv"
138 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1600_app.pkv"
138 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1600_app.pkv"
143 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1610_app.pkv"
143 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1610_app.pkv"
81 Jul 25 2006 "C:\Program Files\Valve\Steam\appcache\1620_app.pkv"
81 Jul 25 2006 "C:\Program Files\Valve\Steam\bak\appcache\1620_app.pkv"
163 Jul 12 2006 "C:\Program Files\Valve\Steam\appcache\1630_app.pkv"
163 Jul 12 2006 "C:\Program Files\Valve\Steam\bak\appcache\1630_app.pkv"
158 Sep 5 2006 "C:\Program Files\Valve\Steam\appcache\1640_app.pkv"
158 Sep 5 2006 "C:\Program Files\Valve\Steam\bak\appcache\1640_app.pkv"
170 Sep 5 2006 "C:\Program Files\Valve\Steam\appcache\1670_app.pkv"
170 Sep 5 2006 "C:\Program Files\Valve\Steam\bak\appcache\1670_app.pkv"
135 Jan 4 2007 "C:\Program Files\Valve\Steam\appcache\1690_app.pkv"
132 Oct 4 2006 "C:\Program Files\Valve\Steam\bak\appcache\1690_app.pkv"
126 May 6 2006 "C:\Program Files\Valve\Steam\appcache\1900_app.pkv"
126 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\1900_app.pkv"
82 May 6 2006 "C:\Program Files\Valve\Steam\appcache\205_app.pkv"
82 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\205_app.pkv"
80 Oct 16 2006 "C:\Program Files\Valve\Steam\appcache\20_app.pkv"
80 Oct 16 2006 "C:\Program Files\Valve\Steam\bak\appcache\20_app.pkv"
168 Jun 6 2007 "C:\Program Files\Valve\Steam\appcache\2100_app.pkv"
168 Nov 28 2006 "C:\Program Files\Valve\Steam\bak\appcache\2100_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\210_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\210_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\2110_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\2110_app.pkv"
69 May 6 2006 "C:\Program Files\Valve\Steam\appcache\211_app.pkv"
69 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\211_app.pkv"
163 Jan 9 2007 "C:\Program Files\Valve\Steam\appcache\2120_app.pkv"
160 Sep 7 2006 "C:\Program Files\Valve\Steam\bak\appcache\2120_app.pkv"
75 Oct 2 2006 "C:\Program Files\Valve\Steam\appcache\215_app.pkv"
75 Oct 2 2006 "C:\Program Files\Valve\Steam\bak\appcache\215_app.pkv"
133 Sep 5 2006 "C:\Program Files\Valve\Steam\appcache\219_app.pkv"
133 Sep 5 2006 "C:\Program Files\Valve\Steam\bak\appcache\219_app.pkv"
127 May 6 2006 "C:\Program Files\Valve\Steam\appcache\220_app.pkv"
127 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\220_app.pkv"
119 Jun 13 2007 "C:\Program Files\Valve\Steam\appcache\2400_app.pkv"
119 Sep 19 2006 "C:\Program Files\Valve\Steam\bak\appcache\2400_app.pkv"
148 May 6 2006 "C:\Program Files\Valve\Steam\appcache\240_app.pkv"
148 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\240_app.pkv"
67 May 24 2006 "C:\Program Files\Valve\Steam\appcache\2410_app.pkv"
67 May 24 2006 "C:\Program Files\Valve\Steam\bak\appcache\2410_app.pkv"
67 Jun 1 2006 "C:\Program Files\Valve\Steam\appcache\2413_app.pkv"
67 Jun 1 2006 "C:\Program Files\Valve\Steam\bak\appcache\2413_app.pkv"
133 Jun 13 2007 "C:\Program Files\Valve\Steam\appcache\2420_app.pkv"
133 Dec 18 2006 "C:\Program Files\Valve\Steam\bak\appcache\2420_app.pkv"
133 Jun 13 2007 "C:\Program Files\Valve\Steam\appcache\2500_app.pkv"
133 Dec 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\2500_app.pkv"
77 May 6 2006 "C:\Program Files\Valve\Steam\appcache\2510_app.pkv"
77 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\2510_app.pkv"
160 Jun 29 2007 "C:\Program Files\Valve\Steam\appcache\2520_app.pkv"
91 Dec 19 2006 "C:\Program Files\Valve\Steam\bak\appcache\2520_app.pkv"
70 Dec 19 2006 "C:\Program Files\Valve\Steam\appcache\2530_app.pkv"
70 Dec 19 2006 "C:\Program Files\Valve\Steam\bak\appcache\2530_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\appcache\260_app.pkv"
63 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\260_app.pkv"
120 Oct 11 2006 "C:\Program Files\Valve\Steam\appcache\2610_app.pkv"
120 Oct 11 2006 "C:\Program Files\Valve\Steam\bak\appcache\2610_app.pkv"
129 Oct 10 2006 "C:\Program Files\Valve\Steam\appcache\2620_app.pkv"
129 Oct 10 2006 "C:\Program Files\Valve\Steam\bak\appcache\2620_app.pkv"
151 Oct 10 2006 "C:\Program Files\Valve\Steam\appcache\2625_app.pkv"
151 Oct 10 2006 "C:\Program Files\Valve\Steam\bak\appcache\2625_app.pkv"
137 Oct 11 2006 "C:\Program Files\Valve\Steam\appcache\2630_app.pkv"
137 Oct 11 2006 "C:\Program Files\Valve\Steam\bak\appcache\2630_app.pkv"
162 Oct 10 2006 "C:\Program Files\Valve\Steam\appcache\2640_app.pkv"
162 Oct 10 2006 "C:\Program Files\Valve\Steam\bak\appcache\2640_app.pkv"
132 Nov 9 2006 "C:\Program Files\Valve\Steam\appcache\2800_app.pkv"
132 Nov 9 2006 "C:\Program Files\Valve\Steam\bak\appcache\2800_app.pkv"
76 May 6 2006 "C:\Program Files\Valve\Steam\appcache\280_app.pkv"
76 May 6 2006 "C:\Program Files\Valve\Steam\bak\appcache\280_app.pkv"
127 Nov 9 2006 "C:\Program Files\Valve\Steam\appcache\2810_app.pkv"
127 Nov 9 2006 "C:\Program Files\Valve\Steam\bak\appcache\2810_app.pkv"
79 Oct 26 2006 "C:\Program Files\Valve\Steam\appcache\2900_app.pkv"
79 Oct 26 2006 "C:\Program Files\Valve\Steam\bak\appcache\2900_app.pkv"
72 Oct 25 2006 "C:\Program Files\Valve\Steam\appcache\2910_app.pkv"
72 Oct 25 2006 "C:\Program Files\Valve\Steam\bak\appcache\2910_app.pkv"
128 Oct 26 2006 "C:\Program Files\Valve\Steam\appcache\2920_app.pkv"
128 Oct 26 2006 "C:\Program Files\Valve\Steam\bak\appcache\2920_app.pkv"
138 Oct 4 2006 "C:\Program Files\Valve\Steam\appcache\2930_app.pkv"
138 Oct 4 2006 "C:\Program Files\Valve\Steam\bak\appcache\2930_app.pkv"
131 Dec 21 2006 "C:\Program Files\Valve\Steam\appcache\2990_app.pkv"
131 Dec 21 2006 "C:\Program Files\Valve\Steam\bak\appcache\2990_app.pkv"



