Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

UACd.sys Virus, or something? Disabled Malwarebytes, blue screen of de

Started by BroncoWizard , Dec 20 2009 12:44 PM

This topic is locked

#1
BroncoWizard

Posted 20 December 2009 - 12:44 PM

Member

Member
22 posts

A window popped up and it really is a Windows window..and it says on the heading in the blue: Google Installer. In the error message it says Google Installer has encountered a problem and needs to close. Then you can report the error.. which I did. It took me to a site that said that my computer is infected with UACd.sys virus. It gave directions to remove it, starting with opening hidden drivers in Device Manager, find it and disable it.. go get Avenger, and other instructions. I also get a shield on the bottom of my computer screen that has a red X in it and it says Windows Secuirty is off and when i press turn on it says windows security center cant be turned on. Then i tried to turn on my Mcafee suite but it wont even turn on. I tried to uninstall it and then try to reninstall it again and when i try to download it teh firewall will download but the virusscan part wont download. Then i tried to run malwarebytes but it wont even turn on. Then i tried to run my Avira AntiVir Control Center and that wont even turn on. And i ALSO GET THE BLUE SCREEN OF DEATH SCREEN ALOT to and i got a message taht said my blue screen of death is caused by a virus. AND ALSO MY COMPTUER SCREEN ALSO BECAME REAL SMALLER and my desktop backround became smaller and now has a blue screen behind it.

So I did the first step by looking for the hidden driver and it isn't there, so I can't proceed further. I saw on another site that this person had this virus too, and it didn't show up in their hidden drivers either.

So I went to run Malwarebytes again and it won't run. I am getting audio advertisements running behind whatever I am doing... no video anywhere... I don't even have to have my Internet Browser running for it to start playing. It is commercials.

I am lost and really need help. Computer is slow and jittery, I can't run anti-malware, I think I have windowsclick virus and whatever this UACd.sys is.. but its hard to get rid of and I need help. I am computer literate.. I can follow directions if told what to do. I just have worked a long time on my own trying to fix this...Please help!!

I copied and pasted some parts from another post becasuse that person has the same problem but i didnt know how to fix it still so PLEASE HELPPP!!!!

#2
kahdah

Posted 20 December 2009 - 02:14 PM

GeekU Teacher

Retired Staff
15,822 posts

Hello BroncoWizard

Welcome to G2Go.

=====================

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Under Custom scan's and fixes section paste in the below in bold

%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
CREATERESTOREPOINT
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

====================
Download the following GMER Rootkit Scanner from Here

Download the randomly named EXE file to your Desktop. Remember what its name is since it is randomly named.
Double click on the new random named exe file you downloaded and run it. If prompted about the Security Warning and Unknown Publisher go ahead and click on Run
It may take a minute to load and become available.
If it gives you a warning about rootkit activity and asks if you want to run a full scan...click on NO, then use the following settings for a more complete scan..
In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED
Sections
IAT/EAT
Drives/Partition other than Systemdrive (typically only C:\ should be checked)
Show All (don't miss this one)
Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
Save it where you can easily find it, such as your desktop
**Caution** Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
Click OK and quit the GMER program.
Note: On Firefox you need to go to Tools/Options/Main then under the Downloads section, click on Always ask me where to save files so that you can choose the name and where to save to, in this case your Desktop.

#3
BroncoWizard

Posted 20 December 2009 - 04:43 PM

Member

Topic Starter
Member
22 posts

This is the OTL.Txt

OTL logfile created on: 12/20/2009 3:32:54 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Users\Denver Broncos\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 0.56 Gb Free Space | 0.40% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.67 Gb Free Space | 66.73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENVERBRONCO-PC
Current User Name: Denver Broncos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/20 15:30:04 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Denver Broncos\Desktop\OTL.exe
PRC - [2009/11/21 01:42:38 | 00,638,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/10/14 13:36:56 | 02,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 00,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 00,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/05/19 18:26:22 | 03,561,720 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2009/04/14 02:33:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/04/11 01:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/02 21:07:18 | 00,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe
PRC - [2008/12/09 17:40:16 | 00,464,264 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\AskService.exe
PRC - [2008/12/09 17:40:16 | 00,234,888 | ---- | M] () -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/09/20 14:14:56 | 00,160,592 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2008/06/02 10:13:26 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/06/02 10:13:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/01/19 02:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2007/10/31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/08/30 10:50:42 | 00,205,480 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2007/06/05 12:20:32 | 00,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2007/05/31 18:28:31 | 00,185,784 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2007/02/08 00:16:24 | 00,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/11/05 10:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
PRC - [2006/10/26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2006/10/20 16:23:38 | 00,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

