This is the remaining output from my prior post. Thanks!

View previous topic View next topic Go down

This is the remaining output from my prior post. Thanks!

Post by Scott Rowland on Sat 04 Jun 2011, 1:32 am


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >
[2007/01/03 01:00:56 | 000,492,154 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\TRANSFORMS=1033.mst

< %USERPROFILE%\Desktop\*.exe >
[2011/04/29 16:17:33 | 012,521,992 | ---- | M] (Mozilla) -- C:\Documents and Settings\Scott Rowland\Desktop\Firefox Setup 4.0.1.exe
[2011/05/24 09:38:41 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Scott Rowland\Desktop\mseinstall.exe
[2010/01/17 17:22:02 | 000,676,736 | ---- | M] () -- C:\Documents and Settings\Scott Rowland\Desktop\setup.exe
[2009/01/02 13:31:05 | 000,607,640 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Scott Rowland\Desktop\xpiinstall-6u11-fcs-bin-b90-windows-i586-25_nov_2008.exe
[2 C:\Documents and Settings\Scott Rowland\Desktop\*.tmp files -> C:\Documents and Settings\Scott Rowland\Desktop\*.tmp -> ]

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >
[2008/02/20 21:53:05 | 059,196,712 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Scott Rowland\My Documents\iTunesSetup.exe
[2009/03/06 17:12:58 | 026,699,048 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Scott Rowland\My Documents\SafariSetup.exe
[5 C:\Documents and Settings\Scott Rowland\My Documents\*.tmp files -> C:\Documents and Settings\Scott Rowland\My Documents\*.tmp -> ]

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/05/18 14:54:05 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/05/18 14:54:07 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/05/18 14:54:07 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2010/08/04 01:47:02 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2004/08/10 06:00:00 | 000,127,213 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ega.cpi
[2005/08/16 05:36:00 | 000,000,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\h323log.txt
[2008/04/13 11:42:06 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\stdole2.tlb
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2008/10/12 20:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\3ivx
[2009/09/06 11:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/10/15 17:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2010/10/17 16:55:36 | 000,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2009/10/14 21:21:16 | 000,000,000 | ---D | M] -- C:\Program Files\AIMTunes
[2011/04/25 12:57:46 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2007/01/03 01:09:18 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Companion
[2008/03/24 20:32:42 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Games
[2007/12/04 10:30:57 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Pictures
[2010/10/17 12:26:01 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Toolbar
[2008/08/25 15:31:11 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/08/02 15:51:00 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2010/06/05 16:00:29 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2007/03/05 16:00:15 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2007/01/03 01:11:01 | 000,000,000 | ---D | M] -- C:\Program Files\BAE
[2009/08/04 09:13:29 | 000,000,000 | ---D | M] -- C:\Program Files\Barbie(TM)
[2009/11/28 19:06:40 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2007/12/08 15:52:24 | 000,000,000 | ---D | M] -- C:\Program Files\BookSmart
[2007/08/11 09:04:43 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2009/08/09 21:30:30 | 000,000,000 | ---D | M] -- C:\Program Files\Brother
[2009/04/13 12:10:12 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2008/05/15 10:56:31 | 000,000,000 | ---D | M] -- C:\Program Files\ClickToConvert
[2011/03/07 17:19:49 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/01/06 16:59:55 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/05/19 18:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2011/06/03 09:44:24 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2007/01/03 00:43:56 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/01/03 01:02:47 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2007/01/03 01:15:41 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/01/03 01:13:20 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support
[2008/02/10 10:39:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/01/03 01:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2009/04/21 12:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\DIGStream
[2007/06/01 19:15:00 | 000,000,000 | ---D | M] -- C:\Program Files\Disney
[2007/01/03 01:14:42 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink Setup
[2008/07/18 22:20:45 | 000,000,000 | ---D | M] -- C:\Program Files\eBay Desktop
[2008/09/26 17:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2005/08/16 21:51:50 | 000,000,000 | ---D | M] -- C:\Program Files\EnglishOtto
[2005/08/16 21:54:50 | 000,000,000 | ---D | M] -- C:\Program Files\ESPNMotion
[2011/01/14 14:04:04 | 000,000,000 | ---D | M] -- C:\Program Files\FileOpen
[2011/04/07 15:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\FunWebProducts
[2011/03/25 15:52:17 | 000,000,000 | ---D | M] -- C:\Program Files\Garden Inn eDirectory
[2011/05/28 05:41:13 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/03/25 11:17:36 | 000,000,000 | ---D | M] -- C:\Program Files\Hampton Hotels eDirectory
[2009/12/10 17:51:48 | 000,000,000 | ---D | M] -- C:\Program Files\HP DeskJet 895C Series
[2010/10/17 07:35:05 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/01/03 01:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2007/01/03 01:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/04/16 03:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/11/27 17:51:45 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/11/27 17:52:25 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/07/25 16:16:17 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2007/01/03 01:09:17 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2008/03/23 12:19:19 | 000,000,000 | ---D | M] -- C:\Program Files\LEGO Media
[2011/01/15 22:34:02 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys
[2011/02/28 19:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/21 18:26:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mattel Interactive
[2008/10/05 19:11:23 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/08/10 14:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2005/08/16 05:43:46 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/03/29 13:21:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2008/06/11 17:13:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/03/27 11:04:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Live
[2009/08/10 14:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Outlook Connector
[2007/01/03 01:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2007/01/03 01:08:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/05/11 03:22:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/10 11:47:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Small Business
[2008/03/29 10:47:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2009/08/10 14:01:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/08/10 11:47:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio .NET 2003
[2009/08/10 14:01:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/10/18 13:49:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/01/12 11:41:50 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2010/10/17 17:10:08 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/05/18 14:55:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/25 16:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/06/11 17:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/12/12 16:05:54 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/08/16 05:37:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/01/08 04:01:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/04/03 07:59:01 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2007/01/03 01:07:35 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2008/10/12 20:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2008/09/03 09:52:58 | 000,000,000 | ---D | M] -- C:\Program Files\Netflix
[2008/10/05 19:05:11 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2007/01/03 01:01:40 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2009/08/02 15:52:06 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2010/01/17 17:26:43 | 000,000,000 | ---D | M] -- C:\Program Files\Norton 360
[2010/07/12 14:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Support
[2010/01/17 17:24:43 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2009/08/09 21:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\Nuance
[2011/05/17 22:30:52 | 000,000,000 | ---D | M] -- C:\Program Files\Object
[2005/08/16 05:38:24 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/15 04:00:39 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2008/01/06 15:17:35 | 000,000,000 | ---D | M] -- C:\Program Files\OVT
[2011/06/03 09:44:30 | 000,000,000 | ---D | M] -- C:\Program Files\PHPNukeEN
[2008/03/15 09:26:30 | 000,000,000 | ---D | M] -- C:\Program Files\Promosoft Corporation
[2009/11/27 17:49:20 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/03/03 17:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/07/25 16:21:22 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/08/16 21:58:50 | 000,000,000 | ---D | M] -- C:\Program Files\RGB
[2007/01/03 01:10:05 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/03/06 17:14:49 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2009/08/09 21:22:50 | 000,000,000 | ---D | M] -- C:\Program Files\ScanSoft
[2009/10/11 17:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra On-Line
[2007/01/03 00:58:07 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2008/11/10 18:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDraw 2009
[2007/01/03 01:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2009/05/03 17:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\Sound Source Interactive
[2008/07/25 10:53:47 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2010/10/17 16:57:23 | 000,000,000 | ---D | M] -- C:\Program Files\supportdotcom
[2011/05/22 07:44:05 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2011/05/31 21:33:52 | 000,000,000 | ---D | M] -- C:\Program Files\TestWorks
[2009/07/20 20:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\TrueSwitch
[2008/07/25 14:48:25 | 000,000,000 | ---D | M] -- C:\Program Files\UNIAP
[2005/08/16 05:50:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/06/15 20:03:28 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2011/05/16 18:58:46 | 000,000,000 | ---D | M] -- C:\Program Files\wbtooltb
[2010/10/16 15:43:36 | 000,000,000 | ---D | M] -- C:\Program Files\WebEx
[2007/01/06 16:31:53 | 000,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2010/10/18 15:08:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2009/08/10 14:10:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2007/04/03 07:55:20 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/04/03 07:55:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/10/05 19:05:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/08/16 05:37:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2010/01/17 17:26:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2005/08/16 05:40:46 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/09/07 19:29:51 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft Trial
[2005/08/16 05:43:46 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2007/01/30 23:06:59 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2007/09/30 13:25:13 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! Games


< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: IASTOR.SYS >
[2006/10/10 21:03:48 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\drivers\storage\R130118\iastor.sys
[2006/07/06 07:59:42 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\i386\iaStor.sys
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2010/10/16 15:19:30 | 000,246,784 | ---- | M] () MD5=247B56A916AC22A3E1AC8A16D36CC961 -- C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\DRVSTORE\iaStor_BB5E44AE45FD56D7B2C2FE48CCE823F0A24DCF08\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-23 07:00:31

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2004/09/01 12:56:34 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2004/09/01 12:56:34 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BDCFAD6
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D5907B8

< End of report >


aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-03 10:11:35
-----------------------------
10:11:35.621 OS Version: Windows 5.1.2600 Service Pack 3
10:11:35.621 Number of processors: 2 586 0xF06
10:11:35.621 ComputerName: DF5YFBC1 UserName:
10:11:37.168 Initialize success
10:11:41.277 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:11:41.277 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238418MB BusType: 8
10:11:41.309 Disk 0 MBR read successfully
10:11:41.309 Disk 0 MBR scan
10:11:41.309 Disk 0 unknown MBR code
10:11:41.324 Disk 0 scanning sectors +488263545
10:11:41.355 Disk 0 scanning C:\WINDOWS\system32\drivers
10:11:48.277 Service scanning
10:11:49.324 Disk 0 trace - called modules:
10:11:49.324 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:11:49.340 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a808030]
10:11:49.340 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a809028]
10:11:49.340 Scan finished successfully
10:12:15.387 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\MBR.dat"
10:12:15.402 The log file has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\aswMBR.txt"


aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-03 10:11:35
-----------------------------
10:11:35.621 OS Version: Windows 5.1.2600 Service Pack 3
10:11:35.621 Number of processors: 2 586 0xF06
10:11:35.621 ComputerName: DF5YFBC1 UserName:
10:11:37.168 Initialize success
10:11:41.277 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:11:41.277 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238418MB BusType: 8
10:11:41.309 Disk 0 MBR read successfully
10:11:41.309 Disk 0 MBR scan
10:11:41.309 Disk 0 unknown MBR code
10:11:41.324 Disk 0 scanning sectors +488263545
10:11:41.355 Disk 0 scanning C:\WINDOWS\system32\drivers
10:11:48.277 Service scanning
10:11:49.324 Disk 0 trace - called modules:
10:11:49.324 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:11:49.340 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a808030]
10:11:49.340 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a809028]
10:11:49.340 Scan finished successfully
10:12:15.387 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\MBR.dat"
10:12:15.402 The log file has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\aswMBR.txt"
10:20:42.277 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\MBR.dat"
10:20:42.293 The log file has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\aswMBR.txt"


Results of screen317's Security Check version 0.99.12
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Norton 360
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Java(TM) 6 Update 3
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.2.159.1
Adobe Reader 9.4.2
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
``````````End of Log````````````

Scott Rowland

Newbie Surfer
Newbie Surfer

Posts : 5
Joined : 2011-02-27
Operating System : windows xp

View user profile

Back to top Go down

Re: This is the remaining output from my prior post. Thanks!

Post by Pancake on Sat 04 Jun 2011, 11:01 am

Can you please keep your posts in one thread .Thanks.



I see you have used Combofix before.......You should not be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.

===============================================

Please download Malwarebytes' Anti-Malware from one of these places:

Majorgeeks or Besttechie


Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.Do so.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply.



===============================================



Download Combofix from Bleepingcomputer or Geekstogo and place it on your Desktop

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Combofix may be slow to start and appear to be doing nothing before it starts scanning.Just leave it,it will start.

You can get help on disabling your protection programs here : [You must be registered and logged in to see this link.]

Please include the C:\ComboFix.txt in your next reply for further review.


Caution.....
Never use this program to remove files.Only use it with help from an experienced user.Wrongful use can damage your computer.This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a qualified helper













Home Town Web Page

Pancake

Tech Staff
Tech Staff

Posts : 222
Joined : 2010-03-06
Operating System : Windows 7

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum