Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Dell Aurora has a black screen on startup, won't detect CD drive

Started by twswford , Mar 19 2013 07:57 AM

  • This topic is locked This topic is locked

#1
twswford
Posted 19 March 2013 - 07:57 AM

twswford

    Member

  • Member
  • PipPip
  • 26 posts
Hello,
i was being helped but got sidetracked with work so my topic was closed and i still need to get some help with my dell. it's an alien aurora m9700 series. at startup there is a black screen with the option to choose one of the following:
windows xp (which is what i choose to work with it)
recovery console
or something that says "do not choose" and something about debugging.

i can give you the last thing i tried if you can't locate it in my prior communications with the last tech (essexboy).

I ran OTL and the log is below
please help
thank you

OTL logfile created on: 03/18/13 4:07:27 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: MM/dd/yy

1023.23 Mb Total Physical Memory | 304.79 Mb Available Physical Memory | 29.79% Memory free
2.40 Gb Paging File | 1.51 Gb Available in Paging File | 62.98% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 18.24 Gb Free Space | 32.65% Space Free | Partition Type: NTFS
Drive E: | 7.19 Gb Total Space | 6.95 Gb Free Space | 96.65% Space Free | Partition Type: FAT32

Computer Name: WA68A7S1J249 | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/18 16:06:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL(2).exe
PRC - [2013/03/09 10:01:57 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/12/10 03:25:35 | 000,554,624 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
PRC - [2012/12/06 13:04:24 | 000,656,576 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/12/04 11:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2012/11/09 14:30:26 | 004,013,928 | ---- | M] (Connectify) -- C:\Program Files\Connectify\Connectify.exe
PRC - [2012/11/09 14:30:26 | 000,287,592 | ---- | M] (Connectify) -- C:\Program Files\Connectify\Connectifyd.exe
PRC - [2012/11/09 14:30:12 | 000,065,536 | ---- | M] () -- C:\Program Files\Connectify\ConnectifyService.exe
PRC - [2012/02/29 12:19:46 | 011,870,208 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\ZTE AC3781 APP.exe
PRC - [2012/02/28 11:59:12 | 000,696,320 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\AC3781\Bin\MonServiceUDisk.exe
PRC - [2011/10/07 17:05:50 | 000,934,496 | ---- | M] (dotPDN LLC) -- C:\Program Files\Paint.NET\PaintDotNet.exe
PRC - [2011/01/01 09:23:10 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2009/09/23 12:21:40 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2005/04/29 17:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
PRC - [2004/10/14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/15 01:08:23 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013/03/09 10:01:13 | 003,069,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/02/14 18:19:28 | 001,356,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b1e61da93475e511d4ea18a200811864\System.WorkflowServices.ni.dll
MOD - [2013/02/14 18:17:28 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013/02/14 18:17:08 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013/02/14 18:15:09 | 003,212,288 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet\55e20888f245d38c73b151f1f430a1a2\PaintDotNet.ni.exe
MOD - [2013/02/14 18:14:56 | 000,813,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Effects\5f6c19685978c89685ba8f47ab0c8f78\PaintDotNet.Effects.ni.dll
MOD - [2013/02/14 18:14:50 | 000,582,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Data\c1ca9d80ead77d5e9695b6cf66822dc9\PaintDotNet.Data.ni.dll
MOD - [2013/02/14 18:14:44 | 001,932,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Core\1bfd92c2879acf89aa49073371902473\PaintDotNet.Core.ni.dll
MOD - [2013/02/14 18:14:37 | 000,389,632 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Resourc#\4e0acd22dc26c6ce312098bbc1bea262\PaintDotNet.Resources.ni.dll
MOD - [2013/02/14 18:14:34 | 000,902,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\de0302a173e5582508b44ac8716d2377\PaintDotNet.SystemLayer.ni.dll
MOD - [2013/02/14 18:14:13 | 000,862,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.Base\b10bbc581cf4d76369443402de5a8529\PaintDotNet.Base.ni.dll
MOD - [2013/02/14 18:11:52 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
MOD - [2013/02/14 18:01:14 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013/01/17 07:02:25 | 001,706,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\55d91ed4812d4afa44a4834a8bed682e\System.ServiceModel.Web.ni.dll
MOD - [2013/01/17 07:02:18 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll
MOD - [2013/01/17 07:00:04 | 000,161,280 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PaintDotNet.SystemL#\8a398c829293c7c6866bd67b766bb312\PaintDotNet.SystemLayer.Native.x86.ni.dll
MOD - [2013/01/17 06:59:52 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.WIA\4376b48ebc2b59a470c63ef083d4193c\Interop.WIA.ni.dll
MOD - [2013/01/17 06:59:51 | 000,684,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\203f25ba39b45027d2d0c8f849a471db\System.Security.ni.dll
MOD - [2013/01/17 06:59:47 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
MOD - [2013/01/17 06:59:45 | 000,547,840 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\1ebbafd2364251614a485467336f44fc\ICSharpCode.SharpZipLib.ni.dll
MOD - [2013/01/17 06:59:39 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll
MOD - [2013/01/17 06:24:56 | 000,256,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll
MOD - [2013/01/17 06:24:34 | 017,403,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\58ee03cb0f505b226bfe97c0e879005f\System.ServiceModel.ni.dll
MOD - [2013/01/17 06:24:03 | 002,345,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
MOD - [2013/01/17 06:23:58 | 001,071,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\91442e74da926f6b2c33b5754014940d\System.IdentityModel.ni.dll
MOD - [2013/01/17 06:23:50 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013/01/17 06:23:29 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013/01/17 06:22:56 | 002,295,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\edbf4e4a55e63b9fbf0b0b40cba13063\System.Core.ni.dll
MOD - [2013/01/17 06:21:49 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll
MOD - [2013/01/17 06:21:35 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/17 06:21:15 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012/12/10 03:25:35 | 000,554,624 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
MOD - [2012/11/09 14:30:32 | 000,777,064 | ---- | M] () -- C:\Program Files\Connectify\Vendors.dll
MOD - [2012/11/09 14:30:32 | 000,090,472 | ---- | M] () -- C:\Program Files\Connectify\NativeLibrary.dll
MOD - [2012/11/09 14:30:32 | 000,054,120 | ---- | M] () -- C:\Program Files\Connectify\Scannify.dll
MOD - [2012/11/09 14:30:30 | 000,185,704 | ---- | M] () -- C:\Program Files\Connectify\LibDispatch.dll
MOD - [2012/11/09 14:30:28 | 000,035,176 | ---- | M] () -- C:\Program Files\Connectify\DriverLib.dll
MOD - [2012/11/09 14:30:28 | 000,024,936 | ---- | M] () -- C:\Program Files\Connectify\gma.Windows.Firewall.dll
MOD - [2012/11/09 14:30:26 | 001,068,904 | ---- | M] () -- C:\Program Files\Connectify\ConnectifyNAT.dll
MOD - [2012/11/09 14:30:26 | 000,016,232 | ---- | M] () -- C:\Program Files\Connectify\BuildProps.dll
MOD - [2012/11/09 14:30:12 | 000,065,536 | ---- | M] () -- C:\Program Files\Connectify\ConnectifyService.exe
MOD - [2012/02/29 12:19:46 | 011,870,208 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\ZTE AC3781 APP.exe
MOD - [2012/02/29 12:10:00 | 000,188,416 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfXCommWrapper.dll
MOD - [2012/02/29 12:09:46 | 000,471,040 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfXComm.dll
MOD - [2012/02/29 12:09:44 | 000,045,056 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfCustomization.dll
MOD - [2012/02/29 12:09:34 | 000,102,400 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfWaveLib.dll
MOD - [2012/02/29 12:09:34 | 000,040,960 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfRasWrapper.dll
MOD - [2012/02/29 12:09:32 | 000,102,400 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfDeviceHW.dll
MOD - [2012/02/29 12:09:26 | 000,053,248 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfLogService.dll
MOD - [2012/02/29 12:09:26 | 000,025,088 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\UdiskDrv.dll
MOD - [2012/02/29 12:09:22 | 000,229,376 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfRuntime.dll
MOD - [2012/02/29 12:09:22 | 000,221,184 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfHelper.dll
MOD - [2012/02/29 12:09:20 | 000,013,312 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfSoundPlayLib.dll
MOD - [2012/02/29 12:09:18 | 000,013,824 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfSerialPort.dll
MOD - [2012/02/29 12:09:16 | 000,017,920 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zfThreading.dll
MOD - [2012/02/28 11:59:12 | 000,696,320 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\AC3781\Bin\MonServiceUDisk.exe
MOD - [2012/02/28 11:21:42 | 000,971,776 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\libxml2.dll
MOD - [2012/02/28 11:21:42 | 000,290,904 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\libxslt.dll
MOD - [2012/02/28 11:21:42 | 000,073,728 | ---- | M] () -- C:\Program Files\Cricket Broadband AC3781\bin\zlib1.dll
MOD - [2011/10/07 17:05:50 | 000,108,128 | ---- | M] () -- C:\Program Files\Paint.NET\Native.x86\PaintDotNet.Native.x86.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/09/23 12:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2009/01/30 09:12:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2005/04/29 17:15:40 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.exe
MOD - [2005/04/29 17:15:36 | 000,045,056 | ---- | M] () -- C:\Program Files\TouchFreeze\TouchFreeze.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Bigfoot Networks\Killer Driver\PortManager.exe -- (Killer Port Manager)
SRV - [2013/03/15 01:08:33 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/09 10:01:55 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/12/10 03:25:35 | 000,554,624 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012/12/04 11:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012/11/09 14:30:12 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2012/02/28 11:59:12 | 000,696,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Cricket Broadband AC3781\AC3781\Bin\MonServiceUDisk.exe -- (UDisk Monitor)
SRV - [2012/01/04 14:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/11/29 11:41:26 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2002/09/20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWVsp.sys -- (PTUMWVsp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWNET.sys -- (PTUMWNET)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWMdm.sys -- (PTUMWMdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWFLT.sys -- (PTUMWFLT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWCDF.sys -- (PTUMWCDF)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PTUMWBus.sys -- (PTUMWBus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/03/18 13:44:38 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D25D0527-00E6-4A8B-94FC-DB0D679CF504}\MpKsl28df908c.sys -- (MpKsl28df908c)
DRV - [2013/03/03 14:26:44 | 000,031,344 | ---- | M] (Connectify) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cnnctfy2.sys -- (cnnctfy2MP)
DRV - [2013/03/03 14:26:44 | 000,031,344 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV - [2012/02/28 11:22:02 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2012/02/28 11:22:02 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2012/02/28 11:21:48 | 000,117,504 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CT_ZTEMT_U_USBNET.SYS -- (CT_ZTEMT_U_USBNET)
DRV - [2012/02/28 11:21:48 | 000,105,472 | ---- | M] (ZTEMT Incorporated) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CT_ZTEMT_U_USBSER.sys -- (ztemtusbser)
DRV - [2010/06/21 18:07:20 | 000,078,720 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swiwdmbus.sys -- (swiwdmbus)
DRV - [2010/06/21 17:47:13 | 000,156,544 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumxa3.sys -- (SWUMXA3)
DRV - [2010/06/21 17:46:49 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2010/06/21 17:46:49 | 000,201,088 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8u00.sys -- (SWNC8U00)
DRV - [2009/07/13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/08/15 07:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2007/04/16 21:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006/03/14 13:21:18 | 000,328,237 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/03/14 13:19:24 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/03/14 13:18:00 | 000,851,402 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/03/14 13:15:34 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/03/14 13:14:52 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/03/14 13:12:02 | 000,148,900 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/03/14 13:10:56 | 000,045,683 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2006/02/15 17:26:18 | 001,153,728 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/01/04 08:49:00 | 000,243,712 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/09/17 11:01:50 | 000,028,672 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/09/14 12:45:24 | 000,050,560 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/08/11 16:49:28 | 000,393,088 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2005/03/09 15:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/09/14 16:55:44 | 000,088,960 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 83 5D 22 6B 04 CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://westernstore...pify.com/admin"
FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0
FF - prefs.js..extensions.enabledAddons: %7Bd12b4ac5-7cfd-4189-9422-6a44f564d17c%7D:1.2
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 4


