Help
I have the trojan a.doginhispen on my computer. Can someone help me through the steps to remove this Trojan? Thanks!!
A.doginhispen Trojan Problem How do I get rid of a.doginhispen trojan?
Back to top
#2
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,761
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 25 February 2008 - 10:41 PM
Hello and welcome, let's start here.
Click HERE to download FindAWF.exe and save it to your desktop.
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 1, then press Enter.
FindAWF tool will begin scanning.
It may take a few minutes to complete so be patient.
When the scan is finished, a text file in notepad called AWF.txt will automatically open.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
Click HERE to download FindAWF.exe and save it to your desktop.
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 1, then press Enter.
FindAWF tool will begin scanning.
It may take a few minutes to complete so be patient.
When the scan is finished, a text file in notepad called AWF.txt will automatically open.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
This post has been edited by boopme: 25 February 2008 - 10:42 PM
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
#3
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 25 February 2008 - 11:04 PM
Find AWF report by noahdfear ©2006
Version 1.40
The current date is: Mon 02/25/2008
The current time is: 23:01:21.02
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
04/05/2006 01:21 PM 77,824 hkcmd.exe
04/05/2006 01:21 PM 118,784 igfxpers.exe
04/05/2006 01:21 PM 94,208 igfxtray.exe
3 File(s) 290,816 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
14348 Jan 28 2008 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
Version 1.40
The current date is: Mon 02/25/2008
The current time is: 23:01:21.02
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
04/05/2006 01:21 PM 77,824 hkcmd.exe
04/05/2006 01:21 PM 118,784 igfxpers.exe
04/05/2006 01:21 PM 94,208 igfxtray.exe
3 File(s) 290,816 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
14348 Jan 28 2008 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
#4
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,761
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 25 February 2008 - 11:44 PM
You have a downloader trojan called Downloader.Agent.awf or Downloader.Agent.ayy. This trojan replaces legitimate files that are common on most computers with an infected file. It then moves the legitimate file to a "bak" or backup folder. Please follow steps below:
Copy the file paths in quote below to the clipboard, highlight all of them right-click and choose copy, or highlight them and press Ctrl+C:
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 2, then press Enter.
Press any key to continue.
A Notepad document files.txt will appear with instructions to click below the line and paste the list of files to be restored.
Right click below the line and paste the list of files that were copied to the clipboard (Ctrl+V).
Close Notepad and you will receive prompt to save the changes, click Yes.
The program will proceed with working.
It may take a few minutes to complete so be patient.
When the scan is finished, it will open a text file in notepad called AWF.txt.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
Copy the file paths in quote below to the clipboard, highlight all of them right-click and choose copy, or highlight them and press Ctrl+C:
Quote
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
14348 Jan 28 2008 "C:\Program Files\Apoint\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\hkcmd.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxpers.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
14348 Jan 28 2008 "C:\Program Files\Apoint\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\hkcmd.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxpers.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 2, then press Enter.
Press any key to continue.
A Notepad document files.txt will appear with instructions to click below the line and paste the list of files to be restored.
Right click below the line and paste the list of files that were copied to the clipboard (Ctrl+V).
Close Notepad and you will receive prompt to save the changes, click Yes.
The program will proceed with working.
It may take a few minutes to complete so be patient.
When the scan is finished, it will open a text file in notepad called AWF.txt.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
#5
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 26 February 2008 - 12:02 AM
Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully
The current date is: Mon 02/25/2008
The current time is: 23:58:30.45
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
04/05/2006 01:21 PM 77,824 hkcmd.exe
04/05/2006 01:21 PM 118,784 igfxpers.exe
04/05/2006 01:21 PM 94,208 igfxtray.exe
3 File(s) 290,816 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
14348 Jan 28 2008 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
Version 1.40
Option 2 run successfully
The current date is: Mon 02/25/2008
The current time is: 23:58:30.45
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
04/05/2006 01:21 PM 77,824 hkcmd.exe
04/05/2006 01:21 PM 118,784 igfxpers.exe
04/05/2006 01:21 PM 94,208 igfxtray.exe
3 File(s) 290,816 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
14348 Jan 28 2008 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
14348 Jan 28 2008 "C:\WINDOWS\system32\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
#6
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,761
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 26 February 2008 - 12:10 AM
I'm very sorry ..we need to do step 2 again. I'm very tired and didn't remove the beginnings. I wanted to get you started before I signed off. Please do 2 again with this. I'll be getting some rest now.