thats the start, heres the end


968 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\btn_03l.tga"
1496 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\check.tga"
1496 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\check.tga"
1496 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\check.tga"
1496 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\check.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\check_disabled.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\check_disabled.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\check_disabled.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\check_disabled.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\check_disabled_selected.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\check_disabled_selected.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\check_disabled_selected.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\check_disabled_selected.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\check_mousedown.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\check_mousedown.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\check_mousedown.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\check_mousedown.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\check_selected.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\check_selected.tga"
1980 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\check_selected.tga"
1980 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\check_selected.tga"
1559557 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\DM_bg_00.tga"
1559557 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\DM_bg_00.tga"
378 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\header_01.tga"
378 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\header_01.tga"
569 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\header_02.tga"
569 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\header_02.tga"
40392 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\header_03.tga"
40392 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\header_03.tga"
8416 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_support_lum.tga"
8416 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_support_lum.tga"
8116 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_support.tga"
8116 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_support.tga"
911 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\icon_file.tga"
911 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\icon_file.tga"
1695 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\icon_file.tga"
1200 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Resource\icon_folder.tga"
1200 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Resource\icon_folder.tga"
1200 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Resource\icon_folder.tga"
1200 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Resource\icon_folder.tga"
1695 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\icon_file.tga"
9171 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_friends.tga"
9171 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_friends.tga"
1200 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\icon_folder.tga"
1406 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\icon_folder.tga"
1200 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\icon_folder.tga"
1200 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\icon_folder.tga"
9232 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_friends_lum.tga"
9232 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_friends_lum.tga"
812 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\icon_newfolder.tga"
812 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\icon_newfolder.tga"
8883 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_News.tga"
8883 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_News.tga"
9033 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_News_lum.tga"
9033 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_News_lum.tga"
1068 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\icon_steam.tga"
1068 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\icon_steam.tga"
1563 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Friends\icon_snooze.tga"
1563 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\icon_steam.tga"
1068 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Friends\icon_snooze.tga"
1068 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Friends\icon_snooze.tga"
1068 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Friends\icon_snooze.tga"
1068 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Friends\icon_snooze.tga"
1563 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Friends\icon_snooze.tga"
1563 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\icon_steam.tga"
9199 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_servers.tga"
9199 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_servers.tga"
1068 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\icon_steam_disabled.tga"
1068 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\icon_steam_disabled.tga"
1563 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\icon_steam_disabled.tga"
1563 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\icon_steam_disabled.tga"
9267 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_servers_lum.tga"
9267 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_servers_lum.tga"
10867 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_settings.tga"
10867 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_settings.tga"
10895 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\icon_settings_lum.tga"
10895 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\icon_settings_lum.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\Graphics\mini_expand.tga"
4104 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\mini_expand.tga"
4104 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\mini_expand.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Graphics\mini_expand.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Graphics\mini_expand.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Graphics\mini_expand.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Graphics\mini_expand.tga"
1300 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\Mini_Expand.tga"
1300 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\Mini_Expand.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\Graphics\mini_expand_mouseover.tga"
4104 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\mini_expand_mouseover.tga"
4104 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\mini_expand_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Graphics\mini_expand_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Graphics\mini_expand_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Graphics\mini_expand_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Graphics\mini_expand_mouseover.tga"
1300 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\Mini_Expand_lum.tga"
1300 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\Mini_Expand_lum.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\Graphics\mini_shrink.tga"
4104 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\mini_shrink.tga"
4104 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\mini_shrink.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Graphics\mini_shrink.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Graphics\mini_shrink.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Graphics\mini_shrink.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Graphics\mini_shrink.tga"
37674 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\Mini_Shrink.tga"
37674 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\Mini_Shrink.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\Graphics\mini_shrink_mouseover.tga"
4104 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\mini_shrink_mouseover.tga"
4104 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\mini_shrink_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Graphics\mini_shrink_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Graphics\mini_shrink_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Graphics\mini_shrink_mouseover.tga"
2564 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Graphics\mini_shrink_mouseover.tga"
37674 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\Mini_Shrink_lum.tga"
37674 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\Mini_Shrink_lum.tga"
444 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\p_shadow_b.TGA"
444 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\p_shadow_b.TGA"
444 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\p_shadow_b.TGA"
444 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\p_shadow_b.TGA"
444 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\p_shadow_bl.TGA"
444 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\p_shadow_bl.TGA"
444 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\p_shadow_bl.TGA"
444 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\p_shadow_bl.TGA"
720 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\p_shadow_br.TGA"
720 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\p_shadow_br.TGA"
804 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\p_shadow_br.TGA"
804 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\p_shadow_br.TGA"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\Graphics\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\resizer.tga"
1644 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Graphics\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Graphics\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Graphics\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Graphics\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\resizer.tga"
1644 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\resizer.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\resizer_mousedown.tga"