========== Modules (SafeList) ==========

MOD - [2009/12/20 15:30:04 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Denver Broncos\Desktop\OTL.exe
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (UleadBurningHelper)
SRV - File not found [On_Demand | Stopped] -- -- (Roxio UPnP Renderer 11)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - [2009/11/04 16:53:34 | 00,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Stopped] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/11/04 15:59:50 | 00,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/29 06:54:44 | 00,865,832 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/10/28 11:50:32 | 00,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/10/27 11:19:46 | 00,895,696 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/10/07 01:47:34 | 00,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/09/24 20:27:04 | 00,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/05 22:08:40 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/08 20:22:22 | 00,068,112 | ---- | M] (McAfee) [On_Demand | Stopped] -- C:\Program Files\McAfee\MBK\MBackMonitor.exe -- (MBackMonitor)
SRV - [2009/07/08 11:54:34 | 00,359,952 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 02,482,848 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/09 20:20:49 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/04/14 02:33:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/03/29 22:19:01 | 00,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9b0e650e494b0) Google Update Service (gupdate1c9b0e650e494b0)
SRV - [2009/03/29 22:18:32 | 00,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/09 17:40:16 | 00,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/12/09 17:40:16 | 00,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/06/02 10:13:16 | 00,504,104 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/01/19 02:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/31 14:09:16 | 00,110,592 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007/06/05 12:20:32 | 00,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/07 12:27:02 | 00,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/05 10:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 10:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) [Auto | Running] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/10/26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/10/26 18:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/09/14 13:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - [2009/12/07 20:16:27 | 00,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/11/04 16:54:12 | 00,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/11/04 16:54:12 | 00,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/11/04 16:54:12 | 00,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 16:54:12 | 00,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/10/07 08:49:40 | 06,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)
DRV - [2009/10/07 08:48:20 | 00,066,456 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvselsus.sys -- (lvselsus)
DRV - [2009/10/07 08:47:56 | 00,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 01:46:36 | 00,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/09/16 09:22:14 | 00,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/07/16 12:32:26 | 00,130,424 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2009/06/09 20:20:49 | 00,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/04/27 14:24:50 | 00,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/04/17 19:48:14 | 00,009,344 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\grmnusb.sys -- (grmnusb)
DRV - [2009/04/14 02:33:00 | 07,766,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/04/10 23:42:54 | 00,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/02/13 10:35:05 | 00,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/07/26 14:26:22 | 00,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/06/16 03:00:00 | 00,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008/01/29 11:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2007/10/31 14:09:14 | 00,030,464 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2007/08/17 21:38:49 | 00,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2007/08/09 17:12:30 | 00,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007/05/04 04:47:54 | 00,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/05/04 04:47:54 | 00,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/05/04 04:47:54 | 00,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/02/09 11:34:16 | 00,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2007/02/08 19:05:30 | 00,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 19:05:30 | 00,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2007/02/08 00:16:26 | 00,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:43 | 02,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 00,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2006/11/02 02:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/26 15:22:02 | 00,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 15:21:34 | 00,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 15:21:34 | 00,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 15:21:32 | 00,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 15:21:30 | 00,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 15:21:28 | 00,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 15:21:26 | 00,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 15:21:24 | 00,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 14:43:52 | 00,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/07/21 10:21:26 | 00,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/10/20 22:58:58 | 00,016,496 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPZipr12.sys -- (HPZipr12)
DRV - [2005/10/20 22:58:52 | 00,049,920 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPZid412.sys -- (HPZid412)
DRV - [2005/10/20 22:52:48 | 00,021,568 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HPZius12.sys -- (HPZius12)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.n...lbar2.0/search/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.denverbroncos.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect...fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.9.90
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091216W
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.2.20080910
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.8
FF - prefs.js..keyword.URL: "http://slirsredirect...0fftrab&query="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - HKLM\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2008/09/20 14:15:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/07/28 21:25:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/04/29 21:37:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/03 13:37:02 | 00,000,000 | ---D | M]

[2009/03/06 21:22:10 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Extensions
[2008/09/14 14:41:45 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/03/06 21:22:10 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/12/18 17:39:58 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Firefox\Profiles\41yg6utu.default\extensions
[2009/11/03 22:46:17 | 00,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Firefox\Profiles\41yg6utu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/18 17:39:58 | 00,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Firefox\Profiles\41yg6utu.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/09/29 15:34:50 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Firefox\Profiles\41yg6utu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/14 20:04:29 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Firefox\Profiles\41yg6utu.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/09/14 20:04:32 | 00,004,207 | ---- | M] () -- C:\Users\Denver Broncos\AppData\Roaming\Mozilla\Firefox\Profiles\41yg6utu.default\searchplugins\aim-search.xml
[2009/04/17 23:43:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/04/29 21:37:49 | 00,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/29 21:37:36 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/04/29 21:37:36 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/05/17 22:25:34 | 00,135,168 | ---- | M] (Google) -- C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
[2007/04/10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2008/10/17 13:29:52 | 01,332,224 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2007/09/28 11:06:10 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2008/09/26 11:40:34 | 00,053,248 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
[2008/06/27 15:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2009/04/29 21:37:43 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 19:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2009/02/27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2007/05/31 18:28:48 | 00,144,872 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2008/06/17 01:20:17 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2008/06/17 01:20:17 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2008/06/17 01:20:17 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2008/06/17 01:20:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2008/06/17 01:20:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2008/06/17 01:20:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2008/06/17 01:20:18 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2005/04/27 15:10:49 | 00,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll
[2007/05/31 18:28:57 | 00,024,621 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2007/05/31 18:28:37 | 00,081,967 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2008/10/15 18:04:06 | 00,221,184 | ---- | M] (CNN) -- C:\Program Files\Mozilla Firefox\plugins\NPTURNMED.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2009/04/29 21:37:45 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/04/29 21:37:45 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/04/29 21:37:45 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/04/29 21:37:45 | 00,002,343 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/04/29 21:37:45 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/04/29 21:37:45 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/04/29 21:37:46 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (143 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.62 antispy.microsoft.com
O1 - Hosts: 209.44.111.62 antiaware-pro.com
O1 - Hosts: 209.44.111.62 www.antiaware-pro.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D79559E8-9991-41C5-AA2B-A96EC766F43F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Comcast Toolbar) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\Program Files\ComcastToolbar\comcasttoolbar.dll (Comcast Cable Communications. )
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe File not found
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Logitech Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [oovoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo)
O4 - HKCU..\Run: [richtx64.exe] C:\Users\DENVER~1\AppData\Local\Temp\richtx64.exe File not found
O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [S45] C:\Users\Denver Broncos\f.exe File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ttool] C:\Windows\srcdll.exe File not found
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\Denver Broncos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} http://www.ooxtv.com/stream.ocx (KooPlayer Control)
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} http://ax.emsisoft.com/asquared.cab (a-squared Scanner)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...837/mcfscan.cab (McFreeScan Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.246 68.87.71.230
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7213c8a5-1afe-11de-85e2-00188b70f5fd}\Shell - "" = AutoRun
O33 - MountPoints2\{7213c8a5-1afe-11de-85e2-00188b70f5fd}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found
O33 - MountPoints2\{d5080f08-a5ff-11de-a65c-00188b70f5fd}\Shell\Auto\command - "" = G:\launcher.exe -- File not found
O33 - MountPoints2\{d5080f08-a5ff-11de-a65c-00188b70f5fd}\Shell\AutoRun\command - "" = C:\Windows\System32\shell32.dll -- [2009/04/11 01:28:24 | 11,584,000 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\RunGame.exe -- File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\RunGame.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\RunGame.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2009/12/20 15:30:54 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Denver Broncos\Desktop\OTL.exe
[2009/12/19 17:37:19 | 00,000,000 | ---D | C] -- C:\Windows\McAfee.com
[2009/12/19 17:33:44 | 00,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys
[2009/12/19 17:33:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/12/19 17:33:23 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2009/12/19 17:33:22 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/12/19 17:06:57 | 00,000,000 | ---D | C] -- C:\ProgramData\AOL OCP
[2009/12/19 14:51:29 | 00,195,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2009/12/19 14:51:09 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2009/12/19 14:51:09 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2009/12/19 13:18:50 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2009/12/19 13:17:57 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
[2009/12/19 13:17:56 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2009/12/19 13:17:56 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2009/12/19 13:17:34 | 00,000,000 | ---D | C] -- C:\NVIDIA
[2009/12/19 13:17:32 | 00,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2009/12/19 13:17:32 | 00,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2009/12/19 13:17:31 | 00,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2009/12/19 13:17:31 | 00,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2009/12/19 13:17:31 | 00,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2009/12/19 13:17:31 | 00,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2009/12/19 13:17:31 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2009/12/19 13:17:30 | 01,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2009/12/19 13:17:30 | 01,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2009/12/19 13:17:30 | 00,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
[2009/12/19 13:17:30 | 00,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2009/12/19 13:17:30 | 00,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2009/12/19 13:17:30 | 00,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2009/12/19 13:17:30 | 00,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2009/12/19 13:17:30 | 00,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2009/12/19 13:17:30 | 00,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2009/12/19 13:17:30 | 00,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe
[2009/12/19 13:17:30 | 00,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2009/12/19 13:17:30 | 00,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2009/12/19 13:17:30 | 00,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2009/12/19 13:17:30 | 00,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2009/12/19 13:17:29 | 01,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2009/12/19 13:17:29 | 00,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2009/12/19 13:17:29 | 00,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2009/12/19 13:17:29 | 00,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2009/12/19 13:17:05 | 00,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll
[2009/12/19 13:17:05 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe
[2009/12/19 13:17:03 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll
[2009/12/19 13:17:02 | 00,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2009/12/19 13:17:02 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtpUS.dll
[2009/12/19 13:17:02 | 00,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdConns.dll
[2009/12/19 13:17:01 | 00,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2009/12/19 13:17:01 | 00,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2009/12/19 13:17:01 | 00,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WpdMtp.dll
[2009/12/19 13:17:01 | 00,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/12/19 13:17:01 | 00,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
[2009/12/19 13:17:01 | 00,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/12/19 13:16:22 | 00,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2009/12/19 13:16:22 | 00,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2009/12/19 13:14:33 | 00,000,000 | ---D | C] -- C:\Users\Denver Broncos\AppData\Roaming\DeviceDoctorSoftware
[2009/12/19 13:14:29 | 00,000,000 | ---D | C] -- C:\Program Files\Device Doctor
[2009/12/19 13:14:27 | 00,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2009/12/19 13:14:00 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2009/12/19 13:13:59 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/12/19 13:13:39 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2009/12/19 13:13:39 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2009/12/19 12:37:18 | 00,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2009/12/19 12:36:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2009/12/18 18:12:21 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2009/12/18 18:11:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Dell
[2009/12/18 18:11:46 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2009/12/18 18:11:43 | 00,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2009/12/18 18:09:20 | 00,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2009/12/18 18:07:15 | 00,000,000 | ---D | C] -- C:\Users\Denver Broncos\Desktop\Driver.Updater.Pro-v2.2.6.0.Inc.Serial
[2009/12/15 22:33:23 | 00,000,000 | ---D | C] -- C:\Users\Denver Broncos\Desktop\New Folder (2)
[2009/12/09 15:04:36 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/12/09 15:04:36 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/12/09 15:04:36 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/12/09 15:04:35 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/12/09 15:04:35 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/12/09 15:04:35 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/12/09 15:04:35 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/12/09 15:04:35 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/12/09 15:04:35 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/12/09 15:04:35 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/12/09 15:04:35 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/12/09 15:04:35 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/12/09 15:04:35 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/12/09 15:04:35 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/12/09 15:04:23 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2009/11/25 07:48:57 | 00,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2009/11/22 16:18:32 | 00,000,000 | ---D | C] -- C:\Program Files\SopCast
[2009/11/22 15:08:08 | 00,000,000 | ---D | C] -- C:\Users\Denver Broncos\Desktop\SopCast-3.2.4
[2009/11/21 00:13:05 | 00,000,000 | ---D | C] -- C:\Users\Denver Broncos\Desktop\RIA
[2007/08/17 21:38:49 | 00,047,360 | ---- | C] (VSO Software) -- C:\Users\Denver Broncos\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2009/12/20 15:35:00 | 00,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{02165258-0B07-43B9-B88D-F655AF953405}.job
[2009/12/20 15:34:26 | 04,194,304 | -HS- | M] () -- C:\Users\Denver Broncos\ntuser.dat
[2009/12/20 15:30:04 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Denver Broncos\Desktop\OTL.exe
[2009/12/20 15:22:19 | 00,004,080 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/20 15:22:19 | 00,004,080 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/20 15:00:00 | 00,000,504 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2009/12/20 14:48:45 | 00,707,452 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/20 14:48:45 | 00,606,678 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/20 14:48:45 | 00,105,678 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/20 14:41:03 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/20 14:03:10 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/12/20 13:41:05 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/20 13:23:13 | 00,000,202 | ---- | M] () -- C:\Windows\System32\srcr.dat
[2009/12/20 13:22:20 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/20 13:22:12 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/20 13:22:04 | 00,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2009/12/20 13:01:15 | 00,524,288 | -HS- | M] () -- C:\Users\Denver Broncos\ntuser.dat{8fc9c0be-bffa-11dd-a5c1-00188b70f5fd}.TMContainer00000000000000000001.regtrans-ms
[2009/12/20 13:01:15 | 00,065,536 | -HS- | M] () -- C:\Users\Denver Broncos\ntuser.dat{8fc9c0be-bffa-11dd-a5c1-00188b70f5fd}.TM.blf
[2009/12/20 12:58:41 | 12,208,2212 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/12/20 12:35:01 | 00,000,674 | ---- | M] () -- C:\Windows\System32\krl32mainweq.dll
[2009/12/20 12:34:09 | 00,000,358 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2009/12/20 12:34:09 | 00,000,336 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2009/12/19 17:34:28 | 00,004,667 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2009/12/19 17:34:22 | 00,000,773 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2009/12/19 13:24:47 | 00,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid.lnk
[2009/12/19 13:24:28 | 00,000,979 | ---- | M] () -- C:\Users\Denver Broncos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2009/12/19 13:24:18 | 00,001,952 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software.lnk
[2009/12/19 13:18:46 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/12/19 13:18:36 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/12/19 13:14:33 | 00,000,861 | ---- | M] () -- C:\Users\Public\Desktop\Device Doctor.lnk
[2009/12/18 18:05:44 | 02,631,234 | ---- | M] () -- C:\Users\Denver Broncos\Desktop\Driver.Updater.Pro-v2.2.6.0.Inc.Serial.rar
[2009/12/17 20:36:20 | 00,000,668 | ---- | M] () -- C:\Users\Denver Broncos\AppData\Roaming\vso_ts_preview.xml
[2009/12/17 20:13:35 | 00,006,944 | ---- | M] () -- C:\Users\Denver Broncos\AppData\Local\d3d9caps.dat
[2009/12/17 18:53:21 | 00,191,488 | ---- | M] () -- C:\Users\Denver Broncos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/17 18:42:31 | 00,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2009/12/14 20:23:56 | 00,015,425 | ---- | M] () -- C:\Users\Denver Broncos\Documents\Chapter 18 outline.docx
[2009/12/14 15:50:00 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009/12/13 22:05:42 | 00,014,808 | ---- | M] () -- C:\Users\Denver Broncos\Documents\Take-Home exam TCIOTDITNT.docx
[2009/12/07 22:24:52 | 00,014,639 | ---- | M] () -- C:\Users\Denver Broncos\Documents\Chapter 17.docx
[2009/12/07 20:16:27 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/12/06 00:52:37 | 00,002,035 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/11/30 23:37:12 | 00,016,524 | ---- | M] () -- C:\Users\Denver Broncos\Documents\Chapter 16 Outline.docx
[2009/11/23 23:43:39 | 00,019,203 | ---- | M] () -- C:\Users\Denver Broncos\Documents\Chapter 15 Outline.docx
[2009/11/22 16:18:33 | 00,000,750 | ---- | M] () -- C:\Users\Denver Broncos\Desktop\SopCast.lnk
[2009/11/21 01:35:38 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/11/21 01:35:38 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/11/21 01:34:58 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/11/21 01:34:52 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/11/21 01:34:39 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/11/21 01:34:39 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/11/21 01:34:39 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/11/21 01:34:38 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/11/21 01:34:38 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/11/21 01:34:33 | 00,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/11/20 23:59:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/11/20 23:59:52 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/11/20 23:59:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/11/20 23:58:54 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

========== Files Created - No Company Name ==========

[2009/12/19 17:34:28 | 00,004,667 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2009/12/19 17:34:22 | 00,000,773 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2009/12/19 17:33:36 | 00,000,358 | ---- | C] () -- C:\Windows\tasks\McDefragTask.job
[2009/12/19 17:33:31 | 00,000,336 | ---- | C] () -- C:\Windows\tasks\McQcTask.job
[2009/12/19 13:24:27 | 00,000,979 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2009/12/19 13:18:46 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/12/19 13:18:36 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/12/19 13:14:33 | 00,000,861 | ---- | C] () -- C:\Users\Public\Desktop\Device Doctor.lnk
[2009/12/18 18:05:45 | 02,631,234 | ---- | C] () -- C:\Users\Denver Broncos\Desktop\Driver.Updater.Pro-v2.2.6.0.Inc.Serial.rar
[2009/12/17 20:15:44 | 00,000,674 | ---- | C] () -- C:\Windows\System32\krl32mainweq.dll
[2009/12/17 20:14:43 | 00,000,202 | ---- | C] () -- C:\Windows\System32\srcr.dat
[2009/12/14 19:29:33 | 00,015,425 | ---- | C] () -- C:\Users\Denver Broncos\Documents\Chapter 18 outline.docx
[2009/12/13 19:47:35 | 00,014,808 | ---- | C] () -- C:\Users\Denver Broncos\Documents\Take-Home exam TCIOTDITNT.docx
[2009/12/07 21:35:58 | 00,014,639 | ---- | C] () -- C:\Users\Denver Broncos\Documents\Chapter 17.docx
[2009/12/06 00:52:37 | 00,002,035 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2009/11/30 21:33:56 | 00,016,524 | ---- | C] () -- C:\Users\Denver Broncos\Documents\Chapter 16 Outline.docx
[2009/11/22 19:44:32 | 00,019,203 | ---- | C] () -- C:\Users\Denver Broncos\Documents\Chapter 15 Outline.docx
[2009/11/22 16:18:33 | 00,000,750 | ---- | C] () -- C:\Users\Denver Broncos\Desktop\SopCast.lnk
[2009/10/07 01:46:36 | 00,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 00,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/09/10 23:32:19 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/01 14:14:32 | 00,000,102 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Local\fusioncache.dat
[2009/04/30 21:39:36 | 00,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/12/21 12:19:11 | 00,006,944 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Local\d3d9caps.dat
[2008/11/29 18:37:01 | 00,000,008 | RHS- | C] () -- C:\Windows\System32\1A46F2F810.sys
[2008/11/29 01:19:48 | 00,000,000 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Local\rx_image32.Cache
[2008/11/23 16:42:41 | 00,124,432 | ---- | C] () -- C:\Windows\System32\PanInstaller.dll
[2008/11/23 16:42:39 | 00,083,480 | ---- | C] () -- C:\Windows\System32\FirstLoad.dll
[2008/08/10 23:45:32 | 00,000,088 | ---- | C] () -- C:\Windows\System32\7842477DC8.sys
[2008/08/10 23:29:40 | 00,005,018 | ---- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/07/15 00:06:32 | 00,000,668 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\vso_ts_preview.xml
[2008/05/30 15:06:01 | 00,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/05/30 15:05:51 | 00,564,224 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2008/05/30 15:05:50 | 01,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/05/30 15:05:50 | 00,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/05/30 15:05:48 | 00,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/05/30 15:05:48 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/05/11 19:57:25 | 00,000,001 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\FrontEndCD.ini
[2008/03/04 17:52:34 | 00,286,720 | ---- | C] () -- C:\Windows\System32\libcurl.dll
[2007/10/31 08:39:54 | 00,059,904 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2007/09/28 11:07:52 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/09/28 11:05:50 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2007/09/28 11:05:50 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2007/09/28 11:05:08 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/08/19 17:50:24 | 00,000,028 | ---- | C] () -- C:\Windows\v2d.INI
[2007/08/19 02:21:16 | 00,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2007/08/19 02:21:13 | 00,598,016 | ---- | C] () -- C:\Windows\System32\viscomqtde.dll
[2007/08/18 03:31:39 | 00,000,067 | ---- | C] () -- C:\Windows\Easy Video to DVD.INI
[2007/08/17 21:39:56 | 00,000,034 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\pcouffin.log
[2007/08/17 21:38:50 | 00,087,608 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\inst.exe
[2007/08/17 21:38:50 | 00,007,887 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\pcouffin.cat
[2007/08/17 21:38:49 | 00,001,144 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\pcouffin.inf
[2007/07/26 20:53:32 | 00,006,386 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\.googlewebacchosts
[2007/07/17 18:24:14 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hpzids01.dll
[2007/06/26 20:21:45 | 00,000,000 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Roaming\wklnhst.dat
[2007/05/20 18:31:54 | 00,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2007/05/20 18:31:53 | 00,000,291 | ---- | C] () -- C:\Windows\wininit.ini
[2007/05/17 12:58:10 | 00,143,360 | ---- | C] () -- C:\Windows\System32\libexpatw.dll
[2007/05/13 19:09:57 | 00,191,488 | ---- | C] () -- C:\Users\Denver Broncos\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 14:25:58 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 05:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/16 22:36:50 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 22:36:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2005/01/19 18:23:28 | 00,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

========== LOP Check ==========

[2008/09/25 17:34:21 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\acccore
[2008/07/12 23:58:37 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Ashampoo
[2009/05/23 15:26:35 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Azureus
[2009/12/18 18:13:29 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\ComcastToolbar
[2008/09/02 15:18:51 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\COWON
[2009/12/19 13:14:33 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\DeviceDoctorSoftware
[2008/11/29 18:37:10 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\InterVideo
[2008/09/22 13:51:31 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Leadertech
[2009/12/17 18:24:12 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\LimeWire
[2009/06/27 02:22:14 | 00,000,000 | -HSD | M] -- C:\Users\Denver Broncos\AppData\Roaming\lowsec
[2009/02/10 16:10:23 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\NCH Swift Sound
[2009/04/17 23:39:49 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\ooVoo Details
[2007/06/26 20:21:47 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Template
[2008/08/14 21:37:13 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\TuneUp Software
[2008/12/01 17:54:34 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Ulead Systems
[2009/12/17 20:36:21 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\Vso
[2007/09/23 16:11:40 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\WebCompiler2
[2009/04/18 14:43:07 | 00,000,000 | ---D | M] -- C:\Users\Denver Broncos\AppData\Roaming\ZiggyTV
[2009/12/20 15:00:00 | 00,000,504 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2009/12/14 15:50:00 | 00,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009/12/20 12:34:09 | 00,000,358 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2009/12/20 12:34:09 | 00,000,336 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2009/12/20 02:39:25 | 00,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/12/20 15:35:00 | 00,000,440 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{02165258-0B07-43B9-B88D-F655AF953405}.job

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2007/05/04 04:47:20 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\drivers\AGP440.sys
[2007/05/04 04:47:20 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_8ed06b47\AGP440.sys
[2007/05/04 04:47:20 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=8B10CE1C1F9F1D47E4DEB1A547A00CD4 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.16400_none_b82caac9c18a4e3b\AGP440.sys
[2007/05/04 04:47:20 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=BF34B4A0E0B64440C5389AA6B902F4AD -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20496_none_b85af81edaeb8461\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2007/05/04 04:48:05 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=5653737BAD8C6C10136451C195C19881 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20485_none_db8a029f3dbd443b\atapi.sys
[2007/05/04 04:47:54 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\drivers\atapi.sys
[2007/05/04 04:47:54 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_5a9555b4\atapi.sys
[2007/05/04 04:47:54 | 00,021,688 | ---- | M] (Microsoft Corporation) MD5=9E7E85EC61D1C9C3171CC08427108863 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20509_none_dbe4850d3d78c736\atapi.sys
[2007/05/04 04:48:04 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_82339ef2\atapi.sys
[2007/05/04 04:48:04 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=A779CA2C76DA4FCB595E692C05E8E4EB -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16391_none_daf194c024ab5b06\atapi.sys
[2008/01/19 00:06:48 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/01/19 00:06:48 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/01/18 23:33:23 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_64dfd8ea\atapi.sys
[2008/01/18 23:33:23 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Drivers\system\r148912\nvstor.sys
[2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys
[2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvstor.inf_f48b8337\nvstor.sys
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2007/08/09 17:12:30 | 00,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\drivers\nvstor32.sys
[2007/08/09 17:12:30 | 00,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_99d8b088\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 02:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 04:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< End of report >

This is the Extras.txt

OTL Extras logfile created on: 12/20/2009 3:32:54 PM - Run 1
OTL by OldTimer - Version 3.1.19.0 Folder = C:\Users\Denver Broncos\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 58.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 0.56 Gb Free Space | 0.40% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.67 Gb Free Space | 66.73% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DENVERBRONCO-PC
Current User Name: Denver Broncos
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001BDC74-3CE9-4C07-B2D0-E8E56FF19E69}" = lport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{0B536497-5CDB-4B88-8479-0F8000667053}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{478BB88D-3A9F-4946-A83C-F9935EE5F82A}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{5383F373-12E1-45BB-BF5D-01B3E0590102}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{72B7890F-BC20-4769-BBE9-E341374B6D7B}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
"{8A5E13DD-4D8D-4C3A-B890-E0DF88BC491B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B98AAF56-D669-40F6-8127-F76CD3905E0C}" = lport=57845 | protocol=6 | dir=in | name=pando p2p tcp listening port |
"{C20DAB3F-87A9-4CA9-8B34-D8F4A8B2E884}" = lport=57845 | protocol=17 | dir=in | name=pando p2p udp listening port |
"{E0CFCB58-FE36-4B01-8077-C9C59361F276}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{ECFE92F8-198D-4E81-A037-2CA68A4C8F34}" = lport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F7E00B-86A8-48CD-8BCF-6273ADCBB6F8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{0815AF24-FA1E-417A-8600-E7CFBBAFB797}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{0B58E951-650B-4FF1-99AD-BE6BAC942F5C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{182AEEE0-021D-4908-A41B-EEC973016FC3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1A7740E6-AB32-48A8-91C7-4A17081D0EFB}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{2968C34E-D2F7-487A-834C-78671A586FBC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{41723ED6-3EC6-4B41-8A64-BC12F1C25636}" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"{4ABE45C7-C367-4646-AD2E-432E01C413E1}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{51A8AA86-0DAA-4333-B2A0-7D7429C6AE2D}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{66972AD4-088C-48AD-B8A6-2337D3029FFB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{69A4C0D5-89C9-4AA6-AC49-D51DB416D22A}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{701A7E1D-A3C8-4740-94DB-5DC1A37ABDDF}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{7155D195-4A4C-477C-8AB5-8012C43301B5}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{736F3628-DC0F-4279-BAF5-ED7250A1D7AA}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{7A31BB07-8A4F-4ADD-846F-B6A4B163A48D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7D844728-9930-40ED-A3B1-6663BC3FD517}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{8C18DE52-0002-4780-B301-33AAFB27DEFC}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{8CE6A917-4169-4496-8F46-DA96212CEAB7}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{917D65D6-AAE6-4D4D-944F-D4BE186BA2DE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9B513CAD-C7C2-45AE-88F3-5B90DA7CDF11}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{AA65D435-D748-4800-9FE9-199B374FE12B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{AEA680DC-C86B-42EE-9F67-ED5C49D09E33}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AFA676D4-7B53-4307-AEC8-69969D0D74A5}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{B6C05E32-26D9-4C60-A32A-E85258B011BC}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{B8EBAF92-7B1C-4D65-9329-66229C6D6CED}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe |
"{D67A97AE-B2AE-4669-B028-CB4D3A637C7F}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{DC864648-36AE-49B9-BCAF-78D51251BC29}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{E136E6B5-EDCC-457C-BA71-65004BA41145}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E3E5334E-2DC3-4393-BEFB-83DE926D7643}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E3FCEA50-1340-4D9E-A636-F53A8BE932CF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{E731FDF6-0D72-4FB5-8A96-959753B54C11}" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"{E9545C9F-79F5-4C18-9DC9-884F27158028}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{EAF4F970-A2A3-4807-A577-53352529D2E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{EBFE9FD9-737D-4B40-9603-C72315D3E8E8}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{FBAA8D33-FA50-4BA5-989C-18DD3C1C90D4}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"TCP Query User{32F55E41-B5EB-4BE6-B5B7-2C46D45DFB0A}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{928FA437-0A76-4D2E-8EBD-CEB0351E2395}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"UDP Query User{5B14E0BB-334C-46B6-968D-C6DA289DCFA4}C:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"UDP Query User{9DC7096D-F89B-4BA2-8AC7-4C65881C70B0}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{D575FBAA-D6D6-4221-A2C4-67541DB7AB5E}_is1" = Device Doctor 1.0.0.1
"MSC" = McAfee SecurityCenter
"NVIDIA Drivers" = NVIDIA Drivers

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/29/2009 10:47:49 PM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x000cc804, process id 0x13f4, application
start time 0x01c9826b48ab1ea4.

Error - 1/30/2009 8:34:40 PM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module WINHTTP.dll, version 6.0.6001.18000, time stamp 0x4791a7b1,
exception code 0xc0000005, fault offset 0x00003689, process id 0x480, application
start time 0x01c9833b0228123c.

Error - 2/1/2009 1:56:04 AM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x001ebdd0, process id 0x159c, application
start time 0x01c984042f6cf604.

Error - 2/1/2009 2:41:02 AM | Computer Name = DenverBronco-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 2/1/2009 3:20:18 AM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x000b6f3e, process id 0x15d8, application
start time 0x01c98431c7580460.

Error - 2/1/2009 6:26:59 PM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x87ff626c, process id 0x14dc, application start time
0x01c984a522d92440.

Error - 2/1/2009 8:44:11 PM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x000d61b4, process id 0x1768, application
start time 0x01c984bc359ecf00.

Error - 2/2/2009 12:55:34 AM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x002082eb, process id 0xab4, application
start time 0x01c984cf5ff27640.

Error - 2/3/2009 8:41:01 PM | Computer Name = DenverBronco-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 2e14 Start Time: 01c9865d3c02ba30 Termination Time: 0

Error - 2/4/2009 11:26:16 PM | Computer Name = DenverBronco-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18000, time stamp
0x47918f11, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x000cc4a1, process id 0x608, application
start time 0x01c98732f51b2fe0.

[ System Events ]
Error - 12/20/2009 2:23:54 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 12/20/2009 2:23:54 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/20/2009 2:23:54 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/20/2009 2:23:54 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 12/20/2009 2:23:54 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/20/2009 2:23:54 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 12/20/2009 2:24:50 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 12/20/2009 2:24:50 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/20/2009 2:24:50 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 12/20/2009 2:24:50 PM | Computer Name = DenverBronco-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Thanks for the Help!!

Attached Files

ark.txt 37.52KB 363 downloads

#4
kahdah

Posted 20 December 2009 - 04:56 PM

GeekU Teacher

Retired Staff
15,822 posts

You are welcome

One or more of the identified infections is a backdoor trojan or rootkit.

This type of infection has the capabilities to allows hacker to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identity Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

#5
BroncoWizard

Posted 20 December 2009 - 05:24 PM

Member

Topic Starter
Member
22 posts

i would like to clean the machine please

#6
BroncoWizard

Posted 20 December 2009 - 05:25 PM

Member

Topic Starter
Member
22 posts

but what would you reccomaend me to do?

#7
kahdah

Posted 20 December 2009 - 05:53 PM

GeekU Teacher

Retired Staff
15,822 posts

Well I recommend cleaning it only if you don't use it for financial transactions.
If you do and want to continue to do this then I recommend a reformat.
It is up to you.

#8
BroncoWizard

Posted 25 December 2009 - 04:02 PM

Member

Topic Starter
Member
22 posts

i think i should format my whole computer, how would i do that?
and sorry i havent replied but im now using a family members computer, and i dont have any disks that came with my computer

#9
kahdah

Posted 25 December 2009 - 08:36 PM

GeekU Teacher

Retired Staff
15,822 posts

What kind of computer is it?
I can see f a recovery option is available via a recovery partition.
Let me know the brand name and model number of the system.

#10
BroncoWizard

Posted 26 December 2009 - 01:59 PM

Member

Topic Starter
Member
22 posts

I have Dell Dimension E521
and i tried system restore but it didnt work
do you have aim, or yahoo messenger so i can talk do you quickly because i want to resolve this quickly

#11
kahdah

Posted 26 December 2009 - 04:29 PM

GeekU Teacher

Retired Staff
15,822 posts

Please follow the procedures here:
http://support.dell....nt?docid=336966

If they do not work then you will need to contact Dell to order recovery disks for that machine.
Which can be done from the below link.
http://support.dell....o...lang=en&cs=

That should work let me know if you need further assistance.

#12
BroncoWizard

Posted 26 December 2009 - 04:44 PM

Member

Topic Starter
Member
22 posts

when i am backing up the files, which one do i back up
it says here teh OS(C:)(System) WHICH is 130 GB
or the Recovery 10 GB

and since the system is 130GB is it okay if i use this to back it up?
http://microcenter.c...duct_id=0285898

and is it ok backuping the whole system since there is a virus there?

Edited by BroncoWizard, 26 December 2009 - 04:59 PM.

#13
kahdah

Posted 26 December 2009 - 05:36 PM

GeekU Teacher

Retired Staff
15,822 posts

Yes it is ok to use.
You want to backup the one that says OS on it.

#14
BroncoWizard

Posted 26 December 2009 - 09:08 PM

Member

Topic Starter
Member
22 posts

ok thanks, how would i use that because i wanna know how to back it up
and does that have enough memory in it??

#15
kahdah

Posted 27 December 2009 - 08:11 AM

GeekU Teacher

Retired Staff
15,822 posts

Hi backing up the whole system is not necessary.
Back up only the locations that you noirmally save data to.
For ex.. typical save locations are Desktop,Documents,favorites for IE.

So I would plug in the backup drive and then go to C:\Users\(your username)\In there backup contacts,Documents,Favorites,Desktop,Music,Videos.
Also then go to C:\Users\Public and back up that entire folder.
This location also has items in it you may want to keep.
Backing up simply means to copy the items you want to save then paste it into the backup drive.
Hope that get's you going.