**** Malware_Report_-_Results ****
This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:
MD5 =24b2af75eb6332db26b4139e00622e5b

**** Malware_Report_-_Results ****
 _____________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|File_MD5Sum_____________________|SHA1SUM_________________________________|SHA256SUM_______________________________________________________|FUZZY_HASH______________________________________________________________________|File_Size|
|24b2af75eb6332db26b4139e00622e5b|a21213ee65d36861c3955f793ac4219bd4102b1a|8951cf7d7a4a3412cf84d5a43ac2e990bff7942e2c662657ce7912d3690b6068|98304:rfniroN7nTLK6BCJbCSGZ4bAZ+8xWmjRFGCjt2dDDdUXbuz:LniroN7n3b0CBCbi+vOGi2RdUL|4211712__|
**** File_Results ****
 ____________
|File_Name___|
|LSS%5Fxp.exe|
**** SNORT_Results ****
 _______________________________________________________________________________________________
|Snort_Class__________________|Snort_Alert________________________________________________|Count|
|A_Network_Trojan_was_Detected|ET_USER_AGENTS_Suspicious_User_Agent_(TALWinInetHTTPClient)|1____|
|A_Network_Trojan_was_Detected|ET_TROJAN_FAKE_AV_HTTP_CnC_Post____________________________|1____|
|Misc_Attack__________________|ET_RBN_Known_Russian_Business_Network_IP_TCP_(135)_________|1____|
**** AV_Results ****
 __________________
|AV_Alert|AV_Vendor|
**** Folders_(Added)_-_ICC_Results ****
 _______________________________________________________________________________________________________________
|Path_______________________________________________________________________________________|Folder_Name________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/WINDOWS/system32/drivers________________________________________________________________|disdn______________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/WINDOWS/system32/drivers________________________________________________________________|etc________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/WINDOWS/system32/Macromed_______________________________________________________________|Common_____________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/WINDOWS/system32________________________________________________________________________|dhcp_______________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft_______________|Windows_Media______|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows_Media_|9.0________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data_________________________|Adobe______________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Adobe___________________|Acrobat____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Adobe_/Acrobat__________|8.0________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Adobe_/Acrobat/8.0______|Updater____________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft_______________|Internet_Explorer__|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs____________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data________________________________________|Live_Security_Suite|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite____________________|db_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft_______________|Internet_Explorer__|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_____|ITB2CJ0C___________|
|c:/Program_Files___________________________________________________________________________|Live_Security_Suite|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|db_________________|
|c:/Program_Files/Live_Security_Suite_______________________________________________________|languages__________|
**** Files_(Added)_-_ICC_Results ****
 _________________________________________________________________________________________________________________________________
|Path___________________________________________________________________________________________|File_Name________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|ofout.exe________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|OUTAND.EXE-23658734.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/WINDOWS/system32____________________________________________________________________________|wlsrbdffhl.dll___________________|
|c:/WINDOWS/system32____________________________________________________________________________|wughclwicp.dll___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|ofatby.exe_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|ANDOUTFORON.EXE-01AE8BBC.pf______|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|SANDNET.EXE-2012C478.pf__________|
|c:/WINDOWS/system32/drivers/disdn______________________________________________________________|andoutforon.exe__________________|
|c:/WINDOWS/system32____________________________________________________________________________|anavumlwk.dll____________________|
|c:/WINDOWS/system32____________________________________________________________________________|nvgglec.dll______________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:_____________________________________________________________________________________________|netstat_post.txt_________________|
|c:_____________________________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|theofin.exe______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|OROF.EXE-35DF9575.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32/drivers/etc________________________________________________________________|orof.exe_________________________|
|c:/WINDOWS/system32/drivers/etc________________________________________________________________|hosts____________________________|
|c:/WINDOWS/system32/drivers/etc________________________________________________________________|lmhosts.sam______________________|
|c:/WINDOWS/system32/drivers/etc________________________________________________________________|networks_________________________|
|c:/WINDOWS/system32/drivers/etc________________________________________________________________|protocol_________________________|
|c:/WINDOWS/system32/drivers/etc________________________________________________________________|services_________________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/WINDOWS/system32____________________________________________________________________________|riswtlur.dll_____________________|
|c:/WINDOWS/system32____________________________________________________________________________|tfsqfihfjl.dll___________________|
|c:_____________________________________________________________________________________________|netstat_post.txt_________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt_________________|
|c:_____________________________________________________________________________________________|taskv_post.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|outonby.exe______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|CYGRUNSRV.EXE-01BF82AE.pf________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|THEAT.EXE-18B483D6.pf____________|
|c:/WINDOWS/system32/Macromed/Common____________________________________________________________|theat.exe________________________|
|c:/WINDOWS/system32/Macromed/Common____________________________________________________________|SwSupport.dll____________________|
|c:/WINDOWS/system32____________________________________________________________________________|blletbjqaw.dll___________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/WINDOWS/system32____________________________________________________________________________|wcjsmehh.dll_____________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|FORATTHE.EXE-022E9EFA.pf_________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|SANDNET.EXE-2012C478.pf__________|
|c:/WINDOWS/system32____________________________________________________________________________|aqurcise.dll_____________________|
|c:/WINDOWS/system32____________________________________________________________________________|ewgihvkumk.dll___________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|ofbyof.exe_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|ANDBYANDAT.EXE-01618C1C.pf_______|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32/dhcp_______________________________________________________________________|andbyandat.exe___________________|
|c:/WINDOWS/system32____________________________________________________________________________|dnruefwkko.dll___________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/WINDOWS/system32____________________________________________________________________________|titnwqjqot.dll___________________|
|c:_____________________________________________________________________________________________|netstat_post.txt_________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt_________________|
|c:_____________________________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|orand.exe________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows_Media_____|foron.exe________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows_Media_/9.0|WMSDKNS.DTD______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows_Media_/9.0|WMSDKNS.XML______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|FORON.EXE-18A2C406.pf____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32____________________________________________________________________________|eeetfqdfs.dll____________________|
|c:/WINDOWS/system32____________________________________________________________________________|erhiltpp.dll_____________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:_____________________________________________________________________________________________|netstat_post.txt_________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt_________________|
|c:_____________________________________________________________________________________________|taskv_post.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Adobe_______________________|ator.exe_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|onbyand.exe______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Adobe_/Acrobat/8.0/Updater__|updater.log______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|ATOR.EXE-24669C0B.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32____________________________________________________________________________|csvlovcag.dll____________________|
|c:/WINDOWS/system32____________________________________________________________________________|ftpuitavwp.dll___________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|byfororand.exe___________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|forby.exe________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|MSIMGSIZ.DAT_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|BYFORORAND.EXE-1D953ACD.pf_______|
|c:/WINDOWS/Prefetch____________________________________________________________________________|CYGRUNSRV.EXE-01BF82AE.pf________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32____________________________________________________________________________|bgwbuphd.dll_____________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:/WINDOWS/system32____________________________________________________________________________|vgtetfvt.dll_____________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt_________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt___________________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite_Home_Page.lnk|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/All_Users/Start_Menu/Programs/Live_Security_Suite____________________|Purchase_License.lnk_____________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Microsoft/Internet_Explorer/Quick_Launch___|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|config.cfg_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|pb.dll___________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Timeout.inf______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite/db_____________________|Urls.inf_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|HTUninstaller.exe________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|settings.ini_____________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|uill.ini_________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data/Live_Security_Suite________________________|Uninstall_Live_Security_Suite.lnk|
|c:/Documents_and_Settings/dmc73144/Desktop_____________________________________________________|Live_Security_Suite.lnk__________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|andonthe.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|andofonby.exe____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|pguard.ini_______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Windows___________|services.exe_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iGSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iMSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|iPSh.png_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Application_Data/Microsoft/Internet_Explorer_|MSIMGSIZ.DAT_____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Timeout.inf.tmp_________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp_________________________________________|~Urls.inf.tmp____________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini______________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|install[1].htm___________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|activate.ico_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|DBInfo.ver_______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|ga090122.db______________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|Infected.wav_____________________|
|c:/Program_Files/Live_Security_Suite/db________________________________________________________|lists.ini________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|explorer.ico_____________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSEs.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSFr.lng________________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSGer.lng_______________________|
|c:/Program_Files/Live_Security_Suite/Languages_________________________________________________|LSSIt.lng________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|LiveSS.exe_______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|reg.ico__________________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|uninstall.ico____________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|working.log______________________|
|c:/Program_Files/Live_Security_Suite___________________________________________________________|~LiveSS.tmp______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|ANDONTHE.EXE-09758669.pf_________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|LIVESS.EXE-2474900A.pf___________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf______________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_____________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|PING.EXE-31216D26.pf_____________|
|c:/WINDOWS/system32____________________________________________________________________________|eooshej.dll______________________|
|c:/WINDOWS/system32____________________________________________________________________________|ofkojdh.dll______________________|
|c:/WINDOWS/system32____________________________________________________________________________|pb.sys___________________________|
|c:_____________________________________________________________________________________________|netstat_post.txt_________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt_________________|
|c:_____________________________________________________________________________________________|taskv_post.txt___________________|
**** Files_(Deleted)_-_ICC_Results ****
 _____________________
|Action|Path|File_Name|
**** Files_(Changed)_-_ICC_Results ****
 _______________________________________________________________________________________________________________________________
|Action__|Path_________________________________________________________________________________________|File_Name_______________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SANDNET.EXE-2012C478.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Application_Data/Mozilla/Firefox/Profiles/ektregxy.default|prefs.js________________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies___________________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5_______|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|software.LOG____________|
|modified|c:/WINDOWS/system32/config___________________________________________________________________|system.LOG______________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.BTR_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.DATA____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144___________________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch__________________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs________________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS_______________________________________________________|OBJECTS.MAP_____________|
**** Registry_Keys_(Added)_-_ICC_Results ****
 ___________
|Action|Path|
**** Registry_Values_(Added)_-_ICC_Results ****
 _____________________________
|Action|Path|Val_Name|Val_Data|
**** Registry_Values_(Deleted)_-_ICC_Results ****
 ________________________________________________________________
|Action|Path|Val_Name|Val_Type|Mod_Val_Type|Val_Data|Mod_Val_Data|
**** Registry_Values_(Changed)_-_ICC_Results ****
 _________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action__|Path____________________________________________________________________________________________________________________|Val_Name______________|Val_Data________________________________________________________________________|Mod_Val_Data___________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|D6_DC_6A_05_32_6B_C1_B9_FC_FC_86_C0_5B_B1_71_91_8A_EC_A1_BA_9A_CE_61_92_91_F2_09|F3_D9_68_E0_CC_64_0B_46_AD_34_58_21_E6_24_69_4B_58_4C_03_82_18_2B_C1_6A_18_97_C|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|2B_D1_1D_F5_99_88_2A_37_68_F5_5C_73_8C_B5_5F_16_45_70_CE_2E_C9_C4_E0_09_49_5B_C1|FA_EC_82_28_9E_6E_DB_EE_91_58_20_FB_19_29_C8_31_DB_1D_A7_69_64_6E_35_E7_D3_17_8|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|07_A8_FD_ED_3A_48_B7_8D_E0_0C_86_BE_48_A0_3A_4D_C6_AF_9C_67_54_1B_42_3F_DF_D0_62|E1_D8_8D_9C_A9_83_99_36_A5_F5_3A_BD_3B_D0_AA_11_4D_AF_AE_3D_75_25_B3_CD_51_E5_7|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|8C_4A_FB_2A_30_2E_DC_4C_A8_5C_82_16_57_B5_A5_8E_3C_B6_05_EE_F9_3D_50_A3_61_AC_70|AF_AB_F7_34_F5_EF_8E_98_EC_3A_F2_15_8E_58_93_CB_8C_93_D6_5B_43_43_7B_3F_4A_8A_C|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Control/ServiceCurrent____________________________________________________________________|______________________|0x00000009______________________________________________________________________|0x0000000A_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|E8_D4_29_D4_D8_C1_2E_3D_E2_A3_52_53_4B_76_AD_7D_2D_C9_AC_07_41_BC_AA_BE_7D_C2_95|5F_95_18_1A_32_B1_5F_00_2D_19_BA_3A_27_A4_23_DC_22_34_0F_FE_B0_17_86_D9_7A_01_6|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|76_09_3A_48_7C_27_33_FB_7C_9A_C2_F1_D4_58_57_5A_F5_23_F0_82_E8_CF_71_27_AB_7E_53|CA_B0_80_C8_06_64_9B_D7_90_BD_D2_F6_FD_09_3B_8B_39_E8_01_A6_38_85_C3_52_9B_3E_6|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|79_B0_19_09_31_EF_12_1E_73_72_5C_9D_59_6B_08_B2_DB_22_80_0E_34_10_88_9D_B6_96_F5|E1_74_A6_3C_EA_13_45_F8_80_6B_00_01_44_5F_98_9F_1E_AD_23_D2_24_1C_A4_33_15_ED_9|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|3B_F6_8D_C3_F5_59_76_53_3A_7D_CA_D3_79_A9_E3_87_B0_CE_E7_55_4F_A2_6A_C4_13_52_EB|AF_73_24_E4_E9_A1_50_AB_28_59_3F_DF_48_E4_55_57_1C_4C_E3_B3_0C_F1_5B_4C_41_9F_F|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|CE_06_91_85_EB_E7_10_3D_61_74_C7_FE_CF_A3_54_2C_2A_46_56_23_DD_4B_63_89_E1_F1_42|A0_E7_6E_FD_FA_7D_81_83_8E_AA_8C_37_35_C1_B3_18_8C_97_5C_29_AE_5F_50_73_FE_72_B|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Control/ServiceCurrent____________________________________________________________________|______________________|0x00000009______________________________________________________________________|0x0000000A_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|C1_FE_1E_31_FC_D0_02_C5_31_63_49_13_52_45_68_07_F1_61_92_54_DE_ED_4A_50_CB_EB_58|16_5A_2B_B7_05_ED_B9_65_55_50_0B_56_65_06_56_54_25_7D_E4_0B_78_14_AF_9A_03_07_C|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirstRunDisabled______|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|AntiVirusDisableNotify|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|FirewallDisableNotify_|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Security_Center_________________________________________________________________________________|UpdatesDisableNotify__|0x00000001______________________________________________________________________|0x00000000_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings___|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_16_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed__________________|77_91_40_3A_DA_18_80_33_88_70_4E_8B_91_A1_7E_9D_2B_76_80_BE_7C_C9_1D_DD_19_97_5C|E5_66_83_97_98_3D_E0_7A_7E_88_29_B5_0D_C4_CC_D5_94_79_C3_03_43_60_38_A0_E9_D5_E|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount__________|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
**** DNS_Results ****
 _____________________________________________________________________________
|DNS_________________|DNS_Response____________________________________________|
|live.com____________|Standard_query_response_A_65.55.206.154_________________|
|microsoft.com_______|Standard_query_response_A_207.46.232.182_A_207.46.197.32|
|www.google.com______|Standard_query_response_A_8.15.228.161_A_69.25.212.57___|
|livesgenpayment.com_|Standard_query_response_A_208.73.210.29_________________|
|xoomer.alice.it_____|Standard_query_response_A_62.211.68.12__________________|
|livesecsuite.com____|Standard_query_response_A_62.122.73.76__________________|
|www.livesecsuite.com|Standard_query_response_A_62.122.73.76__________________|
|www.google.com______|Standard_query_response_A_69.25.212.57_A_8.15.228.161___|
|microsoft.com_______|Standard_query_response_A_207.46.197.32_A_207.46.232.182|
**** URL_Results ****
 _____________________________________________________________________________________________________________
|DstIP__________|HTTP_HOST___________|HTTP_REQUEST_URI|HTTP_USER_AGENT_______________________________|PROTOCOL|
|65.55.206.154__|live.com____________|/install________|Mozilla/3.0_(compatible;_TALWinInetHTTPClient)|0x06____|
|239.255.255.250|239.255.255.250:1900|*_______________|--blank--_____________________________________|0x11____|
**** ARGUS_PROTOCOL_Results ****
 ______________________________________________
|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|6_______|41______|29______|2825_____|2033_____|
|17______|2_______|0_______|350______|0________|
**** ARGUS_DPORT_Results ****
 ____________________________________________________
|DPORT|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|80___|6_______|29______|20______|2099_____|1487_____|
|443__|6_______|12______|9_______|726______|546______|
|1900_|17______|2_______|0_______|350______|0________|
**** ARGUS_DATA_Results ****
 ________________________________________________________________________________________
|Time____|Date______|Protocol|SrcIP_____|DstIP__________|Dir|Flags|Sport|Dport|Pkts|Bytes|
|00:46:42|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|558__|80___|6___|364__|
|00:46:42|2010-10-11|6_______|10.10.10.7|8.15.228.161___|->_|e____|559__|80___|7___|424__|
|00:46:42|2010-10-11|6_______|10.10.10.7|208.73.210.29__|->_|e____|561__|443__|7___|424__|
|00:47:02|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|601__|80___|9___|1162_|
|05:31:14|2010-10-11|6_______|10.10.10.7|208.73.210.29__|->_|e____|557__|443__|7___|424__|
|05:31:15|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|558__|80___|7___|424__|
|05:31:15|2010-10-11|6_______|10.10.10.7|208.73.210.29__|->_|e____|559__|443__|7___|424__|
|05:31:16|2010-10-11|6_______|10.10.10.7|62.122.73.76___|->_|e____|562__|80___|7___|424__|
|05:31:17|2010-10-11|6_______|10.10.10.7|207.46.232.182_|->_|e____|556__|80___|7___|424__|
|05:31:35|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|563__|80___|10__|1222_|
|00:51:39|2010-10-11|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|05:36:17|2010-10-11|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|16:04:33|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|238__|80___|6___|364__|
|16:04:33|2010-10-11|6_______|10.10.10.7|62.211.68.12___|->_|e____|268__|80___|7___|424__|
|16:04:33|2010-10-11|6_______|10.10.10.7|208.73.210.29__|->_|e____|393__|443__|7___|424__|
|16:04:34|2010-10-11|6_______|10.10.10.7|62.122.73.76___|->_|e____|444__|80___|7___|424__|
|16:04:53|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|38___|80___|9___|1162_|
|23:00:36|2010-10-11|6_______|10.10.10.7|62.211.68.12___|->_|e____|526__|80___|7___|424__|
|23:00:36|2010-10-11|6_______|10.10.10.7|208.73.210.29__|->_|e____|527__|443__|7___|424__|
|23:00:37|2010-10-11|6_______|10.10.10.7|62.122.73.76___|->_|e____|531__|80___|7___|424__|
|23:00:39|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|402__|80___|7___|424__|
|23:00:55|2010-10-11|6_______|10.10.10.7|65.55.206.154__|->_|e____|571__|80___|9___|1162_|
|16:09:41|2010-10-11|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|23:05:57|2010-10-11|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|18:09:41|2010-10-12|6_______|10.10.10.7|65.55.206.154__|->_|e____|557__|80___|7___|424__|
|18:09:41|2010-10-12|6_______|10.10.10.7|208.73.210.29__|->_|e____|558__|443__|7___|424__|
|18:09:42|2010-10-12|6_______|10.10.10.7|62.122.73.76___|->_|e____|563__|80___|7___|424__|
|18:10:01|2010-10-12|6_______|10.10.10.7|65.55.206.154__|->_|e____|570__|80___|9___|1162_|
|08:04:10|2010-10-13|6_______|10.10.10.7|207.46.197.32__|->_|e____|289__|80___|7___|424__|
|08:04:10|2010-10-13|6_______|10.10.10.7|208.73.210.29__|->_|e____|538__|443__|7___|424__|
|08:04:11|2010-10-13|6_______|10.10.10.7|62.211.68.12___|->_|e____|541__|80___|7___|424__|
|08:04:31|2010-10-13|6_______|10.10.10.7|65.55.206.154__|->_|e____|580__|80___|9___|1162_|
|18:14:42|2010-10-12|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|08:09:10|2010-10-13|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|15:26:46|2010-10-13|6_______|10.10.10.7|207.46.232.182_|->_|e____|549__|80___|7___|424__|
|15:26:46|2010-10-13|6_______|10.10.10.7|208.73.210.29__|->_|e____|550__|443__|7___|424__|
|15:26:46|2010-10-13|6_______|10.10.10.7|65.55.206.154__|->_|e____|553__|80___|6___|364__|
|15:27:04|2010-10-13|6_______|10.10.10.7|65.55.206.154__|->_|e____|557__|80___|9___|1162_|
|01:36:09|2010-10-14|6_______|10.10.10.7|207.46.232.182_|->_|e____|556__|80___|7___|424__|
|01:36:09|2010-10-14|6_______|10.10.10.7|208.73.210.29__|->_|e____|564__|443__|7___|424__|
|01:36:31|2010-10-14|6_______|10.10.10.7|65.55.206.154__|->_|e____|256__|80___|9___|1162_|
|15:31:53|2010-10-13|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|01:41:08|2010-10-14|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|13:57:01|2010-10-14|6_______|10.10.10.7|65.55.206.154__|->_|e____|344__|80___|7___|424__|
|13:57:01|2010-10-14|6_______|10.10.10.7|8.15.228.161___|->_|e____|346__|80___|6___|364__|
|13:57:01|2010-10-14|6_______|10.10.10.7|208.73.210.29__|->_|e____|347__|443__|7___|424__|
|13:57:02|2010-10-14|6_______|10.10.10.7|62.122.73.76___|->_|e____|522__|80___|7___|424__|
|13:57:20|2010-10-14|6_______|10.10.10.7|65.55.206.154__|->_|e____|561__|80___|10__|1222_|
|14:02:24|2010-10-14|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|20:18:38|2010-10-14|6_______|10.10.10.7|207.46.197.32__|->_|e____|554__|80___|6___|364__|
|20:18:38|2010-10-14|6_______|10.10.10.7|62.122.73.76___|->_|e____|555__|80___|7___|424__|
|20:18:38|2010-10-14|6_______|10.10.10.7|208.73.210.29__|->_|e____|557__|443__|6___|364__|
|20:18:38|2010-10-14|6_______|10.10.10.7|208.73.210.29__|->_|e____|559__|443__|7___|424__|
|20:18:57|2010-10-14|6_______|10.10.10.7|65.55.206.154__|->_|e____|565__|80___|9___|1162_|
|20:23:43|2010-10-14|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
**** Packer_Results ****
 ___________
|Packer_Name|
**** HoneyTrap_Results ****
 ____________________________
|Honey_Trap_Log_File_Location|
**** PTFB_Results ****
 ______________________
|PTFB_Log_File_Location|