WiredWX Hobby Weather ToolsLog in

 


tried to remove fake windows security, now usb won't work

3 posters

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
This has got me kinda stumped. Let me call for back up and get some second opinions.

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
thanks very much!!

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
In the mean-time, could you please re-run OTL?

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
hi, i've tried to post this 3 times and don't see it showing up, so forgive me if you end up seeing the same message again and again!
just to be sure i'm doing this right, i am using the otlpe that is on the desktop of the reatogo once i boot with the disk....i don't change any settings or add any fix code...is this correct? thanks

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
You'll have to split it into multiple posts, then. Just make two seperate posts.

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
oh, no, I just meant that i was trying to post this question below 3 times:
just to be sure i'm doing this right, i am using the otlpe that is on the desktop of the reatogo once i boot with the disk....i don't change any settings or add any fix code...is this correct? thanks.

i will assume that the above is what you want me to do - let me know if not.
btw, i'm running otlpe version 3.1.46.0

OTL logfile created on: 7/16/2011 1:11:49 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 99.41 Gb Free Space | 68.88% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2011/07/12 20:16:21 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/12 18:49:15 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/13 19:58:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/13 19:56:22 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/13 19:56:15 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
Yes, you're doing it correct.

What happens when you boot into Last Known Good Configuration instead of Safe Mode? Have you tried it? If not, then please try it. Also, have you installed the Recovery Console?

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
hi, yes, i have tried last known...same problem
i've just loaded the windows recovery console from the originally supplied windows xp disk...and i now have the command prompt...what do i do now?

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
I'm having sort of a writers block at the moment. Let me try and ask again.

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
ok, thanks...i hope this will work! my husband is ready to junk the pc and buy a new one!

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
Alrighty, lets run a custom scan with OTL that'll show me some info about the mouse and keyboard files.

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in


    /md5start
    USBHID.sys
    mouclass.sys
    kbdhid.sys
    IdeChnDr.sys
    usbstor.sys
    kbdmouse.dll
    i8042prt.*
    kbdclass.sys
    sermouse.*
    /md5stop


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
ok, so i exited out of the windows recovery console, and booted up with the reatogo disk...once again, i couldn't run the plain otl...i got the same error message as before: unable to locate component...application failed to start because framdyn.dll was not found ). So I opened otlpe, then pasted in the code, ran otlpe (run scan), and here's the output:

OTL logfile created on: 7/21/2011 3:19:38 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 100.89 Gb Free Space | 69.90% Space Free | Partition Type: NTFS
Drive J: | 7.45 Gb Total Space | 5.34 Gb Free Space | 71.69% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2011/07/12 20:16:21 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:42 | 000,000,053 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/17 09:11:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/07/12 18:49:15 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/17 09:11:44 | 000,000,280 | RHS- | M] () -- C:\boot.ini
[2011/07/13 19:58:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/13 19:56:22 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/13 19:56:15 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/17 09:11:43 | 000,000,209 | -HS- | C] () -- C:\BOOT.BAK
[2011/07/17 09:11:40 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: I8042PRT.SY_ >
[2004/08/10 07:00:00 | 000,026,025 | R--- | M] () MD5=819D427AB9DBE6AC2960A585087CB766 -- C:\cmdcons\i8042prt.sy_

< MD5 for: I8042PRT.SYS >
[2008/04/13 15:18:00 | 000,052,480 | -H-- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
[2008/04/13 15:18:00 | 000,052,480 | -H-- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2004/08/10 06:00:00 | 000,052,736 | -H-- | M] (Microsoft Corporation) MD5=5502B58EEF7486EE6F93F3F164DCB808 -- C:\i386\i8042prt.sys
[2004/08/10 06:00:00 | 000,052,736 | -H-- | M] (Microsoft Corporation) MD5=5502B58EEF7486EE6F93F3F164DCB808 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys

< MD5 for: KBDCLASS.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:kbdclass.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdclass.sys
[2008/04/13 14:39:47 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=463C1EC80CD17420A542B7F36A36F128 -- C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
[2008/04/13 14:39:47 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=463C1EC80CD17420A542B7F36A36F128 -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2004/08/03 23:58:34 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=EBDEE8A2EE5393890A1ACEE971C4C246 -- C:\i386\kbdclass.sys
[2004/08/03 23:58:34 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=EBDEE8A2EE5393890A1ACEE971C4C246 -- C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys

< MD5 for: KBDHID.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:kbdhid.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdhid.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdhid.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdhid.sys
[2008/04/13 14:39:48 | 000,014,592 | -H-- | M] (Microsoft Corporation) MD5=9EF487A186DEA361AA06913A75B3FA99 -- C:\WINDOWS\ServicePackFiles\i386\kbdhid.sys
[2008/04/13 14:39:48 | 000,014,592 | -H-- | M] (Microsoft Corporation) MD5=9EF487A186DEA361AA06913A75B3FA99 -- C:\WINDOWS\system32\drivers\kbdhid.sys
[2004/08/03 23:58:36 | 000,014,848 | -H-- | M] (Microsoft Corporation) MD5=E182FA8E49E8EE41B4ADC53093F3C7E6 -- C:\i386\kbdhid.sys
[2004/08/03 23:58:36 | 000,014,848 | -H-- | M] (Microsoft Corporation) MD5=E182FA8E49E8EE41B4ADC53093F3C7E6 -- C:\WINDOWS\$NtServicePackUninstall$\kbdhid.sys

< MD5 for: MOUCLASS.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:mouclass.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mouclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:mouclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:mouclass.sys
[2004/08/03 23:58:34 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=34E1F0031153E491910E12551400192C -- C:\i386\mouclass.sys
[2004/08/03 23:58:34 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=34E1F0031153E491910E12551400192C -- C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys
[2008/04/13 14:39:47 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=35C9E97194C8CFB8430125F8DBC34D04 -- C:\WINDOWS\ServicePackFiles\i386\mouclass.sys
[2008/04/13 14:39:47 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=35C9E97194C8CFB8430125F8DBC34D04 -- C:\WINDOWS\system32\drivers\mouclass.sys

< MD5 for: USBSTOR.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:usbstor.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/04 00:08:48 | 000,026,496 | -H-- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\i386\USBSTOR.SYS
[2004/08/04 00:08:48 | 000,026,496 | -H-- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | -H-- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | -H-- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >


Note, this was the only output file

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
Hi,

Could you please download one of these boot-environements and burn it to a CD and run it?

Kaspersky Rescue Environment: ftp://rescuedisk.kaspersky-labs.com/rescuedisk/
F-Secure Linux Environment: http://www.f-secure.com/en_EMEA-Labs/security-threats/tools/rescue-cd
SUPERAntiSpyware Portable: http://www.superantispyware.com/portablescanner.html

I completely missed something.

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
ok, not going well....first of all, i left my desktop on overnight, with the c drive open...this morning there was a popup asking me to buy "window blinds 4"...don't know where that came from...tried to put the kaspersky on a cd and on a thumb drive and transfer to the desktop, but it wouldn't run. Then I downloaded the SUPERAntiSpyware Portable, tried to run it...and got this blue screen on the desktop..."a problem has been detected and windows has been shut down to prevent damage to your computer. if this is the first time you've seen this stop error screen, restart your computer..blah blah blah...so i restarted several times and tried to run the program again (i even went to the support tab from the website from SUPERAntiSpyware Portable and tried the different methods with the sas.exe and then the saferun or whatever it was called...still got the same blue screen...btw, i tried to run the program from the reatogo desktop, and also from inside the drive where the thumb drive was plugged in, and also from inside the c drive...got the same blue screen each time

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
Alright, let me call for assistance again. Let me think

descriptiontried to remove fake windows security, now usb won't work - Page 4 EmptyRe: tried to remove fake windows security, now usb won't work

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum