Author Topic: Help! Mysterious virus sending thousands of spam e-mails from my PC :( (Read 64240 times)

lad from leigh · « **Reply #75 on:** September 13, 2007, 01:51:05 AM »

lad from leigh · « **Reply #76 on:** September 13, 2007, 01:52:35 AM »

$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Created Date = 01/09/2007 9:07:50 | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Created Date = 01/09/2007 11:17:08 | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Created Date = 01/09/2007 11:21:02 | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Created Date = 01/09/2007 11:20:52 | Attr = H ]
$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Created Date = 01/09/2007 11:10:30 | Attr = H ]
$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Created Date = 01/09/2007 11:16:29 | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Created Date = 01/09/2007 11:11:27 | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Created Date = 01/09/2007 11:13:54 | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Created Date = 01/09/2007 11:07:47 | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Created Date = 01/09/2007 11:14:37 | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Created Date = 01/09/2007 11:19:07 | Attr = H ]
$NtUninstallKB894391$ -> %SystemRoot%\$NtUninstallKB894391$ -> [Folder | Created Date = 01/09/2007 11:08:29 | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Created Date = 01/09/2007 11:16:06 | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Created Date = 01/09/2007 11:18:09 | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Created Date = 01/09/2007 11:08:44 | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Created Date = 01/09/2007 9:07:15 | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Created Date = 01/09/2007 11:21:39 | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Created Date = 01/09/2007 11:19:30 | Attr = H ]
$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Created Date = 01/09/2007 11:18:01 | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Created Date = 01/09/2007 11:11:18 | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Created Date = 01/09/2007 11:19:40 | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Created Date = 01/09/2007 11:10:05 | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Created Date = 01/09/2007 11:12:17 | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Created Date = 01/09/2007 11:14:06 | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Created Date = 01/09/2007 11:10:11 | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Created Date = 01/09/2007 11:12:43 | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Created Date = 01/09/2007 11:09:47 | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Created Date = 01/09/2007 11:08:22 | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Created Date = 01/09/2007 11:09:55 | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Created Date = 01/09/2007 11:15:39 | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Created Date = 01/09/2007 11:18:50 | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Created Date = 01/09/2007 11:18:33 | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Created Date = 01/09/2007 11:15:31 | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Created Date = 01/09/2007 11:19:51 | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Created Date = 01/09/2007 11:09:15 | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Created Date = 01/09/2007 11:13:00 | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Created Date = 01/09/2007 11:08:06 | Attr = H ]
$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Created Date = 01/09/2007 11:10:24 | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Created Date = 01/09/2007 11:12:51 | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Created Date = 01/09/2007 11:12:35 | Attr = H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Created Date = 01/09/2007 11:11:46 | Attr = H ]
$NtUninstallKB918439$ -> %SystemRoot%\$NtUninstallKB918439$ -> [Folder | Created Date = 01/09/2007 11:14:29 | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Created Date = 01/09/2007 11:13:07 | Attr = H ]
$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Created Date = 01/09/2007 11:10:56 | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Created Date = 01/09/2007 11:14:45 | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Created Date = 01/09/2007 11:08:15 | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Created Date = 01/09/2007 11:19:16 | Attr = H ]
$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Created Date = 01/09/2007 11:13:37 | Attr = H ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Created Date = 01/09/2007 11:16:39 | Attr = H ]
$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Created Date = 01/09/2007 11:11:59 | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Created Date = 01/09/2007 11:21:12 | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Created Date = 01/09/2007 11:12:07 | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Created Date = 01/09/2007 11:20:43 | Attr = H ]
$NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Created Date = 01/09/2007 11:09:40 | Attr = H ]
$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Created Date = 01/09/2007 11:18:58 | Attr = H ]
$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Created Date = 01/09/2007 11:17:49 | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Created Date = 01/09/2007 11:16:59 | Attr = H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Created Date = 01/09/2007 11:18:17 | Attr = H ]
$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Created Date = 01/09/2007 11:15:59 | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Created Date = 01/09/2007 11:15:07 | Attr = H ]
$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Created Date = 01/09/2007 11:11:37 | Attr = H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Created Date = 01/09/2007 11:13:46 | Attr = H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Created Date = 01/09/2007 11:21:29 | Attr = H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Created Date = 01/09/2007 11:21:21 | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Created Date = 02/09/2007 19:01:29 | Attr = H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Created Date = 01/09/2007 11:20:28 | Attr = H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Created Date = 01/09/2007 11:07:32 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Created Date = 01/09/2007 11:14:55 | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Created Date = 01/09/2007 11:13:17 | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Created Date = 01/09/2007 11:10:18 | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Created Date = 01/09/2007 11:17:38 | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Created Date = 01/09/2007 11:20:05 | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Created Date = 01/09/2007 11:12:27 | Attr = H ]
$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Created Date = 01/09/2007 11:10:44 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Created Date = 01/09/2007 11:08:37 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Created Date = 01/09/2007 11:10:36 | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Created Date = 01/09/2007 11:18:41 | Attr = H ]
$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Created Date = 01/09/2007 11:16:49 | Attr = H ]

lad from leigh · « **Reply #77 on:** September 13, 2007, 01:55:06 AM »

$NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Created Date = 01/09/2007 11:17:27 | Attr = H ]
$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Created Date = 01/09/2007 11:08:53 | Attr = H ]
$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Created Date = 01/09/2007 11:11:06 | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Created Date = 01/09/2007 11:18:26 | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Created Date = 01/09/2007 11:16:20 | Attr = H ]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Created Date = 08/09/2007 12:14:21 | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 08/09/2007 12:16:23 | Attr = ]
NirCmd.exe -> %SystemRoot%\NirCmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 08/09/2007 12:14:21 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 31/08/2007 21:38:33 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 31/08/2007 21:38:33 | Attr = H ]
snymsico.dll -> %SystemRoot%\snymsico.dll -> Sony Corporation [Ver = 1, 0, 0, 09120 | Size = 90112 bytes | Created Date = 20/06/2007 21:11:15 | Attr = ]
CDDBControl.dll -> %System32%\CDDBControl.dll -> Gracenote (formerly CDDB, Inc.) [Ver = 2, 0, 0, 13 | Size = 630784 bytes | Created Date = 20/06/2007 21:10:30 | Attr = ]
CddbLangES.dll -> %System32%\CddbLangES.dll -> Gracenote [Ver = 2, 0, 0, 1 | Size = 110592 bytes | Created Date = 20/06/2007 21:10:30 | Attr = ]
CDDBUI.dll -> %System32%\CDDBUI.dll -> Gracenote [Ver = 2, 0, 0, 13 | Size = 757760 bytes | Created Date = 20/06/2007 21:10:31 | Attr = ]
moveex.exe -> %System32%\moveex.exe -> [Ver = | Size = 38400 bytes | Created Date = 08/09/2007 12:14:21 | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Created Date = 01/09/2007 9:07:17 | Attr = ]
px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 2.0.60.500 | Size = 360448 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
pxcpya64.exe -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.28a | Size = 56832 bytes | Created Date = 20/06/2007 21:10:30 | Attr = ]
pxcpyi64.exe -> %System32%\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.28a | Size = 108544 bytes | Created Date = 20/06/2007 21:10:30 | Attr = ]
pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.23a | Size = 397312 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 2.03.18a | Size = 57344 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
pxinsa64.exe -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 2.03.18a | Size = 54272 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
pxinsi64.exe -> %System32%\pxinsi64.exe -> Sonic Solutions [Ver = 2.03.18a | Size = 104960 bytes | Created Date = 20/06/2007 21:10:30 | Attr = ]
pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 2.0.60.500 | Size = 155648 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 2.0.60.500 | Size = 339968 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
pxwma.dll -> %System32%\pxwma.dll -> Sonic Solutions [Ver = 1, 0, 0, 3 | Size = 151552 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Created Date = 31/08/2007 21:20:15 | Attr = ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Created Date = 08/09/2007 12:14:21 | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.0 | Size = 370688 bytes | Created Date = 08/09/2007 12:14:20 | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 08/09/2007 12:14:20 | Attr = ]
VFind.exe -> %System32%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 08/09/2007 12:14:21 | Attr = ]
vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.61a | Size = 28672 bytes | Created Date = 20/06/2007 21:10:29 | Attr = ]
NETMD031.sys -> %System32%\drivers\NETMD031.sys -> Sony Corporation [Ver = 1.3.11.04010 | Size = 35319 bytes | Created Date = 20/06/2007 21:11:15 | Attr = ]
NETMD033.sys -> %System32%\drivers\NETMD033.sys -> Sony Corporation [Ver = 1.3.30.11110 | Size = 36232 bytes | Created Date = 20/06/2007 21:11:15 | Attr = ]
NETMDUSB.sys -> %System32%\drivers\NETMDUSB.sys -> Sony Corporation [Ver = 1.2.10.08080 | Size = 38951 bytes | Created Date = 20/06/2007 21:11:15 | Attr = ]
NWWMUSB.sys -> %System32%\drivers\NWWMUSB.sys -> Sony Corporation [Ver = 1.3.00.07090 | Size = 27255 bytes | Created Date = 20/06/2007 21:11:39 | Attr = ]
PxHelp20.sys -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 2.03.18a | Size = 20576 bytes | Created Date = 20/06/2007 21:10:30 | Attr = ]
VMCUSB.sys -> %System32%\drivers\VMCUSB.sys -> Sony Corporation [Ver = 1.3.04.09110 | Size = 11510 bytes | Created Date = 20/06/2007 21:11:29 | Attr = ]

[Files/Folders - Modified Within 90 days]
Archivos de programa -> %ProgramFiles% -> [Folder | Modified Date = 04/09/2007 1:13:50 | Attr = R ]
qoobox -> %SystemDrive%\qoobox -> [Folder | Modified Date = 08/09/2007 13:21:18 | Attr = ]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [Ver = | Size = 268 bytes | Modified Date = 20/08/2007 22:50:34 | Attr = H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [Ver = | Size = 268 bytes | Modified Date = 20/08/2007 23:28:40 | Attr = H ]
sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [Ver = | Size = 268 bytes | Modified Date = 21/08/2007 11:32:02 | Attr = H ]
sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [Ver = | Size = 268 bytes | Modified Date = 21/08/2007 18:18:10 | Attr = H ]
sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [Ver = | Size = 268 bytes | Modified Date = 21/08/2007 22:09:26 | Attr = H ]
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [Ver = | Size = 268 bytes | Modified Date = 22/08/2007 20:50:38 | Attr = H ]
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [Ver = | Size = 268 bytes | Modified Date = 20/06/2007 22:15:48 | Attr = H ]
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [Ver = | Size = 268 bytes | Modified Date = 05/07/2007 0:41:16 | Attr = H ]
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [Ver = | Size = 268 bytes | Modified Date = 05/07/2007 12:34:22 | Attr = H ]
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [Ver = | Size = 268 bytes | Modified Date = 09/07/2007 10:10:56 | Attr = H ]
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [Ver = | Size = 268 bytes | Modified Date = 09/07/2007 18:53:12 | Attr = H ]
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [Ver = | Size = 268 bytes | Modified Date = 09/07/2007 22:23:38 | Attr = H ]
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [Ver = | Size = 268 bytes | Modified Date = 25/07/2007 11:37:32 | Attr = H ]
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [Ver = | Size = 268 bytes | Modified Date = 10/08/2007 18:37:58 | Attr = H ]
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [Ver = | Size = 268 bytes | Modified Date = 13/08/2007 23:55:12 | Attr = H ]
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/08/2007 0:23:26 | Attr = H ]
sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/08/2007 8:48:28 | Attr = H ]
sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/08/2007 11:01:42 | Attr = H ]
sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/08/2007 11:47:58 | Attr = H ]
sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [Ver = | Size = 268 bytes | Modified Date = 14/08/2007 14:20:36 | Attr = H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [Ver = | Size = 244 bytes | Modified Date = 20/08/2007 22:50:34 | Attr = H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [Ver = | Size = 244 bytes | Modified Date = 20/08/2007 23:28:40 | Attr = H ]
sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [Ver = | Size = 244 bytes | Modified Date = 21/08/2007 11:32:02 | Attr = H ]
sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [Ver = | Size = 244 bytes | Modified Date = 21/08/2007 18:18:10 | Attr = H ]
sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [Ver = | Size = 244 bytes | Modified Date = 21/08/2007 22:09:26 | Attr = H ]
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [Ver = | Size = 244 bytes | Modified Date = 22/08/2007 20:50:38 | Attr = H ]
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [Ver = | Size = 244 bytes | Modified Date = 20/06/2007 22:15:48 | Attr = H ]
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [Ver = | Size = 244 bytes | Modified Date = 05/07/2007 0:41:16 | Attr = H ]
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [Ver = | Size = 244 bytes | Modified Date = 05/07/2007 12:34:22 | Attr = H ]
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [Ver = | Size = 244 bytes | Modified Date = 09/07/2007 10:10:56 | Attr = H ]
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [Ver = | Size = 244 bytes | Modified Date = 09/07/2007 18:53:12 | Attr = H ]
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [Ver = | Size = 244 bytes | Modified Date = 09/07/2007 22:23:38 | Attr = H ]

lad from leigh · « **Reply #78 on:** September 13, 2007, 01:56:19 AM »

sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [Ver = | Size = 244 bytes | Modified Date = 10/08/2007 18:37:56 | Attr = H ]
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [Ver = | Size = 244 bytes | Modified Date = 13/08/2007 23:55:12 | Attr = H ]
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/08/2007 0:23:24 | Attr = H ]
sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/08/2007 8:48:28 | Attr = H ]
sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/08/2007 11:01:42 | Attr = H ]
sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/08/2007 11:47:58 | Attr = H ]
sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [Ver = | Size = 244 bytes | Modified Date = 14/08/2007 14:20:36 | Attr = H ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 08/09/2007 13:16:24 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 02/09/2007 20:01:14 | Attr = H ]
$MSI31Uninstall_KB893803v2$ -> %SystemRoot%\$MSI31Uninstall_KB893803v2$ -> [Folder | Modified Date = 01/09/2007 10:07:52 | Attr = H ]
$NtUninstallKB873339$ -> %SystemRoot%\$NtUninstallKB873339$ -> [Folder | Modified Date = 01/09/2007 12:17:10 | Attr = H ]
$NtUninstallKB885835$ -> %SystemRoot%\$NtUninstallKB885835$ -> [Folder | Modified Date = 01/09/2007 12:21:04 | Attr = H ]
$NtUninstallKB885836$ -> %SystemRoot%\$NtUninstallKB885836$ -> [Folder | Modified Date = 01/09/2007 12:20:54 | Attr = H ]
$NtUninstallKB886185$ -> %SystemRoot%\$NtUninstallKB886185$ -> [Folder | Modified Date = 01/09/2007 12:10:32 | Attr = H ]
$NtUninstallKB887472$ -> %SystemRoot%\$NtUninstallKB887472$ -> [Folder | Modified Date = 01/09/2007 12:16:30 | Attr = H ]
$NtUninstallKB888302$ -> %SystemRoot%\$NtUninstallKB888302$ -> [Folder | Modified Date = 01/09/2007 12:11:28 | Attr = H ]
$NtUninstallKB890046$ -> %SystemRoot%\$NtUninstallKB890046$ -> [Folder | Modified Date = 01/09/2007 12:13:56 | Attr = H ]
$NtUninstallKB890859$ -> %SystemRoot%\$NtUninstallKB890859$ -> [Folder | Modified Date = 01/09/2007 12:07:52 | Attr = H ]
$NtUninstallKB891781$ -> %SystemRoot%\$NtUninstallKB891781$ -> [Folder | Modified Date = 01/09/2007 12:14:40 | Attr = H ]
$NtUninstallKB893756$ -> %SystemRoot%\$NtUninstallKB893756$ -> [Folder | Modified Date = 01/09/2007 12:19:10 | Attr = H ]
$NtUninstallKB894391$ -> %SystemRoot%\$NtUninstallKB894391$ -> [Folder | Modified Date = 01/09/2007 12:08:32 | Attr = H ]
$NtUninstallKB896358$ -> %SystemRoot%\$NtUninstallKB896358$ -> [Folder | Modified Date = 01/09/2007 12:16:10 | Attr = H ]
$NtUninstallKB896423$ -> %SystemRoot%\$NtUninstallKB896423$ -> [Folder | Modified Date = 01/09/2007 12:18:12 | Attr = H ]
$NtUninstallKB896428$ -> %SystemRoot%\$NtUninstallKB896428$ -> [Folder | Modified Date = 01/09/2007 12:08:46 | Attr = H ]
$NtUninstallKB898461$ -> %SystemRoot%\$NtUninstallKB898461$ -> [Folder | Modified Date = 01/09/2007 10:07:16 | Attr = H ]
$NtUninstallKB899587$ -> %SystemRoot%\$NtUninstallKB899587$ -> [Folder | Modified Date = 01/09/2007 12:21:40 | Attr = H ]
$NtUninstallKB899591$ -> %SystemRoot%\$NtUninstallKB899591$ -> [Folder | Modified Date = 01/09/2007 12:19:32 | Attr = H ]
$NtUninstallKB900485$ -> %SystemRoot%\$NtUninstallKB900485$ -> [Folder | Modified Date = 01/09/2007 12:18:04 | Attr = H ]
$NtUninstallKB900725$ -> %SystemRoot%\$NtUninstallKB900725$ -> [Folder | Modified Date = 01/09/2007 12:11:20 | Attr = H ]
$NtUninstallKB901017$ -> %SystemRoot%\$NtUninstallKB901017$ -> [Folder | Modified Date = 01/09/2007 12:19:44 | Attr = H ]
$NtUninstallKB901190$ -> %SystemRoot%\$NtUninstallKB901190$ -> [Folder | Modified Date = 01/09/2007 12:10:08 | Attr = H ]
$NtUninstallKB901214$ -> %SystemRoot%\$NtUninstallKB901214$ -> [Folder | Modified Date = 01/09/2007 12:12:20 | Attr = H ]
$NtUninstallKB902400$ -> %SystemRoot%\$NtUninstallKB902400$ -> [Folder | Modified Date = 01/09/2007 12:14:10 | Attr = H ]
$NtUninstallKB904706$ -> %SystemRoot%\$NtUninstallKB904706$ -> [Folder | Modified Date = 01/09/2007 12:10:14 | Attr = H ]
$NtUninstallKB905414$ -> %SystemRoot%\$NtUninstallKB905414$ -> [Folder | Modified Date = 01/09/2007 12:12:46 | Attr = H ]
$NtUninstallKB905749$ -> %SystemRoot%\$NtUninstallKB905749$ -> [Folder | Modified Date = 01/09/2007 12:09:50 | Attr = H ]
$NtUninstallKB908519$ -> %SystemRoot%\$NtUninstallKB908519$ -> [Folder | Modified Date = 01/09/2007 12:08:24 | Attr = H ]
$NtUninstallKB908531$ -> %SystemRoot%\$NtUninstallKB908531$ -> [Folder | Modified Date = 01/09/2007 12:09:58 | Attr = H ]
$NtUninstallKB910437$ -> %SystemRoot%\$NtUninstallKB910437$ -> [Folder | Modified Date = 01/09/2007 12:15:42 | Attr = H ]
$NtUninstallKB911280$ -> %SystemRoot%\$NtUninstallKB911280$ -> [Folder | Modified Date = 01/09/2007 12:18:52 | Attr = H ]
$NtUninstallKB911562$ -> %SystemRoot%\$NtUninstallKB911562$ -> [Folder | Modified Date = 01/09/2007 12:18:36 | Attr = H ]
$NtUninstallKB911564$ -> %SystemRoot%\$NtUninstallKB911564$ -> [Folder | Modified Date = 01/09/2007 12:15:34 | Attr = H ]
$NtUninstallKB911927$ -> %SystemRoot%\$NtUninstallKB911927$ -> [Folder | Modified Date = 01/09/2007 12:19:54 | Attr = H ]
$NtUninstallKB913580$ -> %SystemRoot%\$NtUninstallKB913580$ -> [Folder | Modified Date = 01/09/2007 12:09:18 | Attr = H ]
$NtUninstallKB914388$ -> %SystemRoot%\$NtUninstallKB914388$ -> [Folder | Modified Date = 01/09/2007 12:13:02 | Attr = H ]
$NtUninstallKB914389$ -> %SystemRoot%\$NtUninstallKB914389$ -> [Folder | Modified Date = 01/09/2007 12:08:08 | Attr = H ]
$NtUninstallKB916595$ -> %SystemRoot%\$NtUninstallKB916595$ -> [Folder | Modified Date = 01/09/2007 12:10:26 | Attr = H ]
$NtUninstallKB917344$ -> %SystemRoot%\$NtUninstallKB917344$ -> [Folder | Modified Date = 01/09/2007 12:12:54 | Attr = H ]
$NtUninstallKB917953$ -> %SystemRoot%\$NtUninstallKB917953$ -> [Folder | Modified Date = 01/09/2007 12:12:38 | Attr = H ]
$NtUninstallKB918118$ -> %SystemRoot%\$NtUninstallKB918118$ -> [Folder | Modified Date = 01/09/2007 12:11:50 | Attr = H ]
$NtUninstallKB918439$ -> %SystemRoot%\$NtUninstallKB918439$ -> [Folder | Modified Date = 01/09/2007 12:14:32 | Attr = H ]
$NtUninstallKB919007$ -> %SystemRoot%\$NtUninstallKB919007$ -> [Folder | Modified Date = 01/09/2007 12:13:10 | Attr = H ]
$NtUninstallKB920213$ -> %SystemRoot%\$NtUninstallKB920213$ -> [Folder | Modified Date = 01/09/2007 12:10:58 | Attr = H ]
$NtUninstallKB920670$ -> %SystemRoot%\$NtUninstallKB920670$ -> [Folder | Modified Date = 01/09/2007 12:14:48 | Attr = H ]
$NtUninstallKB920683$ -> %SystemRoot%\$NtUninstallKB920683$ -> [Folder | Modified Date = 01/09/2007 12:08:18 | Attr = H ]
$NtUninstallKB920685$ -> %SystemRoot%\$NtUninstallKB920685$ -> [Folder | Modified Date = 01/09/2007 12:19:18 | Attr = H ]
$NtUninstallKB920872$ -> %SystemRoot%\$NtUninstallKB920872$ -> [Folder | Modified Date = 01/09/2007 12:13:40 | Attr = H ]
$NtUninstallKB921503$ -> %SystemRoot%\$NtUninstallKB921503$ -> [Folder | Modified Date = 01/09/2007 12:16:42 | Attr = H ]
$NtUninstallKB922582$ -> %SystemRoot%\$NtUninstallKB922582$ -> [Folder | Modified Date = 01/09/2007 12:12:02 | Attr = H ]
$NtUninstallKB922819$ -> %SystemRoot%\$NtUninstallKB922819$ -> [Folder | Modified Date = 01/09/2007 12:21:14 | Attr = H ]
$NtUninstallKB923191$ -> %SystemRoot%\$NtUninstallKB923191$ -> [Folder | Modified Date = 01/09/2007 12:12:10 | Attr = H ]
$NtUninstallKB923414$ -> %SystemRoot%\$NtUninstallKB923414$ -> [Folder | Modified Date = 01/09/2007 12:20:44 | Attr = H ]
$NtUninstallKB923689$ -> %SystemRoot%\$NtUninstallKB923689$ -> [Folder | Modified Date = 01/09/2007 12:09:44 | Attr = H ]
$NtUninstallKB923980$ -> %SystemRoot%\$NtUninstallKB923980$ -> [Folder | Modified Date = 01/09/2007 12:19:00 | Attr = H ]
$NtUninstallKB924270$ -> %SystemRoot%\$NtUninstallKB924270$ -> [Folder | Modified Date = 01/09/2007 12:17:52 | Attr = H ]
$NtUninstallKB924496$ -> %SystemRoot%\$NtUninstallKB924496$ -> [Folder | Modified Date = 01/09/2007 12:17:04 | Attr = H ]
$NtUninstallKB924667$ -> %SystemRoot%\$NtUninstallKB924667$ -> [Folder | Modified Date = 01/09/2007 12:18:18 | Attr = H ]

lad from leigh · « **Reply #79 on:** September 13, 2007, 01:57:35 AM »

$NtUninstallKB925398_WMP64$ -> %SystemRoot%\$NtUninstallKB925398_WMP64$ -> [Folder | Modified Date = 01/09/2007 12:16:02 | Attr = H ]
$NtUninstallKB925902$ -> %SystemRoot%\$NtUninstallKB925902$ -> [Folder | Modified Date = 01/09/2007 12:15:10 | Attr = H ]
$NtUninstallKB926255$ -> %SystemRoot%\$NtUninstallKB926255$ -> [Folder | Modified Date = 01/09/2007 12:11:40 | Attr = H ]
$NtUninstallKB926436$ -> %SystemRoot%\$NtUninstallKB926436$ -> [Folder | Modified Date = 01/09/2007 12:13:48 | Attr = H ]
$NtUninstallKB927779$ -> %SystemRoot%\$NtUninstallKB927779$ -> [Folder | Modified Date = 01/09/2007 12:21:32 | Attr = H ]
$NtUninstallKB927802$ -> %SystemRoot%\$NtUninstallKB927802$ -> [Folder | Modified Date = 01/09/2007 12:21:22 | Attr = H ]
$NtUninstallKB927891$ -> %SystemRoot%\$NtUninstallKB927891$ -> [Folder | Modified Date = 02/09/2007 20:01:30 | Attr = H ]
$NtUninstallKB928255$ -> %SystemRoot%\$NtUninstallKB928255$ -> [Folder | Modified Date = 01/09/2007 12:20:32 | Attr = H ]
$NtUninstallKB928843$ -> %SystemRoot%\$NtUninstallKB928843$ -> [Folder | Modified Date = 01/09/2007 12:07:34 | Attr = H ]
$NtUninstallKB929123$ -> %SystemRoot%\$NtUninstallKB929123$ -> [Folder | Modified Date = 01/09/2007 12:14:58 | Attr = H ]
$NtUninstallKB930178$ -> %SystemRoot%\$NtUninstallKB930178$ -> [Folder | Modified Date = 01/09/2007 12:13:20 | Attr = H ]
$NtUninstallKB930916$ -> %SystemRoot%\$NtUninstallKB930916$ -> [Folder | Modified Date = 01/09/2007 12:10:20 | Attr = H ]
$NtUninstallKB931261$ -> %SystemRoot%\$NtUninstallKB931261$ -> [Folder | Modified Date = 01/09/2007 12:17:40 | Attr = H ]
$NtUninstallKB931784$ -> %SystemRoot%\$NtUninstallKB931784$ -> [Folder | Modified Date = 01/09/2007 12:20:08 | Attr = H ]
$NtUninstallKB932168$ -> %SystemRoot%\$NtUninstallKB932168$ -> [Folder | Modified Date = 01/09/2007 12:12:30 | Attr = H ]
$NtUninstallKB933360$ -> %SystemRoot%\$NtUninstallKB933360$ -> [Folder | Modified Date = 01/09/2007 12:10:46 | Attr = H ]
$NtUninstallKB935839$ -> %SystemRoot%\$NtUninstallKB935839$ -> [Folder | Modified Date = 01/09/2007 12:08:40 | Attr = H ]
$NtUninstallKB935840$ -> %SystemRoot%\$NtUninstallKB935840$ -> [Folder | Modified Date = 01/09/2007 12:10:40 | Attr = H ]
$NtUninstallKB936021$ -> %SystemRoot%\$NtUninstallKB936021$ -> [Folder | Modified Date = 01/09/2007 12:18:44 | Attr = H ]
$NtUninstallKB936357$ -> %SystemRoot%\$NtUninstallKB936357$ -> [Folder | Modified Date = 01/09/2007 12:16:52 | Attr = H ]
$NtUninstallKB936782_WMP9$ -> %SystemRoot%\$NtUninstallKB936782_WMP9$ -> [Folder | Modified Date = 01/09/2007 12:17:30 | Attr = H ]
$NtUninstallKB937143$ -> %SystemRoot%\$NtUninstallKB937143$ -> [Folder | Modified Date = 01/09/2007 12:09:00 | Attr = H ]
$NtUninstallKB938127$ -> %SystemRoot%\$NtUninstallKB938127$ -> [Folder | Modified Date = 01/09/2007 12:11:08 | Attr = H ]
$NtUninstallKB938828$ -> %SystemRoot%\$NtUninstallKB938828$ -> [Folder | Modified Date = 01/09/2007 12:18:28 | Attr = H ]
$NtUninstallKB938829$ -> %SystemRoot%\$NtUninstallKB938829$ -> [Folder | Modified Date = 01/09/2007 12:16:24 | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 13/09/2007 1:21:44 | Attr = S]
catchme.exe -> %SystemRoot%\catchme.exe -> [Ver = | Size = 109056 bytes | Modified Date = 20/07/2007 0:47:24 | Attr = ]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 03/09/2007 17:41:46 | Attr = ]
erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 08/09/2007 13:16:24 | Attr = ]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 31/08/2007 22:20:26 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1355 bytes | Modified Date = 02/09/2007 20:01:44 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 02/09/2007 20:01:44 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 04/09/2007 1:13:56 | Attr = HS]
msagent -> %SystemRoot%\msagent -> [Folder | Modified Date = 01/09/2007 15:12:22 | Attr = ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini -> [Ver = | Size = 163 bytes | Modified Date = 09/09/2007 22:49:46 | Attr = ]
NirCmd.exe -> %SystemRoot%\NirCmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Modified Date = 17/06/2007 0:11:58 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 13/09/2007 1:30:24 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 31/08/2007 22:38:34 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 31/08/2007 22:38:34 | Attr = H ]
SoftwareDistribution -> %SystemRoot%\SoftwareDistribution -> [Folder | Modified Date = 31/08/2007 22:20:26 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 08/09/2007 13:14:22 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 13/09/2007 1:22:22 | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 01/09/2007 12:18:22 | Attr = ]
WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [Ver = | Size = 316640 bytes | Modified Date = 20/06/2007 22:08:08 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 13/09/2007 1:21:52 | Attr = H ]
aswBoot.exe -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 783224 bytes | Modified Date = 28/07/2007 0:07:22 | Attr = ]
AVASTSS.scr -> %System32%\AVASTSS.scr -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 95608 bytes | Modified Date = 27/07/2007 23:57:50 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 03/09/2007 23:42:10 | Attr = ]
Com -> %System32%\Com -> [Folder | Modified Date = 01/09/2007 12:14:18 | Attr = ]
CONFIG.NT -> %System32%\CONFIG.NT -> [Ver = | Size = 2958 bytes | Modified Date = 20/08/2007 22:48:22 | Attr = ]
d3d9caps.dat -> %System32%\d3d9caps.dat -> [Ver = | Size = 664 bytes | Modified Date = 16/07/2007 0:03:46 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 02/09/2007 20:01:34 | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 09/09/2007 20:51:02 | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 190592 bytes | Modified Date = 01/09/2007 15:12:24 | Attr = ]
inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 03/09/2007 23:42:16 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 53608 bytes | Modified Date = 03/09/2007 23:42:26 | Attr = ]
perfc00A.dat -> %System32%\perfc00A.dat -> [Ver = | Size = 69864 bytes | Modified Date = 03/09/2007 23:42:26 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 383254 bytes | Modified Date = 03/09/2007 23:42:26 | Attr = ]
perfh00A.dat -> %System32%\perfh00A.dat -> [Ver = | Size = 443278 bytes | Modified Date = 03/09/2007 23:42:26 | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 958184 bytes | Modified Date = 03/09/2007 23:42:26 | Attr = ]
PreInstall -> %System32%\PreInstall -> [Folder | Modified Date = 01/09/2007 10:07:18 | Attr = ]
px.dll -> %System32%\px.dll -> Sonic Solutions [Ver = 2.0.60.500 | Size = 360448 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxcpya64.exe -> %System32%\pxcpya64.exe -> Sonic Solutions [Ver = 1.00.28a | Size = 56832 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxcpyi64.exe -> %System32%\pxcpyi64.exe -> Sonic Solutions [Ver = 1.00.28a | Size = 108544 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxdrv.dll -> %System32%\pxdrv.dll -> Sonic Solutions [Ver = 1.01.23a | Size = 397312 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxhpinst.exe -> %System32%\pxhpinst.exe -> Sonic Solutions [Ver = 2.03.18a | Size = 57344 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxinsa64.exe -> %System32%\pxinsa64.exe -> Sonic Solutions [Ver = 2.03.18a | Size = 54272 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxinsi64.exe -> %System32%\pxinsi64.exe -> Sonic Solutions [Ver = 2.03.18a | Size = 104960 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxmas.dll -> %System32%\pxmas.dll -> Sonic Solutions [Ver = 2.0.60.500 | Size = 155648 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxwave.dll -> %System32%\pxwave.dll -> Sonic Solutions [Ver = 2.0.60.500 | Size = 339968 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
pxwma.dll -> %System32%\pxwma.dll -> Sonic Solutions [Ver = 1, 0, 0, 3 | Size = 151552 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
SoftwareDistribution -> %System32%\SoftwareDistribution -> [Folder | Modified Date = 31/08/2007 22:20:18 | Attr = ]

lad from leigh · « **Reply #80 on:** September 13, 2007, 01:59:32 AM »

swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 22/07/2007 18:39:28 | Attr = ]
vxblock.dll -> %System32%\vxblock.dll -> Sonic Solutions [Ver = 1.00.61a | Size = 28672 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 2206 bytes | Modified Date = 12/09/2007 10:45:50 | Attr = ]
aavmker4.sys -> %System32%\drivers\aavmker4.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 26624 bytes | Modified Date = 27/07/2007 23:58:36 | Attr = ]
aswmon.sys -> %System32%\drivers\aswmon.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 92848 bytes | Modified Date = 28/07/2007 0:02:50 | Attr = ]
aswmon2.sys -> %System32%\drivers\aswmon2.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 94416 bytes | Modified Date = 28/07/2007 0:02:34 | Attr = ]
aswRdr.sys -> %System32%\drivers\aswRdr.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 23152 bytes | Modified Date = 28/07/2007 0:00:40 | Attr = ]
aswTdi.sys -> %System32%\drivers\aswTdi.sys -> ALWIL Software [Ver = 4.7.1029.0 | Size = 42912 bytes | Modified Date = 27/07/2007 23:59:58 | Attr = ]
PxHelp20.sys -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 2.03.18a | Size = 20576 bytes | Modified Date = 20/06/2007 22:10:30 | Attr = ]

[File String Scan - Non-Microsoft Only]
WSUD , -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.44 | Size = 18726912 bytes | Modified Date = 18/05/2005 9:17:54 | Attr = R ]
UPX! , UPX0 , -> %System32%\aswBoot.exe -> ALWIL Software [Ver = 4, 7, 1029, 0 | Size = 783224 bytes | Modified Date = 28/07/2007 0:07:22 | Attr = ]
PEC2 , -> %System32%\dfrg.msc -> [Ver = | Size = 41129 bytes | Modified Date = 24/08/2001 12:00:00 | Attr = ]
UPX! , UPX0 , -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.8 | Size = 279552 bytes | Modified Date = 22/07/2007 18:39:28 | Attr = ]
winsync , -> %System32%\wbdbase.deu -> [Ver = | Size = 1309184 bytes | Modified Date = 24/08/2001 12:00:00 | Attr = ]
WSUD , UPX0 , -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Modified Date = 24/08/2001 12:00:00 | Attr = ]
PTech , -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 03/08/2004 22:41:38 | Attr = ]

< End of report >

seems a hell of a lot of info. thanks for all your help.
yet again i have no untoward activity this connection.

mauserme · « **Reply #81 on:** September 14, 2007, 04:26:01 AM »

Quote from: lad from leigh on September 13, 2007, 01:59:32 AM

seems a hell of a lot of info.

That's becuase it is a hell of a lot of info

Start WinPFind3U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

Quote

[Files/Folders - Created Within 90 days]
NY -> sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm
NY -> sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm
NY -> sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm
NY -> sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm
NY -> sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm
NY -> sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm
NY -> sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm
NY -> sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm
NY -> sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm
NY -> sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm
NY -> sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm
NY -> sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm
NY -> sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm
NY -> sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm
NY -> sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm
NY -> sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm
NY -> sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm
NY -> sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm
NY -> sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm
NY -> sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm
NY -> sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm
NY -> sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm
NY -> sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm
NY -> sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm
NY -> sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm
NY -> sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm
NY -> sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm
NY -> sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm
NY -> sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm
NY -> sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm
[Files/Folders - Modified Within 90 days]
NY -> sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm
NY -> sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm
NY -> sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm
NY -> sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm
NY -> sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm
NY -> sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm
NY -> sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm
NY -> sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm
NY -> sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm
NY -> sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm
NY -> sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm
NY -> sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm
NY -> sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm
NY -> sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm
NY -> sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm
NY -> sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm
NY -> sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm
NY -> sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm
NY -> sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm
NY -> sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm
NY -> sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm
NY -> sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm
NY -> sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm
NY -> sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm
NY -> sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm
NY -> sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm
NY -> sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm
NY -> sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm
NY -> sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm
NY -> sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm
NY -> sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm
NY -> sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm
NY -> sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm
NY -> sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm
NY -> sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm
NY -> sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm
NY -> sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm
NY -> sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm
NY -> sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm
NY -> WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx
NY -> d3d9caps.dat -> %System32%\d3d9caps.dat

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here. (many of the files I've listed are duplicates so you will see a lot of "file not found". That's OK - just post the entire log).

Also let me know of any problems you encounter performing these steps or any continuing problems you are having with the computer.

After posting the WinPFind3u results please delete the copy of ComboFix you have and get a fresh copy Here. Then post new ComboFix and HJT logs, running the programs in that order.

lad from leigh · « **Reply #82 on:** September 30, 2007, 02:24:10 PM »

sorry for the delay. been on holiday.

listen, i really appreciate all the help. but i was already in unknown waters as regards understanding exactly whats going on so in the end i decided to re-install from scratch. the only things i had saved were fotos and the odd bit of music and films, most of which were backed up on cd. i´ve got no indication of the original problem since re-installing either so, fingers crossed its all ok. i´ve learnt a lot from the exprience and its good to see there are good people willing to help others without any self interest. thanks again.

Lisandro · « **Reply #83 on:** September 30, 2007, 05:01:46 PM »

Quote from: lad from leigh on September 30, 2007, 02:24:10 PM

i´ve got no indication of the original problem since re-installing either so, fingers crossed its all ok.

You've chose the deepest way to get rid from an infection... anyway, glad you're clean now.

mauserme · « **Reply #84 on:** October 01, 2007, 04:33:58 AM »

Ah - we were so close ...

But if you're more comfortable this way its for the best

skruger · « **Reply #85 on:** October 10, 2007, 06:13:17 AM »

I Have exactly the same problem...have you found a solution?

oldman · « **Reply #86 on:** October 10, 2007, 06:23:28 AM »

Hi, welcome to the forum.

As mauserme said, they where close to cleaning that computer.

Bear in mind that the fixes in this thread may not apply to your situation. Even though your problem may seem the same, it may be a completely different trojan/virus.

To get the best help possible, please start your own thread. For two reasons.... 1 you may not get noticed here and 2 like I said, your problem may be slightly different, so the fix will be different and there won't be any confusing the logs.

Author Topic: Help! Mysterious virus sending thousands of spam e-mails from my PC :( (Read 64240 times)

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

mauserme

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

lad from leigh

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

Lisandro

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

mauserme

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

skruger

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(

oldman

Re: Help! Mysterious virus sending thousands of spam e-mails from my PC :(