1644 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\resizer_mousedown.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\resizer_mousedown.tga"
1644 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\resizer_mousedown.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\resizer_mouseover.tga"
1644 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\resizer_mouseover.tga"
1644 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\resizer_mouseover.tga"
1644 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\resizer_mouseover.tga"
236 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSlider_bl.tga"
236 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSlider_bl.tga"
92 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollSlider_br.tga"
92 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollSlider_br.tga"
236 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSlider_br.tga"
236 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSlider_br.tga"
92 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollSlider_tl.tga"
92 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollSlider_tl.tga"
236 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSlider_tl.tga"
236 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSlider_tl.tga"
92 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollSlider_tr.tga"
92 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollSlider_tr.tga"
236 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSlider_tr.tga"
236 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSlider_tr.tga"
380 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSliderV_bg.tga"
380 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSliderV_bg.tga"
352 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSliderH_R.tga"
352 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSliderH_R.tga"
812 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollButton.tga"
812 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollButton.tga"
812 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollButton.tga"
812 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollButton.tga"
812 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollButton_mousedown.tga"
812 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollButton_mousedown.tga"
812 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollButton_mousedown.tga"
812 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollButton_mousedown.tga"
236 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollSlider_b.TGA"
236 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollSlider_b.TGA"
179 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSliderH_bg.tga"
179 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSliderH_bg.tga"
92 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\ScrollSlider_bl.tga"
92 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\ScrollSlider_bl.tga"
352 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\ScrollSliderH_L.tga"
352 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\ScrollSliderH_L.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_B.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_B.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_B.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_B.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_L.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_L.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_L.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_L.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_R.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_R.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_R.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_R.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_T.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_T.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_T.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_T.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_BL.TGA"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_BL.TGA"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_BL.TGA"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_BL.TGA"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_BR.TGA"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_BR.TGA"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_BR.TGA"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_BR.TGA"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_TL.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_TL.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_TL.tga"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_TL.tga"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\shadow_TR.TGA"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\shadow_TR.TGA"
620 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\shadow_TR.TGA"
620 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\shadow_TR.TGA"
1765 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Check.tga"
1765 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Check.tga"
1310 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Check_Dis.tga"
1310 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Check_Dis.tga"
1504 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Check_Dis_Sel.tga"
1504 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Check_Dis_Sel.tga"
1683 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Check_MDn.tga"
1683 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Check_MDn.tga"
1683 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Check_Sel.tga"
1683 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Check_Sel.tga"
1643 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Rad.tga"
1643 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Rad.tga"
1222 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Rad_Dis.tga"
1222 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Rad_Dis.tga"
1370 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Rad_Dis_Sel.tga"
1370 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Rad_Dis_Sel.tga"
1531 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Rad_MDn.tga"
1531 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Rad_MDn.tga"
1531 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\st_Rad_Sel.tga"
1531 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\st_Rad_Sel.tga"
684 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\taba_r.tga"
684 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\taba_r.tga"
684 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\taba_r.tga"
684 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\taba_r.tga"
444 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\taba_tl.tga"
444 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\taba_tl.tga"
163 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\taba_tl.tga"
163 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\taba_tl.tga"
684 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\taba_tr.tga"
684 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\taba_tr.tga"
204 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\taba_tr.tga"
204 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\taba_tr.tga"
603 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_01.tga"
603 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_01.tga"
606 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_01l.tga"
606 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_01l.tga"
3797 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_02.tga"
3797 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_02.tga"
3805 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_02l.tga"
3805 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_02l.tga"
630 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_03.tga"
630 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_03.tga"
628 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_03l.tga"
628 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_03l.tga"
684 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\tab_r.TGA"
684 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\tab_r.TGA"
684 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_r.TGA"
684 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_r.TGA"
444 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\tab_tl.tga"
444 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\tab_tl.tga"
163 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_tl.tga"
163 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_tl.tga"
684 Aug 23 2007 "C:\Program Files\Valve\Steam\resource\borders\tab_tr.tga"
684 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\resource\borders\tab_tr.tga"
200 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Resource\Borders\tab_tr.tga"
200 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Resource\Borders\tab_tr.tga"
4906 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Dark Messiah\Steam\cached\SteamRootDialog.res"
4668 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Grey\Steam\cached\SteamRootDialog.res"
4668 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Ice\Steam\cached\SteamRootDialog.res"
4674 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Obsidian\Steam\cached\SteamRootDialog.res"
4668 Aug 23 2007 "C:\Program Files\Valve\Steam\skins\Flat - Sand\Steam\cached\SteamRootDialog.res"
4906 Dec 22 2006 "C:\Program Files\Valve\Steam\bak\skins\Dark Messiah\Steam\cached\SteamRootDialog.res"
3545088 Oct 1 2007 "C:\Utopia\Angel\Angel.exe"
3375616 Aug 14 2006 "C:\Documents and Settings\Griffin\Desktop\Angel.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\bak\Angel.exe"
3376128 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
37881 Oct 13 2007 "C:\Utopia\Angel\ForumAgent.log"
46783 Nov 17 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\ForumAgent.log"
577 Sep 5 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\ForumAgent.log"
313472 Mar 30 2006 "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
307200 Aug 18 2005 "C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"


end of report
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm

Unread postby IndiGenus » October 16th, 2007, 10:03 am

Hi,

Well, our suspicions have been confirmed. You have serious AWF infection. This trojan replaces legitimate files that are common on most computers with an infected file. It then moves the legitimate file to a "bak" or backup folder.

There are excellent tools to fix this but you have so many files that are infected in this case. Quite a few of them do appear to be related to your Steam/Valve program. If you are willing to uninstall that it would make things a lot easier to repair the rest of what's infected.

If you don't want to do that then take the FindAWF file in notepad and break it into 500 (approx) line sections, with a ************ between each. Then post each one as a separate post. So you would end up with 4 posts. Then we will try to cull through it to come up with a fix.

As I said though, it would be a lot easier I think if you can remove Steam first. You should be able to re-install it and set up your account with them again. Is this for Half Life (I have it myself)?

Let us know what you would like to do.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 16th, 2007, 10:18 pm

I'll un install it, i havn't played it for a few months. (It's for half life2 /CS:S)


Should i un install it in any special way?
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm

Unread postby IndiGenus » October 17th, 2007, 8:54 am

Hi,

Nothing too special on the removal. Uninstall Steam/Half Life/CS normally using Add or Remove Programs.

Then, I would remove all of the C:\Program Files\Valve folder and its subtree.

Next, download CCleaner

CCleaner Setup and Usage

CCleaner will remove everything from the temp/temporary folders but please note that it will not make back ups!
  • Before first use, select Options > Advanced and UNCHECK Only delete files in Windows Temp folder older than 48 hours
  • Then select the items you wish to clean up.
    • In the Windows Tab:
      • Clean all entries in the Internet Explorer section except Cookies
      • Clean all the entries in the Windows Explorer section
      • Clean all entries in the System section
      • Clean all entries in the Advanced section
      • Clean any others that you choose
    • In the Applications Tab:
      • Clean all except cookies in the Firefox/Mozilla section if you use it
      • Clean all in the Opera section if you use it
      • Clean Sun Java in the Internet Section
      • Clean any others that you choose
  • Click the Run Cleaner button.
  • A pop up box will appear advising this process will permanently delete files from your system.
  • Click OK and it will scan and clean your system.
  • Click exit when done.
  • If it asks you to reboot at the end, click NO

CCleaner should be run with the above settings for each User Account!

---------------------------------------

Then please run the FindAWF scan again.

Double-click the FindAWF icon.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 1 then Enter to scan for bak folders
The scan may take a while, please be patient.

When done, a text file, Find AWF report is produced that we need to look at.
Please post it in your reply.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 19th, 2007, 7:24 pm

Find AWF report by noahdfear ©2006
Version 1.40

The current date is: 19/10/2007
The current time is: 16:18:35.26


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\ITUNES\BAK

31/07/2007 06:44 PM 271,672 iTunesHelper.exe
1 File(s) 271,672 bytes

Directory of C:\PROGRA~1\MESSEN~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\QUICKT~1\BAK

10/07/2006 07:19 PM 282,624 qttask.exe
1 File(s) 282,624 bytes

Directory of C:\UTOPIA\ANGEL\BAK

06/08/2007 12:01 PM 3,539,456 Angel.exe
1 File(s) 3,539,456 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK

17/05/2007 10:17 PM 68,856 GoogleToolbarNotifier.exe
1 File(s) 68,856 bytes

Directory of C:\PROGRA~1\GRISOFT\AVG7\BAK

01/08/2006 11:24 AM 358,447 avgcc.exe
1 File(s) 358,447 bytes

Directory of C:\DOCUME~1\GRIFFIN\DESKTOP\STUFFO~1\BAK

15/10/2006 09:43 AM 3,385,344 Angel.exe
05/09/2006 08:24 AM 577 ForumAgent.log
2 File(s) 3,385,921 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~1.0\READER\BAK

18/08/2005 10:49 AM 307,200 AdobeUpdateManager.exe
1 File(s) 307,200 bytes

Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK

10/11/2005 01:03 PM 36,975 jusched.exe
1 File(s) 36,975 bytes

Directory of C:\PROGRA~1\JAVA\JRE15~2.0_1\BIN\BAK

15/12/2006 03:23 AM 75,520 jusched.exe
1 File(s) 75,520 bytes

Directory of C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

09/04/2002 07:00 PM 74,240 E_S0BIC1.EXE
1 File(s) 74,240 bytes

Directory of C:\WINDOWS2\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

09/04/2002 07:00 PM 74,240 E_S0BIC1.EXE
1 File(s) 74,240 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

271672 Jul 31 2007 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Aug 2 2007 "C:\WINDOWS2\Installer\{E0219810-16E4-437D-9165-93D7B22524F9}\iTunesIco.exe"
108096 Sep 12 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.0.70\iTunesSetupAdmin.exe"
116024 Jul 31 2007 "C:\Documents and Settings\All Users.WINDOWS2\Application Data\Apple Computer\Installer Cache\iTunes 7.3.2.6\iTunesSetupAdmin.exe"
282624 Jul 10 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
3545088 Oct 1 2007 "C:\Utopia\Angel\Angel.exe"
3375616 Aug 14 2006 "C:\Documents and Settings\Griffin\Desktop\Angel.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\bak\Angel.exe"
3376128 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
1516007 Jun 28 2007 "C:\Utopia\Angel\Update\angel184a2.exe"
1644885 Mar 10 2007 "C:\Documents and Settings\Griffin\Desktop\Update\angel181b.exe"
1479761 Oct 2 2007 "C:\Utopia\Angel\bak\Update\angel186a1.exe"
1407764 Jun 28 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\anti-suck\angel176b2.exe"
1452373 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Update\angel179b3.exe"
1372249 Jul 25 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Misc\Update\angel177a3.exe"
52272 Feb 6 2007 "C:\Program Files\Google\googletoolbar2user.exe"
15732984 Jul 21 2007 "C:\Documents and Settings\Griffin.MAIN\Desktop\Google_Earth_BZXD.exe"
69632 May 24 2007 "C:\Program Files\Google\Google Earth\googleearth.exe"
138168 Feb 6 2007 "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 May 17 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
26694 Jul 21 2007 "C:\Documents and Settings\Griffin.MAIN\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe"
421888 Oct 6 2007 "C:\Program Files\Grisoft\AVG7\avgcc.exe"
358447 Aug 1 2006 "C:\Program Files\Grisoft\AVG7\bak\avgcc.exe"
3545088 Oct 1 2007 "C:\Utopia\Angel\Angel.exe"
3375616 Aug 14 2006 "C:\Documents and Settings\Griffin\Desktop\Angel.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\bak\Angel.exe"
3376128 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
42496 Oct 18 2007 "C:\Utopia\Angel\ForumAgent.log"
46783 Nov 17 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\ForumAgent.log"
577 Sep 5 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\ForumAgent.log"
313472 Mar 30 2006 "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
307200 Aug 18 2005 "C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"


end of report


I only ran the CCcleaner on my account, it has been the only one used for about 6 months, and i don't know the rest of my familys passwords.
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm

Unread postby IndiGenus » October 20th, 2007, 8:11 am

Hi,

Well that is certainly a little easier to deal with. Don't worry about the CCleaner for now.

Please double-click the FindAWF icon once again.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 2 then Enter to restore files from bak folders

A text file opens called: files.txt
Copy and paste the following list of files from in the code box to be restored:
With your mouse, select the text in the box. CTL-C to copy and CTL-V to paste.

Code: Select all
"C:\Program Files\iTunes\bak\iTunesHelper.exe"
"C:\Program Files\QuickTime\bak\qttask.exe"
"C:\Utopia\Angel\bak\Angel.exe"
"C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
"C:\Utopia\Angel\bak\Update\angel186a1.exe"
"C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
"C:\Program Files\Grisoft\AVG7\bak\avgcc.exe"
"C:\Utopia\Angel\bak\Angel.exe"
"C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
"C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\ForumAgent.log"
"C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"
"C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
"C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
"C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
"C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
"C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
"C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"

Next, close and click Yes to save the changes.

Once files.txt is saved, FindAWF does the following:
-It attempts to terminate the process represented by each filename on the list, if running
-Deletes the rogue file from the parent folder, if present
-Copies the original file to the parent folder

When done with the above, it automatically runs a new scan and opens a new log.
Please provide the new FindAWF log in your reply.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 21st, 2007, 7:17 pm

Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully

The current date is: 21/10/2007
The current time is: 15:55:22.59


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\ITUNES\BAK

31/07/2007 06:44 PM 271,672 iTunesHelper.exe
1 File(s) 271,672 bytes

Directory of C:\PROGRA~1\MESSEN~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\QUICKT~1\BAK

10/07/2006 07:19 PM 282,624 qttask.exe
1 File(s) 282,624 bytes

Directory of C:\UTOPIA\ANGEL\BAK

06/08/2007 12:01 PM 3,539,456 Angel.exe
1 File(s) 3,539,456 bytes

Directory of C:\PROGRA~1\GOOGLE\GOOGLE~3\BAK

17/05/2007 10:17 PM 68,856 GoogleToolbarNotifier.exe
1 File(s) 68,856 bytes

Directory of C:\PROGRA~1\GRISOFT\AVG7\BAK

01/08/2006 11:24 AM 358,447 avgcc.exe
1 File(s) 358,447 bytes

Directory of C:\DOCUME~1\GRIFFIN\DESKTOP\STUFFO~1\BAK

15/10/2006 09:43 AM 3,385,344 Angel.exe
05/09/2006 08:24 AM 577 ForumAgent.log
2 File(s) 3,385,921 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~1.0\READER\BAK

18/08/2005 10:49 AM 307,200 AdobeUpdateManager.exe
1 File(s) 307,200 bytes

Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK

10/11/2005 01:03 PM 36,975 jusched.exe
1 File(s) 36,975 bytes

Directory of C:\PROGRA~1\JAVA\JRE15~2.0_1\BIN\BAK

15/12/2006 03:23 AM 75,520 jusched.exe
1 File(s) 75,520 bytes

Directory of C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

09/04/2002 07:00 PM 74,240 E_S0BIC1.EXE
1 File(s) 74,240 bytes

Directory of C:\WINDOWS2\SYSTEM32\SPOOL\DRIVERS\W32X86\3\BAK

09/04/2002 07:00 PM 74,240 E_S0BIC1.EXE
1 File(s) 74,240 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

271672 Jul 31 2007 "C:\Program Files\iTunes\iTunesHelper.exe"
271672 Jul 31 2007 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Aug 2 2007 "C:\WINDOWS2\Installer\{E0219810-16E4-437D-9165-93D7B22524F9}\iTunesIco.exe"
108096 Sep 12 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.0.70\iTunesSetupAdmin.exe"
116024 Jul 31 2007 "C:\Documents and Settings\All Users.WINDOWS2\Application Data\Apple Computer\Installer Cache\iTunes 7.3.2.6\iTunesSetupAdmin.exe"
282624 Jul 10 2006 "C:\Program Files\QuickTime\qttask.exe"
282624 Jul 10 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\Angel.exe"
3375616 Aug 14 2006 "C:\Documents and Settings\Griffin\Desktop\Angel.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\bak\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
1516007 Jun 28 2007 "C:\Utopia\Angel\Update\angel184a2.exe"
1644885 Mar 10 2007 "C:\Documents and Settings\Griffin\Desktop\Update\angel181b.exe"
1479761 Oct 2 2007 "C:\Utopia\Angel\bak\Update\angel186a1.exe"
1407764 Jun 28 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\anti-suck\angel176b2.exe"
1452373 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Update\angel179b3.exe"
1372249 Jul 25 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Misc\Update\angel177a3.exe"
52272 Feb 6 2007 "C:\Program Files\Google\googletoolbar2user.exe"
15732984 Jul 21 2007 "C:\Documents and Settings\Griffin.MAIN\Desktop\Google_Earth_BZXD.exe"
69632 May 24 2007 "C:\Program Files\Google\Google Earth\googleearth.exe"
68856 May 17 2007 "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
138168 Feb 6 2007 "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
68856 May 17 2007 "C:\Program Files\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe"
26694 Jul 21 2007 "C:\Documents and Settings\Griffin.MAIN\Application Data\Microsoft\Installer\{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe"
358447 Aug 1 2006 "C:\Program Files\Grisoft\AVG7\avgcc.exe"
358447 Aug 1 2006 "C:\Program Files\Grisoft\AVG7\bak\avgcc.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\Angel.exe"
3375616 Aug 14 2006 "C:\Documents and Settings\Griffin\Desktop\Angel.exe"
3539456 Aug 6 2007 "C:\Utopia\Angel\bak\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Angel.exe"
3385344 Oct 15 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\Angel.exe"
46113 Oct 21 2007 "C:\Utopia\Angel\ForumAgent.log"
577 Sep 5 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\ForumAgent.log"
577 Sep 5 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak\ForumAgent.log"
313472 Mar 30 2006 "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
307200 Aug 18 2005 "C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
49263 Nov 9 2006 "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
36975 Nov 10 2005 "C:\Program Files\Java\jre1.5.0_06\bin\bak\jusched.exe"
75520 Dec 15 2006 "C:\Program Files\Java\jre1.5.0_11\bin\bak\jusched.exe"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\epsonstylus_c6239c9\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"
74240 Apr 9 2002 "C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak\E_S0BIC1.EXE"


end of report
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm

Unread postby IndiGenus » October 22nd, 2007, 8:58 am

Please double-click the FindAWF icon once again
This time we are going to remove some folders.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 3 then Enter to remove bak folders

A text file opens called: folders.txt
Click below the line and paste the following list of folders in the code box to be removed:

Code: Select all
C:\Program Files\iTunes\bak
C:\Program Files\QuickTime\bak
C:\Utopia\Angel\bak
C:\Documents and Settings\Griffin\Desktop\stuff of mine\bak
C:\Program Files\Google\GoogleToolbarNotifier\bak
C:\Program Files\Grisoft\AVG7\bak
C:\Program Files\Adobe\Acrobat 7.0\Reader\bak
C:\Program Files\Java\jre1.5.0_06\bin\bak
C:\Program Files\Java\jre1.5.0_11\bin\bak
C:\WINDOWS\system32\spool\drivers\w32x86\3\bak
C:\WINDOWS2\system32\spool\drivers\w32x86\3\bak


Next, close and click Yes to save the changes.

When done with the above, FindAWF automatically runs a new scan and opens a new log that you need to post.
Please provide the new FindAWF log in your reply.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 22nd, 2007, 9:51 pm

Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully

The current date is: 22/10/2007
The current time is: 18:42:55.90


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\MESSEN~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\UTOPIA\ANGEL\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~1.0\READER\BAK

18/08/2005 10:49 AM 307,200 AdobeUpdateManager.exe
1 File(s) 307,200 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

1644885 Mar 10 2007 "C:\Documents and Settings\Griffin\Desktop\Update\angel181b.exe"
1479761 Oct 2 2007 "C:\Utopia\Angel\bak\Update\angel186a1.exe"
1407764 Jun 28 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\anti-suck\angel176b2.exe"
1452373 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Update\angel179b3.exe"
1372249 Jul 25 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Misc\Update\angel177a3.exe"
313472 Mar 30 2006 "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
307200 Aug 18 2005 "C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"


end of report
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm

Unread postby IndiGenus » October 23rd, 2007, 11:59 am

Hi crustygloves,

Looks like we missed one and need to go back over it.

Please double-click the FindAWF icon once again.

If a Security Alert shows, allow the program to run.
As instructed, press any key to continue.
Use the following option: Press 2 then Enter to restore files from bak folders

A text file opens called: files.txt
Copy and paste the following list of files from in the code box to be restored:
Code: Select all
"C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"  

Next, close and click Yes to save the changes.

Once files.txt is saved, FindAWF does the following:
-It attempts to terminate the process represented by each filename on the list, if running
-Deletes the rogue file from the parent folder, if present
-Copies the original file to the parent folder

When done with the above, it automatically runs a new scan and opens a new log.
Please provide the new FindAWF log in your reply.

NOTE: You may need to re-install your Utopia Angel program, if you use it, as there may not be much we can do for those files.
User avatar
IndiGenus
Regular Member
 
Posts: 657
Joined: February 2nd, 2005, 1:49 pm
Location: New England, USA

Unread postby crustygloves » October 23rd, 2007, 7:12 pm

Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully

The current date is: 23/10/2007
The current time is: 16:05:17.23


bak folders found
~~~~~~~~~~~


Directory of C:\PROGRA~1\MESSEN~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\UTOPIA\ANGEL\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\ADOBE\ACROBA~1.0\READER\BAK

18/08/2005 10:49 AM 307,200 AdobeUpdateManager.exe
1 File(s) 307,200 bytes


Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

1478831 Oct 23 2007 "C:\Utopia\Angel\Update\angel186b.exe"
1644885 Mar 10 2007 "C:\Documents and Settings\Griffin\Desktop\Update\angel181b.exe"
1479761 Oct 2 2007 "C:\Utopia\Angel\bak\Update\angel186a1.exe"
1407764 Jun 28 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\anti-suck\angel176b2.exe"
1452373 Nov 14 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Update\angel179b3.exe"
1372249 Jul 25 2006 "C:\Documents and Settings\Griffin\Desktop\stuff of mine\Misc\Update\angel177a3.exe"
313472 Mar 30 2006 "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
307200 Aug 18 2005 "C:\Program Files\Adobe\Acrobat 7.0\Reader\bak\AdobeUpdateManager.exe"


end of report
crustygloves
Regular Member
 
Posts: 19
Joined: October 4th, 2007, 8:55 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 391 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware