< %APPDATA%\Microsoft\*.* >
< %systemroot%\system32\config\systemprofile\*.dat /x >
[2007/01/03 01:00:56 | 000,492,154 | ---- | M] () -- C:\WINDOWS\system32\config\systemprofile\TRANSFORMS=1033.mst
< %USERPROFILE%\Desktop\*.exe >
[2011/04/29 16:17:33 | 012,521,992 | ---- | M] (Mozilla) -- C:\Documents and Settings\Scott Rowland\Desktop\Firefox Setup 4.0.1.exe
[2011/05/24 09:38:41 | 007,866,472 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Scott Rowland\Desktop\mseinstall.exe
[2010/01/17 17:22:02 | 000,676,736 | ---- | M] () -- C:\Documents and Settings\Scott Rowland\Desktop\setup.exe
[2009/01/02 13:31:05 | 000,607,640 | ---- | M] (Sun Microsystems, Inc.) -- C:\Documents and Settings\Scott Rowland\Desktop\xpiinstall-6u11-fcs-bin-b90-windows-i586-25_nov_2008.exe
[2 C:\Documents and Settings\Scott Rowland\Desktop\*.tmp files -> C:\Documents and Settings\Scott Rowland\Desktop\*.tmp -> ]
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\winn32\*.* >
< %USERPROFILE%\My Documents\*.exe >
[2008/02/20 21:53:05 | 059,196,712 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Scott Rowland\My Documents\iTunesSetup.exe
[2009/03/06 17:12:58 | 026,699,048 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Scott Rowland\My Documents\SafariSetup.exe
[5 C:\Documents and Settings\Scott Rowland\My Documents\*.tmp files -> C:\Documents and Settings\Scott Rowland\My Documents\*.tmp -> ]
< %USERPROFILE%\*.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/05/18 14:54:05 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/05/18 14:54:07 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/05/18 14:54:07 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe
< %ProgramFiles%\TinyProxy. >
< %systemroot%\system32\*.* /lockedfiles >
[2010/08/04 01:47:02 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll
[2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2004/08/10 06:00:00 | 000,127,213 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ega.cpi
[2005/08/16 05:36:00 | 000,000,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\h323log.txt
[2008/04/13 11:42:06 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\stdole2.tlb
[5 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.* /lockedfiles >
< %PROGRAMFILES%\*. >
[2008/10/12 20:50:01 | 000,000,000 | ---D | M] -- C:\Program Files\3ivx
[2009/09/06 11:35:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/10/15 17:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2010/10/17 16:55:36 | 000,000,000 | ---D | M] -- C:\Program Files\AIM Toolbar
[2009/10/14 21:21:16 | 000,000,000 | ---D | M] -- C:\Program Files\AIMTunes
[2011/04/25 12:57:46 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2007/01/03 01:09:18 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Companion
[2008/03/24 20:32:42 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Games
[2007/12/04 10:30:57 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Pictures
[2010/10/17 12:26:01 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Toolbar
[2008/08/25 15:31:11 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/08/02 15:51:00 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2010/06/05 16:00:29 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2007/03/05 16:00:15 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2007/01/03 01:11:01 | 000,000,000 | ---D | M] -- C:\Program Files\BAE
[2009/08/04 09:13:29 | 000,000,000 | ---D | M] -- C:\Program Files\Barbie(TM)
[2009/11/28 19:06:40 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2007/12/08 15:52:24 | 000,000,000 | ---D | M] -- C:\Program Files\BookSmart
[2007/08/11 09:04:43 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2009/08/09 21:30:30 | 000,000,000 | ---D | M] -- C:\Program Files\Brother
[2009/04/13 12:10:12 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2008/05/15 10:56:31 | 000,000,000 | ---D | M] -- C:\Program Files\ClickToConvert
[2011/03/07 17:19:49 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2007/01/06 16:59:55 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/05/19 18:29:19 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2011/06/03 09:44:24 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2007/01/03 00:43:56 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2007/01/03 01:02:47 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2007/01/03 01:15:41 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2007/01/03 01:13:20 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support
[2008/02/10 10:39:11 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/01/03 01:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2009/04/21 12:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\DIGStream
[2007/06/01 19:15:00 | 000,000,000 | ---D | M] -- C:\Program Files\Disney
[2007/01/03 01:14:42 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink Setup
[2008/07/18 22:20:45 | 000,000,000 | ---D | M] -- C:\Program Files\eBay Desktop
[2008/09/26 17:50:04 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2005/08/16 21:51:50 | 000,000,000 | ---D | M] -- C:\Program Files\EnglishOtto
[2005/08/16 21:54:50 | 000,000,000 | ---D | M] -- C:\Program Files\ESPNMotion
[2011/01/14 14:04:04 | 000,000,000 | ---D | M] -- C:\Program Files\FileOpen
[2011/04/07 15:09:19 | 000,000,000 | ---D | M] -- C:\Program Files\FunWebProducts
[2011/03/25 15:52:17 | 000,000,000 | ---D | M] -- C:\Program Files\Garden Inn eDirectory
[2011/05/28 05:41:13 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/03/25 11:17:36 | 000,000,000 | ---D | M] -- C:\Program Files\Hampton Hotels eDirectory
[2009/12/10 17:51:48 | 000,000,000 | ---D | M] -- C:\Program Files\HP DeskJet 895C Series
[2010/10/17 07:35:05 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2007/01/03 01:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2007/01/03 01:01:15 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/04/16 03:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/11/27 17:51:45 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2009/11/27 17:52:25 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/07/25 16:16:17 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2007/01/03 01:09:17 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2008/03/23 12:19:19 | 000,000,000 | ---D | M] -- C:\Program Files\LEGO Media
[2011/01/15 22:34:02 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys
[2011/02/28 19:21:19 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/07/21 18:26:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mattel Interactive
[2008/10/05 19:11:23 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/08/10 14:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2005/08/16 05:43:46 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2008/03/29 13:21:03 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2008/06/11 17:13:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/03/27 11:04:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Live
[2009/08/10 14:22:07 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office Outlook Connector
[2007/01/03 01:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2007/01/03 01:08:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/05/11 03:22:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2009/08/10 11:47:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Small Business
[2008/03/29 10:47:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2009/08/10 14:01:12 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/08/10 11:47:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio .NET 2003
[2009/08/10 14:01:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/10/18 13:49:09 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/01/12 11:41:50 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2010/10/17 17:10:08 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/05/18 14:55:46 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/07/25 16:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2008/06/11 17:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/12/12 16:05:54 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/08/16 05:37:30 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/01/08 04:01:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/04/03 07:59:01 | 000,000,000 | ---D | M] -- C:\Program Files\MTV Networks
[2007/01/03 01:07:35 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2008/10/12 20:57:54 | 000,000,000 | ---D | M] -- C:\Program Files\muvee Technologies
[2008/09/03 09:52:58 | 000,000,000 | ---D | M] -- C:\Program Files\Netflix
[2008/10/05 19:05:11 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2007/01/03 01:01:40 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2009/08/02 15:52:06 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2010/01/17 17:26:43 | 000,000,000 | ---D | M] -- C:\Program Files\Norton 360
[2010/07/12 14:35:54 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Support
[2010/01/17 17:24:43 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2009/08/09 21:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\Nuance
[2011/05/17 22:30:52 | 000,000,000 | ---D | M] -- C:\Program Files\Object
[2005/08/16 05:38:24 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/15 04:00:39 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2008/01/06 15:17:35 | 000,000,000 | ---D | M] -- C:\Program Files\OVT
[2011/06/03 09:44:30 | 000,000,000 | ---D | M] -- C:\Program Files\PHPNukeEN
[2008/03/15 09:26:30 | 000,000,000 | ---D | M] -- C:\Program Files\Promosoft Corporation
[2009/11/27 17:49:20 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2007/03/03 17:54:01 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/07/25 16:21:22 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/08/16 21:58:50 | 000,000,000 | ---D | M] -- C:\Program Files\RGB
[2007/01/03 01:10:05 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2009/03/06 17:14:49 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2009/08/09 21:22:50 | 000,000,000 | ---D | M] -- C:\Program Files\ScanSoft
[2009/10/11 17:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra On-Line
[2007/01/03 00:58:07 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2008/11/10 18:01:49 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDraw 2009
[2007/01/03 01:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2009/05/03 17:36:11 | 000,000,000 | ---D | M] -- C:\Program Files\Sound Source Interactive
[2008/07/25 10:53:47 | 000,000,000 | ---D | M] -- C:\Program Files\Sun
[2010/10/17 16:57:23 | 000,000,000 | ---D | M] -- C:\Program Files\supportdotcom
[2011/05/22 07:44:05 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2011/05/31 21:33:52 | 000,000,000 | ---D | M] -- C:\Program Files\TestWorks
[2009/07/20 20:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\TrueSwitch
[2008/07/25 14:48:25 | 000,000,000 | ---D | M] -- C:\Program Files\UNIAP
[2005/08/16 05:50:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/06/15 20:03:28 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2011/05/16 18:58:46 | 000,000,000 | ---D | M] -- C:\Program Files\wbtooltb
[2010/10/16 15:43:36 | 000,000,000 | ---D | M] -- C:\Program Files\WebEx
[2007/01/06 16:31:53 | 000,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2010/10/18 15:08:28 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2009/08/10 14:10:01 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2007/04/03 07:55:20 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2007/04/03 07:55:19 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/10/05 19:05:08 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/08/16 05:37:56 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2010/01/17 17:26:36 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2005/08/16 05:40:46 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2009/09/07 19:29:51 | 000,000,000 | ---D | M] -- C:\Program Files\World of Warcraft Trial
[2005/08/16 05:43:46 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2007/01/30 23:06:59 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2007/09/30 13:25:13 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! Games
< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/10/05 19:01:31 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys
< MD5 for: IASTOR.SYS >
[2006/10/10 21:03:48 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\drivers\storage\R130118\iastor.sys
[2006/07/06 07:59:42 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\i386\iaStor.sys
[2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2010/10/16 15:19:30 | 000,246,784 | ---- | M] () MD5=247B56A916AC22A3E1AC8A16D36CC961 -- C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2009/06/04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\WINDOWS\system32\DRVSTORE\iaStor_BB5E44AE45FD56D7B2C2FE48CCE823F0A24DCF08\iaStor.sys
< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-23 07:00:31
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2004/09/01 12:56:34 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2004/09/01 12:56:32 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2004/09/01 12:56:34 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\chrome.exe\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/18 14:54:07 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/18 14:54:05 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2011/05/20 01:54:14 | 001,010,232 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2009/02/20 00:18:18 | 005,049,128 | ---- | M] (Apple Inc.)
========== Alternate Data Streams ==========
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2BDCFAD6
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B63300D1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2D5907B8
< End of report >
aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-03 10:11:35
-----------------------------
10:11:35.621 OS Version: Windows 5.1.2600 Service Pack 3
10:11:35.621 Number of processors: 2 586 0xF06
10:11:35.621 ComputerName: DF5YFBC1 UserName:
10:11:37.168 Initialize success
10:11:41.277 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:11:41.277 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238418MB BusType: 8
10:11:41.309 Disk 0 MBR read successfully
10:11:41.309 Disk 0 MBR scan
10:11:41.309 Disk 0 unknown MBR code
10:11:41.324 Disk 0 scanning sectors +488263545
10:11:41.355 Disk 0 scanning C:\WINDOWS\system32\drivers
10:11:48.277 Service scanning
10:11:49.324 Disk 0 trace - called modules:
10:11:49.324 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:11:49.340 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a808030]
10:11:49.340 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a809028]
10:11:49.340 Scan finished successfully
10:12:15.387 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\MBR.dat"
10:12:15.402 The log file has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\aswMBR.txt"
aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-06-03 10:11:35
-----------------------------
10:11:35.621 OS Version: Windows 5.1.2600 Service Pack 3
10:11:35.621 Number of processors: 2 586 0xF06
10:11:35.621 ComputerName: DF5YFBC1 UserName:
10:11:37.168 Initialize success
10:11:41.277 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:11:41.277 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238418MB BusType: 8
10:11:41.309 Disk 0 MBR read successfully
10:11:41.309 Disk 0 MBR scan
10:11:41.309 Disk 0 unknown MBR code
10:11:41.324 Disk 0 scanning sectors +488263545
10:11:41.355 Disk 0 scanning C:\WINDOWS\system32\drivers
10:11:48.277 Service scanning
10:11:49.324 Disk 0 trace - called modules:
10:11:49.324 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:11:49.340 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a808030]
10:11:49.340 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8a809028]
10:11:49.340 Scan finished successfully
10:12:15.387 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\MBR.dat"
10:12:15.402 The log file has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\aswMBR.txt"
10:20:42.277 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\MBR.dat"
10:20:42.293 The log file has been saved successfully to "C:\Documents and Settings\Scott Rowland\Desktop\aswMBR.txt"
Results of screen317's Security Check version 0.99.12
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Norton 360
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 24
Java(TM) 6 Update 3
Out of date Java installed!
Flash Player Out of Date!
Adobe Flash Player 10.2.159.1
Adobe Reader 9.4.2
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Norton ccSvcHst.exe
``````````End of Log````````````