You have a downloader trojan called Downloader.Agent.awf or Downloader.Agent.ayy. This trojan replaces legitimate files that are common on most computers with an infected file. It then moves the legitimate file to a "bak" or backup folder. Please follow steps below:
Copy the file paths in quote below to the clipboard, highlight all of them right-click and choose copy, or highlight them and press Ctrl+C:
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 2, then press Enter.
Press any key to continue.
A Notepad document files.txt will appear with instructions to click below the line and paste the list of files to be restored.
Right click below the line and paste the list of files that were copied to the clipboard (Ctrl+V).
Close Notepad and you will receive prompt to save the changes, click Yes.
The program will proceed with working.
It may take a few minutes to complete so be patient.
When the scan is finished, it will open a text file in notepad called AWF.txt.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
You have a downloader trojan called Downloader.Agent.awf or Downloader.Agent.ayy. This trojan replaces legitimate files that are common on most computers with an infected file. It then moves the legitimate file to a "bak" or backup folder. Please follow steps below:
Copy the file paths in quote below to the clipboard, highlight all of them right-click and choose copy, or highlight them and press Ctrl+C:
Quote
"C:\Program Files\Apoint\bak\Apoint.exe"
"C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
"C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
"C:\WINDOWS\system32\bak\igfxpers.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\DISC\DISCover.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Napster\napster.exe"
"C:\Program Files\QuickTime\qttask.exe"
"C:\Program Files\QuickTime\qttask.exe"
"C:\WINDOWS\ehome\ehtray.exe"
"C:\WINDOWS\system32\hkcmd.exe"
"C:\WINDOWS\system32\igfxpers.exe"
"C:\WINDOWS\system32\igfxtray.exe"
"C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
"C:\Program Files\Real\RealPlayer\RealPlay.exe"
"C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
"C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
"C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
"C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
"C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
"C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
"C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
"C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
"C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
"C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
"C:\WINDOWS\system32\bak\hkcmd.exe"
"C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
"C:\WINDOWS\system32\bak\igfxtray.exe"
"C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
"C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
"C:\WINDOWS\system32\bak\igfxpers.exe"
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\DISC\DISCover.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Napster\napster.exe"
"C:\Program Files\QuickTime\qttask.exe"
"C:\Program Files\QuickTime\qttask.exe"
"C:\WINDOWS\ehome\ehtray.exe"
"C:\WINDOWS\system32\hkcmd.exe"
"C:\WINDOWS\system32\igfxpers.exe"
"C:\WINDOWS\system32\igfxtray.exe"
"C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
"C:\Program Files\Real\RealPlayer\RealPlay.exe"
"C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
"C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
"C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
"C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
"C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
"C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
"C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
"C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
"C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
"C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
"C:\WINDOWS\system32\bak\hkcmd.exe"
"C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
"C:\WINDOWS\system32\bak\igfxtray.exe"
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 2, then press Enter.
Press any key to continue.
A Notepad document files.txt will appear with instructions to click below the line and paste the list of files to be restored.
Right click below the line and paste the list of files that were copied to the clipboard (Ctrl+V).
Close Notepad and you will receive prompt to save the changes, click Yes.
The program will proceed with working.
It may take a few minutes to complete so be patient.
When the scan is finished, it will open a text file in notepad called AWF.txt.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
#7
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 26 February 2008 - 12:19 AM
No worries. 
Thanks for all your help!! Here are the results of step 2 after the second time::
Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully
The current date is: Tue 02/26/2008
The current time is: 0:15:17.60
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
04/05/2006 01:21 PM 77,824 hkcmd.exe
04/05/2006 01:21 PM 118,784 igfxpers.exe
04/05/2006 01:21 PM 94,208 igfxtray.exe
3 File(s) 290,816 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
Thanks for all your help!! Here are the results of step 2 after the second time::Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully
The current date is: Tue 02/26/2008
The current time is: 0:15:17.60
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
10/25/2006 06:58 PM 282,624 qttask.exe
1 File(s) 282,624 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\WINDOWS\SYSTEM32\BAK
04/05/2006 01:21 PM 77,824 hkcmd.exe
04/05/2006 01:21 PM 118,784 igfxpers.exe
04/05/2006 01:21 PM 94,208 igfxtray.exe
3 File(s) 290,816 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\qttask.exe"
282624 Oct 25 2006 "C:\Program Files\QuickTime\bak\qttask.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\hkcmd.exe"
77824 Apr 5 2006 "C:\WINDOWS\system32\bak\hkcmd.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxpers.exe"
118784 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxpers.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\Drivers\Intel 945G Display\igfxtray.exe"
94208 Apr 5 2006 "C:\WINDOWS\system32\bak\igfxtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
#8
- To Insanity and Beyond
-
- Group: Global Moderator
- Posts: 48,761
- Joined: 10-September 04
- Gender:Male
- Location:NJ USA
Posted 26 February 2008 - 12:59 PM
Copy the paths in quote below to the clipboard, highlight all of them right-click and choose copy, or highlight them and press Ctrl+C:
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 3, then press Enter.
Press any key to continue.
A Notepad document folders.txt will appear with instructions to click below the line and paste the list of folders to be removed.
Right click below the line and paste the list of paths that were copied to the clipboard (Ctrl+V).
Close Notepad and you will receive prompt to save the changes, click Yes.
The program will proceed with working.
It may take a few minutes to complete so be patient.
When the scan is finished, it will open a text file in notepad called AWF.txt.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
Quote
C:\WINDOWS\system32\bak
C:\Program Files\QuickTime\bak
C:\Program Files\HP\hpcoretech\bak
C:\Program Files\AWS\WeatherBug\bak
C:\Program Files\Hewlett-Packard\HP Software Update\bak
C:\Program Files\Micro Innovations\Optical Scroll\bak
C:\Program Files\Common Files\Microsoft Shared\Works Shared\bak
C:\Program Files\Common Files\InstallShield\UpdateService\bak
C:\Program Files\Adobe\Reader 8.0\Reader\bak
C:\Program Files\Java\jre1.6.0_03\bin\bak
C:\Program Files\Verizon Online\SupportCenter\SmartBridge\bak
C:\Program Files\Creative\Creative Live! Cam\VideoFX\bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bak
C:\WINDOWS\system32\spool\drivers\w32x86\3\bak
C:\Program Files\QuickTime\bak
C:\Program Files\HP\hpcoretech\bak
C:\Program Files\AWS\WeatherBug\bak
C:\Program Files\Hewlett-Packard\HP Software Update\bak
C:\Program Files\Micro Innovations\Optical Scroll\bak
C:\Program Files\Common Files\Microsoft Shared\Works Shared\bak
C:\Program Files\Common Files\InstallShield\UpdateService\bak
C:\Program Files\Adobe\Reader 8.0\Reader\bak
C:\Program Files\Java\jre1.6.0_03\bin\bak
C:\Program Files\Verizon Online\SupportCenter\SmartBridge\bak
C:\Program Files\Creative\Creative Live! Cam\VideoFX\bak
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\bak
C:\WINDOWS\system32\spool\drivers\w32x86\3\bak
Double-click on the FindAWF.exe file to run it.
It will open a command prompt and ask you to "Press any key to continue".
You will be presented with a Menu.
Type 3, then press Enter.
Press any key to continue.
A Notepad document folders.txt will appear with instructions to click below the line and paste the list of folders to be removed.
Right click below the line and paste the list of paths that were copied to the clipboard (Ctrl+V).
Close Notepad and you will receive prompt to save the changes, click Yes.
The program will proceed with working.
It may take a few minutes to complete so be patient.
When the scan is finished, it will open a text file in notepad called AWF.txt.
Return to this thread and copy and paste the contents of the AWF.txt file in your next reply.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook
#9
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 26 February 2008 - 03:14 PM
Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully
The current date is: Tue 02/26/2008
The current time is: 15:09:19.96
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
Version 1.40
Option 3 run successfully
The current date is: Tue 02/26/2008
The current time is: 15:09:19.96
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
#10
- Bleepin' Janitor
-
- Group: Global Moderator
- Posts: 25,511
- Joined: 09-July 05
- Gender:Male
- Location:Virginia, USA
Posted 26 February 2008 - 03:53 PM
Hello kmsteph
Something is not right here. Your option 3 log indicates it ran successfully but all the files are still present. While we are dealing with persistent malware, I have not encountered this issue before when using the fix tool. Therefore, I need you to restart from step 1.
Press 1 then 'Enter' to scan for bak folders
The FindAWF tool will begin scanning your computer for the infected AWF files and backups created by the trojan.
It may take a few minutes to complete so be patient.
When complete, it will open a text file in notepad called awf.txt which will be saved to your desktop.
Copy and paste the contents of the awf.txt file in your next reply.
Something is not right here. Your option 3 log indicates it ran successfully but all the files are still present. While we are dealing with persistent malware, I have not encountered this issue before when using the fix tool. Therefore, I need you to restart from step 1.
- Double-click on FindAWF.exe to start.
- If a "Security Alert" shows, allow the program to run.
- A command prompt will open and ask you to "Press any key to continue...".
- You will be presented with a Menu.
- 1. Press 1 then Enter to scan for bak folders
2. Press 2 then Enter to restore files from bak folders
3. Press 3 then Enter to remove bak folders
4. Press 4 then Enter to reset domain zones
5. Press E then Enter to EXIT
Microsoft MVP - Consumer Security 2007-2012 
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
#11
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 27 February 2008 - 10:54 PM
Find AWF report by noahdfear ©2006
Version 1.40
The current date is: Wed 02/27/2008
The current time is: 22:49:38.14
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
Version 1.40
The current date is: Wed 02/27/2008
The current time is: 22:49:38.14
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
14348 Jan 28 2008 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
14348 Jan 28 2008 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
14348 Jan 28 2008 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
14348 Jan 28 2008 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Jan 28 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
14348 Jan 28 2008 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
14348 Jan 28 2008 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
14348 Jan 28 2008 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
14348 Jan 28 2008 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
14348 Jan 28 2008 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
14348 Jan 28 2008 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
14348 Jan 28 2008 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
#12
- Bleepin' Janitor
-
- Group: Global Moderator
- Posts: 25,511
- Joined: 09-July 05
- Gender:Male
- Location:Virginia, USA
Posted 28 February 2008 - 08:18 AM
Double-click the FindAWF icon once again.
- If a "Security Alert" shows, allow the program to run.
- A command prompt will open and ask you to "Press any key to continue...".
- You will be presented with a Menu.
- Press 2 then 'Enter' to restore files from bak folders
- A text file named files.txt will then open.
- Click below the line and copy/paste the following list of files in the quote box into the text file:
Quote
"C:\Program Files\AIM6\bak\aim6.exe"
"C:\Program Files\Apoint\bak\Apoint.exe"
"C:\Program Files\DISC\bak\DISCover.exe"
"C:\Program Files\iTunes\bak\iTunesHelper.exe"
"C:\Program Files\Napster\bak\napster.exe"
"C:\WINDOWS\ehome\bak\ehtray.exe"
"C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
"C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
"C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
"C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
"C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
"C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
"C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
"C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
"C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
"C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
"C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
"C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
"C:\Program Files\Apoint\bak\Apoint.exe"
"C:\Program Files\DISC\bak\DISCover.exe"
"C:\Program Files\iTunes\bak\iTunesHelper.exe"
"C:\Program Files\Napster\bak\napster.exe"
"C:\WINDOWS\ehome\bak\ehtray.exe"
"C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
"C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
"C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
"C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
"C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
"C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
"C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
"C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
"C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
"C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
"C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
"C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
- Close the text file and click Yes to save the changes. Once files.txt is saved, FindAWF does the following:
- It attempts to terminate the process represented by each filename on the list (if running).
- Deletes the rogue file from the parent folder (if present).
- Copies the original file to the parent folder.
- It attempts to terminate the process represented by each filename on the list (if running).
- When done, it automatically runs a new scan and opens a new log.
- Please copy/paste the contents of the new awf.txt log in your reply.
Microsoft MVP - Consumer Security 2007-2012
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
#13
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 28 February 2008 - 02:01 PM
Find AWF report by noahdfear ©2006
Version 1.40
Option 2 run successfully
The current date is: Thu 02/28/2008
The current time is: 13:57:30.96
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
01/28/2008 11:03 PM 14,348 qttask.exe
1 File(s) 14,348 bytes
Directory of C:\PROGRA~1\SPYBOT~1\BAK
08/31/2007 04:46 PM 1,460,560 TeaTimer.exe
1 File(s) 1,460,560 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\MCAFEE.COM\AGENT\BAK
08/03/2007 10:33 PM 582,992 mcagent.exe
1 File(s) 582,992 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50736 Apr 27 2007 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Feb 27 2008 "C:\Program Files\QuickTime\qttask.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\bak\qttask.exe"
14348 Feb 27 2008 "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
1460560 Aug 31 2007 "C:\Program Files\Spybot - Search & Destroy\bak\TeaTimer.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Feb 27 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
582992 Aug 3 2007 "C:\Program Files\McAfee.com\Agent\mcagent.exe"
582992 Aug 3 2007 "C:\Program Files\McAfee.com\Agent\bak\mcagent.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
Version 1.40
Option 2 run successfully
The current date is: Thu 02/28/2008
The current time is: 13:57:30.96
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\AIM6\BAK
04/27/2007 04:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes
Directory of C:\PROGRA~1\APOINT\BAK
11/17/2004 10:47 PM 118,784 Apoint.exe
1 File(s) 118,784 bytes
Directory of C:\PROGRA~1\DISC\BAK
06/01/2006 07:55 PM 1,077,248 DISCover.exe
1 File(s) 1,077,248 bytes
Directory of C:\PROGRA~1\ITUNES\BAK
10/30/2006 09:36 AM 256,576 iTunesHelper.exe
1 File(s) 256,576 bytes
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\NAPSTER\BAK
06/29/2006 04:17 PM 319,488 napster.exe
1 File(s) 319,488 bytes
Directory of C:\PROGRA~1\QUICKT~1\BAK
01/28/2008 11:03 PM 14,348 qttask.exe
1 File(s) 14,348 bytes
Directory of C:\PROGRA~1\SPYBOT~1\BAK
08/31/2007 04:46 PM 1,460,560 TeaTimer.exe
1 File(s) 1,460,560 bytes
Directory of C:\WINDOWS\EHOME\BAK
08/05/2005 03:56 PM 64,512 ehtray.exe
1 File(s) 64,512 bytes
Directory of C:\PROGRA~1\CANON\MYPRIN~1\BAK
03/21/2006 08:30 PM 1,191,936 BJMyPrt.exe
1 File(s) 1,191,936 bytes
Directory of C:\PROGRA~1\MCAFEE.COM\AGENT\BAK
08/03/2007 10:33 PM 582,992 mcagent.exe
1 File(s) 582,992 bytes
Directory of C:\PROGRA~1\REAL\REALPL~1\BAK
03/23/2007 08:38 PM 26,112 RealPlay.exe
1 File(s) 26,112 bytes
Directory of C:\PROGRA~1\SCANSOFT\OMNIPA~1.0\BAK
03/21/2006 01:19 PM 69,632 OpwareSE4.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\ISBUTI~1\BAK
02/20/2004 04:12 PM 32,768 ISBMgr.exe
1 File(s) 32,768 bytes
Directory of C:\PROGRA~1\SONY\VAIOCA~1\BAK
12/27/2005 03:58 PM 69,632 VCUServe.exe
1 File(s) 69,632 bytes
Directory of C:\PROGRA~1\SONY\VAIOPO~1\BAK
06/27/2006 08:24 PM 217,088 SPMgr.exe
1 File(s) 217,088 bytes
Directory of C:\PROGRA~1\SONY\VAIOUP~1\BAK
10/11/2005 11:36 PM 151,552 VAIOUpdt.exe
1 File(s) 151,552 bytes
Directory of C:\PROGRA~1\SONY\WIRELE~1\BAK
02/14/2006 02:11 PM 176,128 Switcher.exe
1 File(s) 176,128 bytes
Directory of C:\PROGRA~1\SYMPAT~1\BIN\BAK
06/10/2003 09:32 AM 143,360 confsvr.exe
1 File(s) 143,360 bytes
Directory of C:\WINDOWS\SONYSYS\VAIORE~1\BAK
04/19/2003 11:08 PM 28,672 PartSeal.exe
1 File(s) 28,672 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Directory of C:\PROGRA~1\JAVA\JRE15~1.0_0\BIN\BAK
05/03/2006 04:56 AM 36,975 jusched.exe
1 File(s) 36,975 bytes
Directory of C:\PROGRA~1\COMMON~1\AOL\117470~1\EE\BAK
11/03/2004 04:03 PM 125,528 AOLHostManager.exe
1 File(s) 125,528 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
50736 Apr 27 2007 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\Apoint.exe"
118784 Nov 17 2004 "C:\Program Files\Apoint\bak\Apoint.exe"
118784 Nov 17 2004 "C:\WINDOWS\Drivers\Touchpad\Apoint.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\DISCover.exe"
1077248 Jun 1 2006 "C:\Program Files\DISC\bak\DISCover.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\iTunesHelper.exe"
256576 Oct 30 2006 "C:\Program Files\iTunes\bak\iTunesHelper.exe"
102400 Nov 29 2006 "C:\WINDOWS\Installer\{446DBFFA-4088-48E3-8932-74316BA4CAE4}\iTunesIco.exe"
108096 Oct 30 2006 "C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\napster.exe"
319488 Jun 29 2006 "C:\Program Files\Napster\bak\napster.exe"
14348 Feb 27 2008 "C:\Program Files\QuickTime\qttask.exe"
14348 Jan 28 2008 "C:\Program Files\QuickTime\bak\qttask.exe"
14348 Feb 27 2008 "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
1460560 Aug 31 2007 "C:\Program Files\Spybot - Search & Destroy\bak\TeaTimer.exe"
59392 Aug 10 2004 "C:\WINDOWS\$NtUninstallKB900325$\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\ehtray.exe"
64512 Aug 5 2005 "C:\WINDOWS\ehome\bak\ehtray.exe"
14348 Feb 27 2008 "C:\Program Files\Canon\MyPrinter\BJMyPrt.exe"
1191936 Mar 21 2006 "C:\Program Files\Canon\MyPrinter\bak\BJMyPrt.exe"
582992 Aug 3 2007 "C:\Program Files\McAfee.com\Agent\mcagent.exe"
582992 Aug 3 2007 "C:\Program Files\McAfee.com\Agent\bak\mcagent.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\RealPlay.exe"
26112 Mar 23 2007 "C:\Program Files\Real\RealPlayer\bak\RealPlay.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
69632 Mar 21 2006 "C:\Program Files\ScanSoft\OmniPageSE4.0\bak\OpwareSE4.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
32768 Feb 20 2004 "C:\Program Files\Sony\ISB Utility\bak\ISBMgr.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
69632 Dec 27 2005 "C:\Program Files\Sony\VAIO Camera Utility\bak\VCUServe.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
217088 Jun 27 2006 "C:\Program Files\Sony\VAIO Power Management\bak\SPMgr.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe"
151552 Oct 11 2005 "C:\Program Files\Sony\VAIO Update 2\bak\VAIOUpdt.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
176128 Feb 14 2006 "C:\Program Files\Sony\Wireless Switch Setting Utility\bak\Switcher.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\confsvr.exe"
143360 Jun 10 2003 "C:\Program Files\Sympatico Starter Kit\bin\bak\confsvr.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe"
28672 Apr 19 2003 "C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
36975 May 3 2006 "C:\Program Files\Java\jre1.5.0_07\bin\bak\jusched.exe"
14384 Sep 25 2006 "C:\Program Files\AIM6\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\AOLHostManager.exe"
125528 Nov 3 2004 "C:\Program Files\Common Files\AOL\1174700237\EE\bak\AOLHostManager.exe"
end of report
#14
- Bleepin' Janitor
-
- Group: Global Moderator
- Posts: 25,511
- Joined: 09-July 05
- Gender:Male
- Location:Virginia, USA
Posted 28 February 2008 - 02:06 PM
Double-click the FindAWF icon once again.
- A command prompt will open and ask you to "Press any key to continue...".
- You will be presented with a Menu.
- Press 3 then 'Enter' to remove bak folders.
- A text file named files.txt will then open.
- Click below the line and copy/paste the following list of folders in the quote box into the text file:
Quote
C:\Program Files\AIM6\bak
C:\Program Files\Apoint\bak
C:\Program Files\DISC\bak
C:\Program Files\iTunes\bak
C:\Program Files\Napster\bak
C:\Program Files\QuickTime\bak
C:\Program Files\Spybot - Search & Destroy\bak
C:\WINDOWS\ehome\bak
C:\Program Files\Canon\MyPrinter\bak
C:\Program Files\McAfee.com\Agent\bak
C:\Program Files\Real\RealPlayer\bak
C:\Program Files\ScanSoft\OmniPageSE4.0\bak
C:\Program Files\Sony\ISB Utility\bak
C:\Program Files\Sony\VAIO Camera Utility\bak
C:\Program Files\Sony\VAIO Power Management\bak
C:\Program Files\Sony\VAIO Update 2\bak
C:\Program Files\Sony\Wireless Switch Setting Utility\bak
C:\Program Files\Sympatico Starter Kit\bin\bak
C:\WINDOWS\SONYSYS\VAIO Recovery\bak
C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak
C:\Program Files\Java\jre1.5.0_07\bin\bak
C:\Program Files\Common Files\AOL\1174700237\EE\bak
C:\Program Files\Apoint\bak
C:\Program Files\DISC\bak
C:\Program Files\iTunes\bak
C:\Program Files\Napster\bak
C:\Program Files\QuickTime\bak
C:\Program Files\Spybot - Search & Destroy\bak
C:\WINDOWS\ehome\bak
C:\Program Files\Canon\MyPrinter\bak
C:\Program Files\McAfee.com\Agent\bak
C:\Program Files\Real\RealPlayer\bak
C:\Program Files\ScanSoft\OmniPageSE4.0\bak
C:\Program Files\Sony\ISB Utility\bak
C:\Program Files\Sony\VAIO Camera Utility\bak
C:\Program Files\Sony\VAIO Power Management\bak
C:\Program Files\Sony\VAIO Update 2\bak
C:\Program Files\Sony\Wireless Switch Setting Utility\bak
C:\Program Files\Sympatico Starter Kit\bin\bak
C:\WINDOWS\SONYSYS\VAIO Recovery\bak
C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak
C:\Program Files\Java\jre1.5.0_07\bin\bak
C:\Program Files\Common Files\AOL\1174700237\EE\bak
- Close the text file and click Yes to save the changes.
- When done, it automatically runs a new scan and opens a new log.
- Please copy/paste the contents of the new awf.txt log in your reply.
Microsoft MVP - Consumer Security 2007-2012
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
#15
- New Member
-
- Group: Members
- Posts: 9
- Joined: 25-February 08
Posted 28 February 2008 - 02:11 PM
Find AWF report by noahdfear ©2006
Version 1.40
Option 3 run successfully
The current date is: Thu 02/28/2008
The current time is: 14:10:46.10
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\SPYBOT~1\BAK
08/31/2007 04:46 PM 1,460,560 TeaTimer.exe
1 File(s) 1,460,560 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
14348 Feb 27 2008 "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
1460560 Aug 31 2007 "C:\Program Files\Spybot - Search & Destroy\bak\TeaTimer.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
end of report
Version 1.40
Option 3 run successfully
The current date is: Thu 02/28/2008
The current time is: 14:10:46.10
bak folders found
~~~~~~~~~~~
Directory of C:\PROGRA~1\MSNMES~1\BAK
0 File(s) 0 bytes
Directory of C:\PROGRA~1\SPYBOT~1\BAK
08/31/2007 04:46 PM 1,460,560 TeaTimer.exe
1 File(s) 1,460,560 bytes
Directory of C:\PROGRA~1\COMMON~1\SCANSO~1\SSBKGD~1\BAK
09/30/2003 12:14 AM 155,648 SSBkgdupdate.exe
1 File(s) 155,648 bytes
Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~
14348 Feb 27 2008 "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
1460560 Aug 31 2007 "C:\Program Files\Spybot - Search & Destroy\bak\TeaTimer.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdupdate.exe"
155648 Sep 30 2003 "C:\Program Files\Common Files\ScanSoft Shared\SSBkgdUpdate\bak\SSBkgdupdate.exe"
end of report
