# is this spyware



## tiggerwoods (Jan 3, 2008)

hey i did a scan using this free detector i got on the net to find spyware ect on my computer and seemed to come up with this list of items as being dodgy..Does any one with any experisanc eknow if these are dodgy? an what do i do if it is?

C:\WINDOWS\system32\config\software.LOG


:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\Documents and Settings\pupils\Local Settings\Temporary Internet Files\Content.IE5\index.dat
was modified.

C:\Documents and Settings\pupils\Cookies\index.dat
was modified.

C:\Documents and Settings\pupils\Local Settings\History\History.IE5\index.dat
was modified.

C:\Program Files\Common Files\Real\Common
was modified.

C:\Program Files\Common Files\Real\Common\{A0828FE8-0116-450a-8863-2BEFC83AA5F9}
was removed.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\Documents and Settings\pupils\Application Data\Real\rnadmin\rnsystem.dat
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\Documents and Settings\pupils\ntuser.dat.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
was modified.

C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.

C:\WINDOWS\system32\config\software.LOG
was modified.


----------



## Byteman (Jan 24, 2002)

Hi,

You didn't say which scan tool was used....

If you want to check for spyware etc, post this log:

Let's have you post a log from Hijackthis and maybe we can spot anything out of place:
go to *Click here* to download HJTsetup.exe
On that page, select one of the servers in the list under the *Free Downloads heading*
Save HJTsetup.exe to your *desktop.*
Double click on the *HJTsetup.exe icon* on your desktop.
By default it will install to *C:\Program Files\Hijack This.* 
Continue to click *Next * in the setup dialogue boxes until you get to the *Select Additional Tasks dialogue.*
Put a check by *Create a desktop icon* then click *Next* again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the *Do a system scan and save a log file* button. It will scan and then save the log and then the log will open in Notepad.
Click on *"Edit > Select All" * then click on *"Edit > Copy" *to copy the entire contents of the log.
Paste the log in your next reply.
*Don't* use the Analyse This button, its findings are dangerous if misinterpreted. 
DO *NOT* have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
*Please also do this:*

Open *Hijack This* and click on the "Open the Misc Tools section" button. 
Click on the "*Open Uninstall Manager*" button.
Click the "Save List" button. After you click the "Save List" button, you will be asked where to save the file. Pick a place to save it then the list should open in notepad. 
*Copy and paste that list here in your reply*


----------