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@meadco.com/neptune plugin,version=2.0.0.29: C:\PROGRA~1\MEADCO~1\npmeadax.dll (MeadCo Corp.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.97: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013/01/06 20:09:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Cricket Broadband AC3781\bin [2013/02/07 08:07:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/03/09 10:01:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/03/09 10:01:01 | 000,000,000 | ---D | M]

[2012/11/18 14:49:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2013/02/10 08:03:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions
[2013/02/10 08:03:09 | 000,007,932 | ---- | M] () (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\4v54krdl.default\extensions\{d12b4ac5-7cfd-4189-9422-6a44f564d17c}.xpi
[2013/03/09 10:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/03/09 10:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2013/03/09 10:00:54 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/01/22 05:10:14 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2013/01/06 20:09:19 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2013/03/09 10:01:57 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/22 05:10:14 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2013/02/08 10:34:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013/01/04 10:01:06 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012/11/17 13:44:06 | 000,002,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2013/03/01 16:48:03 | 000,002,086 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: MeadCo's Neptune (Enabled) = C:\PROGRA~1\MEADCO~1\npmeadax.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: getPlusPlus for Adobe 16297 (Enabled) = C:\Program Files\NOS\bin\np_gp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/01/18 13:42:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Blekko Search Bar Helper Object) - {BAE35237-8D73-44D0-905C-8A95EA1E7E69} - C:\Program Files\blekko\spamfreesearch\1.8.3.9\bh\spamfreesearch.dll File not found
O2 - BHO: (CouponMatcher) - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files\CouponMatcher\CouponMatcher.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Blekko Search Bar Toolbar) - {EECF410C-006C-4A05-AD13-6741A0814DBF} - C:\Program Files\blekko\spamfreesearch\1.8.3.9\spamfreesearchTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [{F9AA8FE2-E89A-E99B-E8b8-E9AE9B9ABA99}] "C:\Program Files\Cricket Broadband Connect\AvqAutoRun.exe" "C:\Program Files\Cricket Broadband Connect\mPhonetools.exe" /OnPlug=%s File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Connectify] C:\Program Files\Connectify\Connectify.exe (Connectify)
O4 - HKCU..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe ()
O4 - HKCU..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: eset.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([accounts] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: montanasilversmiths.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: mycricket.com ([bb] http in Local intranet)
O15 - HKCU\..Trusted Domains: myshopify.com ([westernstore] https in Trusted sites)
O15 - HKCU\..Trusted Domains: netflix.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netflix.com ([movies] http in Trusted sites)
O15 - HKCU\..Trusted Domains: rapidsurveygroup.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: shopify.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: shopify.com ([www] http in Trusted sites)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1286464238343 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1346393699108 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C5A7D325-20E3-4183-9FBE-BEF5359188E3} http://www.cisgroup....RapidSketch.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (get_atlcom Class)
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} http://www.rapidsurv...RSG/XUpload.ocx (Persits Software XUpload)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F21C5652-4A9C-4478-B930-7179098AA9E5}: NameServer = 10.133.20.11 10.132.20.11
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/07 09:35:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/15 01:07:55 | 016,486,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerInstaller.exe
[2013/03/11 16:18:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\My Documents\all kinds of stuff
[2013/03/09 10:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/03/05 18:05:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Connectify Hotspot
[2013/03/05 17:41:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Connectify
[2013/03/04 00:46:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\My Documents\SHAR-PC
[2013/03/03 15:30:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\APN
[2013/03/03 14:26:44 | 000,031,344 | ---- | C] (Connectify) -- C:\WINDOWS\System32\drivers\cnnctfy2.sys
[2013/03/03 14:26:20 | 000,000,000 | ---D | C] -- C:\Program Files\Connectify
[2013/03/02 08:23:36 | 001,464,423 | ---- | C] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FRST64.exe
[2013/03/01 20:15:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\File Scout
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/03/18 16:10:00 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{94F167EE-7096-4173-8F22-F4FFAB67DEAE}.job
[2013/03/18 16:06:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/18 16:05:04 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/18 11:32:11 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/03/18 11:25:57 | 000,613,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/18 11:25:57 | 000,125,656 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/18 11:24:06 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-1682526488-1801674531-500.job
[2013/03/18 11:24:04 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-1682526488-1801674531-500.job
[2013/03/18 11:22:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/18 11:21:55 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/18 11:21:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/18 11:20:27 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2013/03/17 03:59:00 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateXML_Administrator.job
[2013/03/15 01:59:00 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\ReclaimerUpdateFiles_Administrator.job
[2013/03/15 00:24:29 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/03/14 02:07:29 | 000,013,584 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Untitled 1.odt
[2013/03/14 02:03:45 | 000,195,692 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\daisy.pdf
[2013/03/14 02:03:18 | 000,199,139 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dfly.pdf
[2013/03/14 02:02:11 | 000,190,443 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\pink flower.pdf
[2013/03/14 01:59:47 | 000,239,942 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tree.pdf
[2013/03/14 01:11:05 | 000,013,954 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\cs812081308150_ug02en.pdf
[2013/03/14 00:34:35 | 003,328,159 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\How to Use a Singer Tiny Serger _ eHow.pdf
[2013/03/13 08:16:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/03/13 08:14:39 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/11 11:04:53 | 000,015,148 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\randalls death - Notepad.pdf
[2013/03/06 13:30:54 | 000,001,831 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/06 12:03:03 | 000,608,202 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\release to ok derm.png
[2013/03/06 11:05:27 | 000,607,545 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\release to okcic.png
[2013/03/06 10:25:04 | 000,132,045 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\signature photo2.JPG
[2013/03/06 10:02:55 | 000,004,842 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Authorization for Disclosure of PHI - authorization for disclosure of phi.pdf
[2013/03/06 09:51:50 | 000,105,994 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Authorization for Disclosure of PHI - authorization for disclosure of phi.pdf
[2013/03/05 15:07:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/03/03 15:45:53 | 000,007,882 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Articles For Sale.indb - bb9-h09online.pdf
[2013/03/03 15:43:50 | 000,004,430 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\untitled - BNB-ONF0411.pdf
[2013/03/03 14:26:44 | 000,031,344 | ---- | M] (Connectify) -- C:\WINDOWS\System32\drivers\cnnctfy2.sys
[2013/03/02 09:04:23 | 000,220,290 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dt icons.png
[2013/03/02 09:00:29 | 000,114,943 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dt.png
[2013/03/02 08:23:41 | 001,464,423 | ---- | M] (Farbar) -- C:\Documents and Settings\Administrator\Desktop\FRST64.exe
[2013/03/02 02:16:03 | 172,855,296 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\RepairDiscWindows7-64-bit.iso
[2013/03/01 18:11:52 | 000,857,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\WiNToBootic.exe
[2013/02/25 22:01:57 | 000,570,862 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tori to print 3.png
[2013/02/25 22:01:17 | 000,063,096 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tori to print2.png
[2013/02/25 22:01:02 | 000,063,096 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\my baby!!.jpg
[2013/02/25 22:00:06 | 000,745,592 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\tori to print.png
[2013/02/25 21:58:59 | 000,055,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\go pokes!!.jpg
[2013/02/25 21:04:44 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/03/14 02:07:29 | 000,013,584 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Untitled 1.odt
[2013/03/14 02:03:44 | 000,195,692 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\daisy.pdf
[2013/03/14 02:03:16 | 000,199,139 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dfly.pdf
[2013/03/14 02:02:10 | 000,190,443 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\pink flower.pdf
[2013/03/14 01:59:42 | 000,239,942 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tree.pdf
[2013/03/14 01:11:04 | 000,013,954 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\cs812081308150_ug02en.pdf
[2013/03/14 00:34:36 | 003,328,159 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\How to Use a Singer Tiny Serger _ eHow.pdf
[2013/03/11 10:57:20 | 000,015,148 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\randalls death - Notepad.pdf
[2013/03/06 12:06:26 | 000,001,831 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/06 12:06:26 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/03/06 12:00:25 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/06 12:00:23 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/06 11:05:45 | 000,608,202 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\release to ok derm.png
[2013/03/06 10:57:03 | 000,607,545 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\release to okcic.png
[2013/03/06 10:25:03 | 000,132,045 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\signature photo2.JPG
[2013/03/06 10:02:37 | 000,004,842 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Authorization for Disclosure of PHI - authorization for disclosure of phi.pdf
[2013/03/06 09:46:20 | 000,105,994 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Authorization for Disclosure of PHI - authorization for disclosure of phi.pdf
[2013/03/03 15:45:53 | 000,007,882 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Articles For Sale.indb - bb9-h09online.pdf
[2013/03/03 15:43:47 | 000,004,430 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\untitled - BNB-ONF0411.pdf
[2013/03/02 09:04:22 | 000,220,290 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dt icons.png
[2013/03/02 09:00:29 | 000,114,943 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dt.png
[2013/03/01 18:13:17 | 172,855,296 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\RepairDiscWindows7-64-bit.iso
[2013/03/01 18:11:47 | 000,857,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\WiNToBootic.exe
[2013/02/25 22:01:57 | 000,570,862 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tori to print 3.png
[2013/02/25 22:01:16 | 000,063,096 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tori to print2.png
[2013/02/25 22:00:06 | 000,745,592 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\tori to print.png
[2013/02/25 21:58:38 | 000,055,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\go pokes!!.jpg
[2013/02/11 07:59:55 | 011,069,501 | ---- | C] () -- C:\Program Files\Paint.zip
[2013/02/02 11:22:17 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2012/06/03 21:42:19 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2012/02/14 22:51:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/29 01:21:05 | 000,398,336 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\store-pp.db
[2011/11/19 19:16:46 | 002,154,708 | ---- | C] () -- C:\Documents and Settings\Administrator\heater.JPG
[2011/11/19 17:56:06 | 000,117,383 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0766.jpg
[2011/11/19 17:56:04 | 000,000,360 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0679.jpg
[2011/11/03 01:03:08 | 001,879,252 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0801.JPG
[2011/11/03 01:03:06 | 001,704,564 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0800.JPG
[2011/11/03 01:03:04 | 002,090,740 | ---- | C] () -- C:\Documents and Settings\Administrator\HPIM0799.JPG
[2011/10/11 09:16:20 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2011/08/07 22:28:08 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/08/07 22:28:08 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/03/18 20:16:09 | 000,749,532 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-790525478-1682526488-1801674531-500-0.dat
[2011/03/18 03:23:16 | 000,284,230 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/10 18:13:58 | 000,043,800 | ---- | C] () -- C:\Documents and Settings\Administrator\GRAY1170.jpg
[2011/03/10 18:13:57 | 000,056,803 | ---- | C] () -- C:\Documents and Settings\Administrator\GRAY1169.jpg
[2011/02/20 17:01:10 | 000,002,095 | ---- | C] () -- C:\Documents and Settings\Administrator\ganesa_sm.jpg
[2011/01/22 22:34:04 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/01/08 13:28:59 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/18 23:19:42 | 000,006,855 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PrimoPDFSet.xml
[2010/12/17 12:26:29 | 000,017,614 | ---- | C] () -- C:\Documents and Settings\Administrator\golf cart.jpg
[2010/10/07 10:11:04 | 000,000,194 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.old
[2010/10/07 09:53:28 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.new
[2010/10/07 09:53:28 | 000,000,002 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\menu.bfm
[2010/02/11 21:36:32 | 003,653,120 | ---- | C] () -- C:\Program Files\SSCERuntime_x64-ENU.msi
[2010/02/11 21:36:18 | 003,164,160 | ---- | C] () -- C:\Program Files\SSCERuntime_x86-ENU.msi

========== ZeroAccess Check ==========

[2010/12/07 23:49:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010/06/24 07:10:44 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2009/09/23 12:21:58 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/02/01 16:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\AVG10
[2012/12/04 23:15:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011/11/14 20:44:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.pruvan.PruvanOffice.D20FAAC2DD0C878F730FBC057EBFAB9559258FC2.1
[2012/02/19 23:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.w3i.musicrockstar
[2013/02/06 01:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Cricket Broadband AC3781
[2011/02/17 02:41:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Easy MP3 Recorder
[2011/11/17 14:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ElevatedDiagnostics
[2013/03/01 20:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\File Scout
[2011/03/25 15:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Harmonisoft
[2012/10/24 09:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia
[2012/10/24 09:56:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nokia Suite
[2012/12/27 20:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OfficeSuiteX
[2012/02/01 09:38:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PC Suite
[2012/12/16 21:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PerformerSoft
[2011/01/20 17:52:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PrimoPDF
[2011/08/16 21:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Sierra Wireless
[2010/12/17 00:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\VTExtra
[2010/12/21 20:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2010/12/22 06:05:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Search
[2013/02/08 12:32:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ZTEEVDO
[2013/02/07 08:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ZteUpdateUI
[2013/01/04 16:34:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/02/13 19:44:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2E177
[2013/03/03 15:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2011/03/17 21:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avanquest
[2012/10/19 15:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2013/03/18 13:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2013/02/06 01:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2011/10/06 13:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/02/01 16:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/03/05 17:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Connectify
[2012/12/10 03:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBUpdaterService
[2012/02/18 23:44:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iMesh
[2011/11/05 23:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2012/01/08 12:38:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2012/03/17 08:57:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2011/11/05 23:35:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2011/08/16 21:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2011/08/06 04:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2013/01/04 10:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/01/16 14:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/18 23:43:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BD8912D9-3040-46C4-B96A-4C3AC7E43486}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Administrator\My Documents\Authorization for Disclosure of PHI - authorization for disclosure of phi.pdf:SummaryInformation

< End of report >
  • 0

Advertisements

#2
CompCav
Posted 19 March 2013 - 09:34 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Please send a PM to Essexboy to reopen your current topic.

I am closing this one.
  • 0

#3
Essexboy
Posted 19 March 2013 - 09:48 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Re-opened topic here http://www.geekstogo...18#entry2274918
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP