|
FIND IT Log
Warning! This utility will find legitimate files in addition to malware.
Do not remove anything unless you are sure you know what you're doing.
Warning! This utility will find legitimate files in addition to malware.
Do not remove anything unless you are sure you know what you're doing.
------- System Files in System Directory -------
Volume in drive C has no label
Volume Serial Number is 4249-17E1
Directory of C:\WINDOWS\SYSTEM
{A2CDF~1 DAT 32 11-13-03 5:30p {A2CDF2EA-4F11-4778-920E-0033BAFA7C1D}.dat
{B577D~1 DAT 32 09-22-03 9:07p {B577DF33-655C-480F-AD6F-370AAD60D45E}.dat
2 file(s) 64 bytes
0 dir(s) 20,054.61 MB free
------- System Files in System Directory -------
Volume in drive C has no label
Volume Serial Number is 4249-17E1
Directory of C:\WINDOWS\SYSTEM
{A2CDF~1 DAT 32 11-13-03 5:30p {A2CDF2EA-4F11-4778-920E-0033BAFA7C1D}.dat
{B577D~1 DAT 32 09-22-03 9:07p {B577DF33-655C-480F-AD6F-370AAD60D45E}.dat
2 file(s) 64 bytes
0 dir(s) 19,983.56 MB free
------- Hidden Files in System Directory -------
Volume in drive C has no label
Volume Serial Number is 4249-17E1
Directory of C:\WINDOWS\SYSTEM
NTICDM~1 DLL 1,024 10-19-04 10:25a NTICDMK32.dll
{A2CDF~1 DAT 32 11-13-03 5:30p {A2CDF2EA-4F11-4778-920E-0033BAFA7C1D}.dat
{B577D~1 DAT 32 09-22-03 9:07p {B577DF33-655C-480F-AD6F-370AAD60D45E}.dat
FOLDER HTT 23,155 09-22-03 4:36p folder.htt
DESKTOP INI 271 09-22-03 4:36p desktop.ini
5 file(s) 24,514 bytes
0 dir(s) 20,054.59 MB free
---------------- User Agent ------------
------- Hidden Files in System Directory -------
Volume in drive C has no label
Volume Serial Number is 4249-17E1
Directory of C:\WINDOWS\SYSTEM
NTICDM~1 DLL 1,024 10-19-04 10:25a NTICDMK32.dll
{A2CDF~1 DAT 32 11-13-03 5:30p {A2CDF2EA-4F11-4778-920E-0033BAFA7C1D}.dat
{B577D~1 DAT 32 09-22-03 9:07p {B577DF33-655C-480F-AD6F-370AAD60D45E}.dat
FOLDER HTT 23,155 09-22-03 4:36p folder.htt
DESKTOP INI 271 09-22-03 4:36p desktop.ini
5 file(s) 24,514 bytes
0 dir(s) 19,983.56 MB free
---------------- User Agent ------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
------------------ Locate.com Results ------------------
No matches found.
------------------ Locate.com Results ------------------
No matches found.
------------ Strings.exe Qoologic Results ------------
C:\WINDOWS\USER.DAT: qoologic
C:\WINDOWS\USER.DAT: QOOLOGIC
-------------- Strings.exe Aspack Results -------------
C:\WINDOWS\VMMHIBER.W9X: ASPack
C:\WINDOWS\SYSTEM\Incinerator.dll: .aspack
----------------- HKLM Run Key ------------------
-------------- Strings.exe Umonitor Results -------------
-------------- Strings.exe Umonitor Results -------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ScanRegistry"="C:\\WINDOWS\\scanregw.exe /autorun"
"TaskMonitor"="C:\\WINDOWS\\taskmon.exe"
"PCHealth"="C:\\WINDOWS\\PCHealth\\Support\\PCHSchd.exe -s"
"SystemTray"="SysTray.Exe"
"LoadPowerProfile"="Rundll32.exe powrprof.dll,LoadCurrentPwrScheme"
"UpdReg"="C:\\WINDOWS\\Updreg.exe"
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"nwiz"="nwiz.exe /install"
"DIGStream"="C:\\Program Files\\DIGStream\\digstream.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"ccRegVfy"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe\""
"devldr16.exe"="C:\\WINDOWS\\SYSTEM\\devldr16.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
�
|