tried to remove fake windows security, now usb won't work

hi,
i followed some advice i saw about removing the fake windows security on my pc (i'm now working on my laptop)...the advice included running kaspersky, malwarebytes, and then turning system restore off and on...i turned it off (in safe mode) but couldn't turn it back on...now i'm not sure what happened, or what other things i may have run that i saw posted as helps, but currently i can't even use my mouse, so i can't log in...even in safe mode. what to do?

ps- i don't know how to run the otl or other programs on my pc without mouse! that's why i haven't followed the directions...can someone tell me how to do this when my mouse (and all things connect via usb) aren't working on my pc?

We are going to be using a Windows Recovery Environment to help disinfect the system so it may boot again.

Download the OTLPE Standard REATOGO Windows Recovery Environment.

• Place a blank CD-R disc in to your CD burning drive.
  
• Download OTLPEStd.exe and double-click on it to burn to a CD using ISO Burner.
  
• Reboot your system using the boot CD you just created.
  
  Note : If you do not know how to set your computer to boot from CD follow the steps here
  
• Your system should now display a REATOGO-X-PE desktop.
  
• Double-click on the OTLPE icon.
  
• When asked "Do you wish to load the remote registry", select Yes
  
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  
• OTL should now start. Change the following settings
  

• Change Drivers to Non-Microsoft
  
• Press Run Scan to start the scan.
  
• When finished, the file will be saved in drive C:\_OTL\MovedFiles
  
• Copy this file to your USB drive if you do not have internet connection on this system
  
• Please post the contents of the OTL.txt file in your reply.
  

Hi,
i followed your instructions except
1) it did not ask me "Do you wish to load the remote registry?", but went straight to the next question
2) the options under drivers were: none, use safelist, all...so i chose none

here is the otl.txt:
OTL logfile created on: 5/31/2011 11:29:37 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/27 23:22:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BVRP Software
[2011/05/27 23:21:29 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2366736.sys
[2011/05/27 23:21:29 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667361.sys
[2011/05/27 23:21:29 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667362.sys
[2011/05/27 23:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1
[2011/05/27 23:18:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/27 23:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/27 18:42:58 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\6435323.sys
[2011/05/27 18:42:58 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353231.sys
[2011/05/27 18:42:58 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353232.sys
[2011/05/27 18:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool
[2011/05/26 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Malwarebytes
[2011/05/26 21:03:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/26 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/26 21:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/26 21:03:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/25 09:49:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Recent
[2011/05/25 08:17:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Start Menu\Programs\Windows XP Recovery
[2011/05/24 20:55:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\_paul cat scans april 2011
[2011/05/24 20:53:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\My Documents\paul 2011 ct scans
[2011/05/22 09:26:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Jesse's Work
[2011/05/21 08:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikko\Local Settings\Application Data\Conduit
[2011/05/21 08:50:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikko\Local Settings\Application Data\quixley_v2
[2011/05/21 08:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2011/05/21 08:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2011/05/21 08:50:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Nikko\Local Settings\Application Data\ConduitEngine
[2011/05/19 18:13:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Local Settings\Application Data\Conduit
[2011/05/19 18:13:06 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Local Settings\Application Data\quixley_v2
[2011/05/19 18:12:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2011/05/19 18:12:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2011/05/19 18:12:50 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Local Settings\Application Data\ConduitEngine
[2011/05/16 19:36:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\Conduit
[2011/05/16 19:35:55 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\quixley_v2
[2011/05/16 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2011/05/16 19:35:47 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2011/05/16 19:35:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\ConduitEngine
[2011/05/15 08:46:06 | 000,000,000 | -H-D | C] -- C:\Program Files\Conduit
[2011/05/15 08:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\quixley_v2
[2011/05/15 08:46:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\ConduitEngine
[2011/05/15 08:46:02 | 000,000,000 | -H-D | C] -- C:\Program Files\ConduitEngine
[2011/05/15 08:46:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\Conduit
[2011/05/15 08:45:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\Temp
[2011/05/15 08:45:40 | 000,000,000 | -H-D | C] -- C:\Program Files\quixley_v2
[2011/05/15 07:02:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2011/05/15 07:02:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2011/05/15 07:01:57 | 000,000,000 | -H-D | C] -- C:\Program Files\somototoolbar
[2011/05/15 07:01:38 | 000,000,000 | -H-D | C] -- C:\Program Files\MP3 Rocket FileBulldog Toolbar
[2011/05/13 22:04:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2011/05/13 22:04:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\PC_Drivers_Headquarters
[2011/05/13 22:03:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/05/13 22:03:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/05/13 22:03:03 | 000,000,000 | -H-D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2011/05/13 21:59:08 | 000,000,000 | -H-D | C] -- C:\BJPrinter
[2011/05/09 17:26:26 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Start Menu\Programs\BrowserPlus
[2011/05/09 17:26:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Jesse\Local Settings\Application Data\Yahoo!
[2011/05/07 10:25:29 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/07 10:24:18 | 000,000,000 | -H-D | C] -- C:\Program Files\iPod
[2011/05/07 10:24:04 | 000,000,000 | -H-D | C] -- C:\Program Files\iTunes
[2011/05/07 10:18:16 | 000,000,000 | -H-D | C] -- C:\Program Files\Bonjour
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/30 18:43:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/30 18:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/05/30 18:42:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/05/30 18:29:06 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/05/29 16:22:57 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/27 23:23:34 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/27 20:52:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/27 05:27:12 | 000,009,072 | ---- | M] () -- C:\WINDOWS\System32\drivers\7582
[2011/05/26 21:03:51 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/26 20:37:47 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\jvvkws.sys
[2011/05/26 18:28:32 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/26 09:12:20 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/26 06:30:31 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\aaain.sys
[2011/05/25 18:55:32 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\qiofkd.sys
[2011/05/25 18:40:38 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:25:16 | 000,000,400 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/25 08:17:49 | 000,000,819 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZyXEL PLA-4xx Series Configuration
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WordPerfect Office 12
[2011/05/25 06:57:01 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2010
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TabIt
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickVerse 2006
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickBooks
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm Desktop
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem On Hold
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem Helper
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memorex exPressit Label Design Studio
[2011/05/25 06:56:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Desktop
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Finale NotePad 2007
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\e-Sword
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Encountering The New Testament 2
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EasyWorship
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Games
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon PIXMA iP3000 Manual
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bible Explorer 4
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Software Suite
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft MediaImpression for Kodak
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2011/05/24 20:22:10 | 005,139,129 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/05/24 00:01:43 | 000,995,548 | -H-- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/05/24 00:01:43 | 000,907,041 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/05/24 00:01:43 | 000,021,123 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/05/24 00:01:43 | 000,000,533 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2011/05/21 09:17:02 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/18 16:00:45 | 000,000,243 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\PowerSchool Parent Logon.url
[2011/05/18 06:47:24 | 000,029,696 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/16 07:55:16 | 000,610,827 | -H-- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\canon pixma ip3000 service manual.pdf
[2011/05/16 07:12:33 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Streets & Trips.lnk
[2011/05/15 07:02:12 | 000,000,860 | -H-- | M] () -- C:\WINDOWS\wininit.ini
[2011/05/15 07:01:53 | 000,001,645 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\MP3 Rocket 6.0.6.lnk
[2011/05/07 10:40:40 | 000,017,408 | -H-- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\22.est
[2011/05/07 10:14:39 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/05/06 23:57:26 | 000,018,944 | -H-- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\30 Wilson Ave E, Riverdale, NJ 07457 to 8 E Randolph Ave, Dover, NJ 07801.est
[2011/05/06 06:44:30 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/30 10:57:54 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/27 23:14:24 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/27 20:52:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 18:45:22 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/27 05:27:12 | 000,009,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\7582
[2011/05/26 21:03:51 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/26 20:37:47 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\jvvkws.sys
[2011/05/26 18:28:32 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/26 06:30:30 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\aaain.sys
[2011/05/25 18:56:51 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 18:55:32 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\qiofkd.sys
[2011/05/25 08:17:49 | 000,000,819 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/24 20:22:10 | 005,139,129 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/05/16 07:55:16 | 000,610,827 | -H-- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\canon pixma ip3000 service manual.pdf
[2011/05/15 07:01:53 | 000,001,645 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\MP3 Rocket 6.0.6.lnk
[2011/05/11 22:43:06 | 000,000,243 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\PowerSchool Parent Logon.url
[2011/05/06 23:59:46 | 000,017,408 | -H-- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\22.est
[2011/05/06 23:57:26 | 000,018,944 | -H-- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\30 Wilson Ave E, Riverdale, NJ 07457 to 8 E Randolph Ave, Dover, NJ 07801.est
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/12/13 05:14:20 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\Jesse\Application Data\mfwxgh.dat
[2010/10/23 17:05:43 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\completescan
[2010/10/23 17:04:49 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\start
[2010/10/23 16:43:11 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\install
[2010/10/23 16:32:38 | 000,000,236 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\15825.bat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/05/30 18:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/05/30 18:42:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

bump?

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  [2011/05/27 05:27:12 | 000,009,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\7582
  [2011/05/26 20:37:47 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\jvvkws.sys
  [2011/05/26 06:30:30 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\aaain.sys
  [2011/05/25 18:55:32 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\qiofkd.sys
  [2010/12/13 05:14:20 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\Jesse\Application Data\mfwxgh.dat
  [2010/10/23 17:05:43 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\completescan
  [2010/10/23 17:04:49 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\start
  [2010/10/23 16:43:11 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\install
  [2010/10/23 16:32:38 | 000,000,236 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\15825.bat
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Hi again,
On the pc, I only have the otlpe program, so i ran that (was that correct?) thanks
Here is the log:
========== OTL ==========
C:\WINDOWS\system32\drivers\7582 moved successfully.
C:\WINDOWS\system32\drivers\jvvkws.sys moved successfully.
C:\WINDOWS\system32\drivers\aaain.sys moved successfully.
C:\WINDOWS\system32\drivers\qiofkd.sys moved successfully.
C:\Documents and Settings\Jesse\Application Data\mfwxgh.dat moved successfully.
C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\completescan moved successfully.
C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\start moved successfully.
C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\install moved successfully.
C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\15825.bat moved successfully.

OTLPE by OldTimer - Version 3.1.46.0 log created on 06052011_151417

Does the mouse work when you boot normally now?

no, i was still booting up with the disc containing the otlpe....i just took out the disc, and the screen said the disc was missing, so i hit the setup key, and then exited setup....it started to boot up (normally?) but the mouse still isn't functional. i didn't think we fixed anything yet...i thought the logs i was sending you were just to give you info on what was wrong. sorry, i'm totally clueless...just an fyi though...the other post i have with you (the explorer.exe error) is on my laptop...this booting/mouse/keyboard problem is on my desktop (which i haven't been using since the problem began)
thanks

hi, i'm not sure how to boot "normally" now...it says that it can't find drive 1, so to enter setup, i go in there, and can't figure out what to do...i exit setup, the logon screen comes back on, but i still can't use the mouse

Hi, it's even worse now...I tried to run the otlpe from the disc and now it says "missing operating system" and just sits there

Hi,

So you can't boot with OTLPE anymore? Try re-downloading it.

Ok, I was able to load and run the otl again. The first time I ran it, I was instructed to change drivers to "non-microsoft", but the only options were "none", "all", "use safelist". That time I chose "none" and posted that log. This time I ran it choosing "safelist". Here is the log:
OTL logfile created on: 6/21/2011 11:43:24 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 101.73 Gb Free Space | 70.49% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.42 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 15:14:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/27 23:22:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BVRP Software
[2011/05/27 23:21:29 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2366736.sys
[2011/05/27 23:21:29 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667361.sys
[2011/05/27 23:21:29 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667362.sys
[2011/05/27 23:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1
[2011/05/27 23:18:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/27 23:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/27 18:42:58 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\6435323.sys
[2011/05/27 18:42:58 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353231.sys
[2011/05/27 18:42:58 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353232.sys
[2011/05/27 18:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool
[2011/05/26 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Malwarebytes
[2011/05/26 21:03:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/26 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/26 21:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/26 21:03:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/25 09:49:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Recent
[2011/05/25 08:17:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Start Menu\Programs\Windows XP Recovery
[2011/05/24 20:55:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\_paul cat scans april 2011
[2011/05/24 20:53:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\My Documents\paul 2011 ct scans
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/18 14:31:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/06/18 12:57:10 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/30 18:42:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/05/27 23:23:34 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/27 20:52:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:51 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/26 18:28:32 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/26 09:12:20 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/25 18:40:38 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:25:16 | 000,000,400 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/25 08:17:49 | 000,000,819 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZyXEL PLA-4xx Series Configuration
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WordPerfect Office 12
[2011/05/25 06:57:01 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2010
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TabIt
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickVerse 2006
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickBooks
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm Desktop
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem On Hold
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem Helper
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memorex exPressit Label Design Studio
[2011/05/25 06:56:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Desktop
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Finale NotePad 2007
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\e-Sword
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Encountering The New Testament 2
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EasyWorship
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Games
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon PIXMA iP3000 Manual
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bible Explorer 4
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Software Suite
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft MediaImpression for Kodak
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2011/05/24 20:22:10 | 005,139,129 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/05/24 00:01:43 | 000,995,548 | -H-- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/05/24 00:01:43 | 000,907,041 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/05/24 00:01:43 | 000,021,123 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/05/24 00:01:43 | 000,000,533 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/27 23:14:24 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/27 20:52:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 18:45:22 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/26 21:03:51 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/26 18:28:32 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/25 18:56:51 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:17:49 | 000,000,819 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/24 20:22:10 | 005,139,129 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/05/30 18:42:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

included below are the otl log, otl text, aswmbr txt log, and checkup.txt

otl log:
========== OTL ==========
File C:\WINDOWS\System32\drivers\7582 not found.
File C:\WINDOWS\System32\drivers\jvvkws.sys not found.
File C:\WINDOWS\System32\drivers\aaain.sys not found.
File C:\WINDOWS\System32\drivers\qiofkd.sys not found.
File C:\Documents and Settings\Jesse\Application Data\mfwxgh.dat not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\completescan not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\start not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\install not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\15825.bat not found.

OTLPE by OldTimer - Version 3.1.46.0 log created on 06222011_204148





otl txt: (attached file)


aswmbr txt log:
aswMBR version 0.9.5.317 Copyright(c) 2011 AVAST Software
Run date: 2011-06-22 21:43:00
-----------------------------
21:43:00.828 OS Version: Windows 5.1.2600
21:43:00.828 Number of processors: 1 586 0x403
21:43:00.828 ComputerName: REATOGO UserName: SYSTEM
21:43:01.109 Initialze error 0
21:44:38.906 The log file has been saved successfully to "K:\aswMBR.txt"




checkup.txt:
Results of screen317's Security Check version 0.99.15
Windows XP
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
```````````````````````````````
Anti-malware/Other Utilities Check:
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

Ps - when I ran the security check, i got a pop up box that said "Auto It Error...Line -1:
Error: variable must be of type "object"....i clicked ok, and then got the checkup.txt output (included in my previous post)

I was not able to put the entire otl.txt here, and it would not let me attach the file, so here is the first part of the otl.txt...the second part will be in the next post

otl.txt
OTL logfile created on: 6/22/2011 9:17:23 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.42 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive K: | 7.45 Gb Total Space | 6.51 Gb Free Space | 87.33% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {0430454D-47EA-11D6-AD58-00010333D0AD} - Yahoo! Import WAB
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - WXcom Class
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - YbUploadFavsCtl Class
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{64A10DCF-7FF1-4600-9824-DE0BCC2AA72E} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 15:14:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/27 23:22:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BVRP Software
[2011/05/27 23:21:29 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2366736.sys
[2011/05/27 23:21:29 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667361.sys
[2011/05/27 23:21:29 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667362.sys
[2011/05/27 23:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1
[2011/05/27 23:18:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/27 23:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/27 18:42:58 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\6435323.sys
[2011/05/27 18:42:58 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353231.sys
[2011/05/27 18:42:58 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353232.sys
[2011/05/27 18:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool
[2011/05/26 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Malwarebytes
[2011/05/26 21:03:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/26 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/26 21:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/26 21:03:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/25 09:49:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Recent
[2011/05/25 08:17:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Start Menu\Programs\Windows XP Recovery
[2011/05/24 20:55:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\_paul cat scans april 2011
[2011/05/24 20:53:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\My Documents\paul 2011 ct scans
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/22 20:05:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/22 20:04:22 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/06/22 20:01:23 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/05/27 23:23:34 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/27 20:52:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:51 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/26 18:28:32 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/26 09:12:20 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/25 18:40:38 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:25:16 | 000,000,400 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/25 08:17:49 | 000,000,819 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZyXEL PLA-4xx Series Configuration
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WordPerfect Office 12
[2011/05/25 06:57:01 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2010
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TabIt
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickVerse 2006
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickBooks
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm Desktop
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem On Hold
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem Helper
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memorex exPressit Label Design Studio
[2011/05/25 06:56:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Desktop
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Finale NotePad 2007
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\e-Sword
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Encountering The New Testament 2
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EasyWorship
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Games
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon PIXMA iP3000 Manual
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bible Explorer 4
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Software Suite
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft MediaImpression for Kodak
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2011/05/24 20:22:10 | 005,139,129 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/05/24 00:01:43 | 000,995,548 | -H-- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/05/24 00:01:43 | 000,907,041 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/05/24 00:01:43 | 000,021,123 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/05/24 00:01:43 | 000,000,533 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/22 20:49:35 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/27 23:14:24 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/27 20:52:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 18:45:22 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/26 21:03:51 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/26 18:28:32 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/25 18:56:51 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:17:49 | 000,000,819 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/24 20:22:10 | 005,139,129 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Custom Scans ==========


Invalid Environment Variable: %APPDATA%\Microsoft\*.*

< %systemroot%\system32\config\systemprofile\*.dat /x >

Invalid Environment Variable: %USERPROFILE%\Desktop\*.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

Invalid Environment Variable: %USERPROFILE%\My Documents\*.exe

Invalid Environment Variable: %USERPROFILE%\*.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/03/03 02:55:19 | 000,149,504 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2011/02/22 19:06:28 | 011,080,704 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2011/02/22 19:06:28 | 001,991,680 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 20:12:00 | 000,274,944 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 20:12:02 | 000,067,072 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2011/01/21 10:44:37 | 008,462,336 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/08/06 09:03:55 | 000,000,000 | -H-D | M] -- C:\Program Files\AAdvantage eShoppingSM Toolbar
[2010/08/14 16:59:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Adobe
[2006/03/04 23:58:07 | 000,000,000 | -H-D | M] -- C:\Program Files\AIM
[2005/11/11 13:09:01 | 000,000,000 | -H-D | M] -- C:\Program Files\AOD
[2005/12/01 19:24:09 | 000,000,000 | -H-D | M] -- C:\Program Files\AOL
[2008/08/23 14:43:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Apple Software Update
[2006/03/25 14:38:41 | 000,000,000 | -H-D | M] -- C:\Program Files\ArcSoft
[2011/03/08 07:53:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Ask.com
[2008/02/29 00:36:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Bible Explorer 4
[2011/05/27 20:23:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Bonjour
[2010/07/25 21:42:34 | 000,000,000 | -H-D | M] -- C:\Program Files\CA
[2007/08/21 12:43:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Cakewalk
[2011/05/18 23:28:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Canon
[2007/10/20 12:33:16 | 000,000,000 | -H-D | M] -- C:\Program Files\CDKnet
[2010/12/27 21:46:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Common Files
[2004/08/19 17:02:56 | 000,000,000 | -H-D | M] -- C:\Program Files\ComPlus Applications
[2011/05/15 08:46:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Conduit
[2011/05/15 08:46:04 | 000,000,000 | -H-D | M] -- C:\Program Files\ConduitEngine
[2010/08/07 10:29:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Coupons
[2005/10/23 10:34:49 | 000,000,000 | -H-D | M] -- C:\Program Files\CyberLink
[2005/10/23 10:46:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell
[2009/05/19 20:31:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell A920
[2009/08/21 12:00:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell AIO Printer A920
[2008/02/03 02:41:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell Support Center
[2007/04/11 20:50:15 | 000,000,000 | -H-D | M] -- C:\Program Files\DellSupport
[2010/09/12 13:22:52 | 000,000,000 | -H-D | M] -- C:\Program Files\DIFX
[2007/08/28 12:41:31 | 000,000,000 | -H-D | M] -- C:\Program Files\DigiTech
[2008/02/28 08:11:19 | 000,000,000 | -H-D | M] -- C:\Program Files\e-Sword
[2005/10/23 10:38:40 | 000,000,000 | -H-D | M] -- C:\Program Files\EarthLink Setup
[2010/11/02 21:43:32 | 000,000,000 | -H-D | M] -- C:\Program Files\EasyGPS
[2007/09/24 22:06:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Encountering the New Testament 2
[2004/08/19 17:16:18 | 000,000,000 | -H-D | M] -- C:\Program Files\EnglishOtto
[2011/01/10 21:04:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Finale NotePad 2007
[2010/09/12 13:22:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Garmin
[2004/08/19 17:16:22 | 000,000,000 | -H-D | M] -- C:\Program Files\GemMaster
[2009/03/15 07:34:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Google
[2010/06/19 15:21:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Hanes T-ShirtMaker Premier
[2008/05/12 20:29:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Homestead
[2005/10/29 15:16:26 | 000,000,000 | -H-D | M] -- C:\Program Files\illiminable
[2011/01/21 06:30:52 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/10/23 10:34:35 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel
[2011/04/15 03:12:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Internet Explorer
[2005/10/23 10:39:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Intuit
[2010/09/03 15:52:54 | 000,000,000 | -H-D | M] -- C:\Program Files\iolo
[2011/05/07 10:24:18 | 000,000,000 | -H-D | M] -- C:\Program Files\iPod
[2010/11/01 18:02:43 | 000,000,000 | -H-D | M] -- C:\Program Files\ISSThirdParty
[2011/05/07 10:25:26 | 000,000,000 | -H-D | M] -- C:\Program Files\iTunes
[2010/09/10 07:28:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Java
[2010/05/22 13:34:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Kodak
[2008/02/29 00:35:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Laridian
[2005/10/23 10:38:33 | 000,000,000 | -H-D | M] -- C:\Program Files\Learn2.com
[2007/10/29 15:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Linksys
[2008/07/08 00:52:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Ludia
[2011/05/27 20:52:48 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/19 18:27:39 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee
[2009/08/19 18:27:37 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee.com
[2007/08/31 17:56:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Memorex exPressit Label Design Studio
[2008/08/13 18:18:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Messenger
[2008/11/06 13:14:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/02/22 18:39:55 | 000,000,000 | -H-D | M] -- C:\Program Files\microsoft frontpage
[2007/08/15 00:30:11 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Games
[2009/09/01 20:28:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Office
[2005/10/23 10:36:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/10/23 10:36:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/04/22 15:30:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Silverlight
[2008/11/05 00:06:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2005/12/01 22:05:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Streets and Trips
[2006/10/23 19:57:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft.NET
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem Helper
[2005/10/23 10:34:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem On Hold
[2010/08/11 17:36:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Movie Maker
[2007/02/27 23:36:03 | 000,000,000 | -H-D | M] -- C:\Program Files\Mozilla Firefox
[2011/05/15 08:43:26 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket
[2011/05/15 07:02:12 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket FileBulldog Toolbar
[2009/08/21 21:35:33 | 000,000,000 | -H-D | M] -- C:\Program Files\MSBuild
[2009/09/01 20:28:19 | 000,000,000 | -H-D | M] -- C:\Program Files\MSECache
[2009/01/06 19:43:37 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN
[2004/08/19 17:01:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/26 20:53:36 | 000,000,000 | -H-D | M] -- C:\Program Files\MSXML 4.0
[2008/11/13 22:39:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MUSICMATCH
[2009/02/28 19:53:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MySpace
[2008/07/24 20:15:49 | 000,000,000 | -H-D | M] -- C:\Program Files\NetMeeting
[2008/07/25 08:20:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Oberon Media
[2006/10/23 20:26:26 | 000,000,000 | -H-D | M] -- C:\Program Files\OfficeUpdate11
[2004/08/19 17:02:42 | 000,000,000 | -H-D | M] -- C:\Program Files\Online Services
[2010/12/16 04:01:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Outlook Express
[2011/01/27 08:06:43 | 000,000,000 | -H-D | M] -- C:\Program Files\Palm
[2006/03/25 14:29:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Panasonic
[2007/09/21 18:18:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Parsons
[2011/05/13 22:03:03 | 000,000,000 | -H-D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2008/04/06 19:10:45 | 000,000,000 | -H-D | M] -- C:\Program Files\PIXELA
[2007/08/28 12:57:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Pro Tracks
[2010/12/18 10:21:05 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickTime
[2010/12/10 14:28:48 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickVerse 2006
[2011/05/15 08:46:01 | 000,000,000 | -H-D | M] -- C:\Program Files\quixley_v2
[2005/10/23 10:38:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Real
[2009/08/21 21:35:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Reference Assemblies
[2004/08/19 17:20:24 | 000,000,000 | -H-D | M] -- C:\Program Files\RGB
[2008/11/01 08:41:09 | 000,000,000 | RH-D | M] -- C:\Program Files\rnamfler
[2011/05/07 10:14:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Safari
[2005/10/23 10:32:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Sigmatel
[2008/10/14 09:57:19 | 000,000,000 | -H-D | M] -- C:\Program Files\SiteAdvisor
[2008/12/20 17:54:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Softouch
[2011/05/15 07:02:07 | 000,000,000 | -H-D | M] -- C:\Program Files\somototoolbar
[2005/10/23 10:39:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Sonic
[2010/12/27 21:45:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony
[2008/04/06 19:08:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Corporation
[2010/12/27 21:41:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Media Go Install
[2010/08/06 14:11:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Symantec
[2005/11/06 14:35:09 | 000,000,000 | -H-D | M] -- C:\Program Files\TabIt
[2006/08/09 21:24:31 | 000,000,000 | -H-D | M] -- C:\Program Files\The Weather Channel FW
[2005/10/29 15:21:36 | 000,000,000 | -H-D | M] -- C:\Program Files\TrueSwitch
[2008/07/08 00:52:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Trymedia
[2011/01/29 11:02:25 | 000,000,000 | -H-D | M] -- C:\Program Files\TurboTax
[2004/08/19 17:14:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/03 00:11:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Universal
[2009/09/03 00:12:14 | 000,000,000 | -H-D | M] -- C:\Program Files\VersalSoft
[2007/04/14 14:13:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Viewpoint
[2009/07/05 15:55:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Virtual Earth 3D
[2008/04/12 22:16:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Visual Bible The Birth of Jesus_The Story Behind the Cross
[2005/10/23 10:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files\WebCyberCoach
[2006/06/20 23:53:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WildTangent
[2008/11/13 23:03:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Live Toolbar
[2010/12/27 21:44:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Media Player
[2008/07/24 20:15:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows NT
[2004/08/19 17:02:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Plus
[2009/08/23 16:39:24 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Sidebar
[2004/08/19 17:05:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/10/23 10:41:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WordPerfect Office 12
[2007/06/16 19:08:10 | 000,000,000 | -H-D | M] -- C:\Program Files\WSfonts
[2004/08/19 17:07:50 | 000,000,000 | -H-D | M] -- C:\Program Files\xerox
[2010/02/18 00:55:53 | 000,000,000 | -H-D | M] -- C:\Program Files\Yahoo!
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Yapta
[2005/10/23 10:37:32 | 000,000,000 | -H-D | M] -- C:\Program Files\Your Company Name
[2009/08/21 14:54:27 | 000,000,000 | -H-D | M] -- C:\Program Files\ZyXEL Communications Corporation


< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< CREATERESTOREPOINT >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)


========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Hi,

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

• Click on Yes, to continue scanning for malware.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
  

hi,
i'm only able to do anything on the pc with the otl booting up first from the disc. I don't think any antivirus programs can run with this, can they? anyway, i didn't know how to disable them if they were. so i copied the commy, and the text, run, ok....got a popup asking if i agreed to the terms of combofix, i said agree, and immediately got another popup saying "Combofix error opening file for writing: x:\32788r22fwjfw\023.dat click abort to stop the installation,retry to try again, or ignore to skip this file..i tried ignore, and then another one popped up, this time 023.datx, and then many more, so i aborted..

Try running this:

Please download Malwarebytes Anti-Malware from Here.


Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

hi, unfortunately i'm still getting an error about drive x...
x:\i386\system32\drivers\mbamswissarmy.sys
An error occurred while trying to create a file in the destination directory: access is denied
i had to abort

Are you not able to boot into Windows regularly at all?

no, the windows login screen comes on (where i can click my user name), but the mouse won't work...not in safe mode or regular..

Hi,

Please re-run OTL once again.

ok, i reran otlpe from the disk...inserted the fix code from the "read this before posting" section of the site...there was no extras.txt output, but here is the otl.txt output:
OTL logfile created on: 7/4/2011 8:15:01 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.48 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive J: | 7.45 Gb Total Space | 6.49 Gb Free Space | 87.15% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {0430454D-47EA-11D6-AD58-00010333D0AD} - Yahoo! Import WAB
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - WXcom Class
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - YbUploadFavsCtl Class
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{64A10DCF-7FF1-4600-9824-DE0BCC2AA72E} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2011/06/05 15:14:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/25 01:48:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/25 01:48:39 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/25 01:45:33 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/25 01:47:01 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Custom Scans ==========


Invalid Environment Variable: %APPDATA%\Microsoft\*.*

< %systemroot%\system32\config\systemprofile\*.dat /x >

Invalid Environment Variable: %USERPROFILE%\Desktop\*.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

Invalid Environment Variable: %USERPROFILE%\My Documents\*.exe

Invalid Environment Variable: %USERPROFILE%\*.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/03/03 02:55:19 | 000,149,504 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2011/02/22 19:06:28 | 011,080,704 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2011/02/22 19:06:28 | 001,991,680 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 20:12:00 | 000,274,944 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 20:12:02 | 000,067,072 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2011/01/21 10:44:37 | 008,462,336 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/08/06 09:03:55 | 000,000,000 | -H-D | M] -- C:\Program Files\AAdvantage eShoppingSM Toolbar
[2010/08/14 16:59:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Adobe
[2006/03/04 23:58:07 | 000,000,000 | -H-D | M] -- C:\Program Files\AIM
[2005/11/11 13:09:01 | 000,000,000 | -H-D | M] -- C:\Program Files\AOD
[2005/12/01 19:24:09 | 000,000,000 | -H-D | M] -- C:\Program Files\AOL
[2008/08/23 14:43:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Apple Software Update
[2006/03/25 14:38:41 | 000,000,000 | -H-D | M] -- C:\Program Files\ArcSoft
[2011/03/08 07:53:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Ask.com
[2008/02/29 00:36:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Bible Explorer 4
[2011/05/27 20:23:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Bonjour
[2010/07/25 21:42:34 | 000,000,000 | -H-D | M] -- C:\Program Files\CA
[2007/08/21 12:43:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Cakewalk
[2011/05/18 23:28:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Canon
[2007/10/20 12:33:16 | 000,000,000 | -H-D | M] -- C:\Program Files\CDKnet
[2010/12/27 21:46:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Common Files
[2004/08/19 17:02:56 | 000,000,000 | -H-D | M] -- C:\Program Files\ComPlus Applications
[2011/05/15 08:46:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Conduit
[2011/05/15 08:46:04 | 000,000,000 | -H-D | M] -- C:\Program Files\ConduitEngine
[2010/08/07 10:29:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Coupons
[2005/10/23 10:34:49 | 000,000,000 | -H-D | M] -- C:\Program Files\CyberLink
[2005/10/23 10:46:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell
[2009/05/19 20:31:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell A920
[2009/08/21 12:00:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell AIO Printer A920
[2008/02/03 02:41:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell Support Center
[2007/04/11 20:50:15 | 000,000,000 | -H-D | M] -- C:\Program Files\DellSupport
[2010/09/12 13:22:52 | 000,000,000 | -H-D | M] -- C:\Program Files\DIFX
[2007/08/28 12:41:31 | 000,000,000 | -H-D | M] -- C:\Program Files\DigiTech
[2008/02/28 08:11:19 | 000,000,000 | -H-D | M] -- C:\Program Files\e-Sword
[2005/10/23 10:38:40 | 000,000,000 | -H-D | M] -- C:\Program Files\EarthLink Setup
[2010/11/02 21:43:32 | 000,000,000 | -H-D | M] -- C:\Program Files\EasyGPS
[2007/09/24 22:06:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Encountering the New Testament 2
[2004/08/19 17:16:18 | 000,000,000 | -H-D | M] -- C:\Program Files\EnglishOtto
[2011/01/10 21:04:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Finale NotePad 2007
[2010/09/12 13:22:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Garmin
[2004/08/19 17:16:22 | 000,000,000 | -H-D | M] -- C:\Program Files\GemMaster
[2009/03/15 07:34:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Google
[2010/06/19 15:21:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Hanes T-ShirtMaker Premier
[2008/05/12 20:29:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Homestead
[2005/10/29 15:16:26 | 000,000,000 | -H-D | M] -- C:\Program Files\illiminable
[2011/01/21 06:30:52 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/10/23 10:34:35 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel
[2011/04/15 03:12:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Internet Explorer
[2005/10/23 10:39:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Intuit
[2010/09/03 15:52:54 | 000,000,000 | -H-D | M] -- C:\Program Files\iolo
[2011/05/07 10:24:18 | 000,000,000 | -H-D | M] -- C:\Program Files\iPod
[2010/11/01 18:02:43 | 000,000,000 | -H-D | M] -- C:\Program Files\ISSThirdParty
[2011/05/07 10:25:26 | 000,000,000 | -H-D | M] -- C:\Program Files\iTunes
[2010/09/10 07:28:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Java
[2010/05/22 13:34:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Kodak
[2008/02/29 00:35:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Laridian
[2005/10/23 10:38:33 | 000,000,000 | -H-D | M] -- C:\Program Files\Learn2.com
[2007/10/29 15:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Linksys
[2008/07/08 00:52:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Ludia
[2011/05/27 20:52:48 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/25 01:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2009/08/19 18:27:39 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee
[2009/08/19 18:27:37 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee.com
[2007/08/31 17:56:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Memorex exPressit Label Design Studio
[2008/08/13 18:18:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Messenger
[2008/11/06 13:14:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/02/22 18:39:55 | 000,000,000 | -H-D | M] -- C:\Program Files\microsoft frontpage
[2007/08/15 00:30:11 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Games
[2009/09/01 20:28:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Office
[2005/10/23 10:36:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/10/23 10:36:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/04/22 15:30:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Silverlight
[2008/11/05 00:06:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2005/12/01 22:05:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Streets and Trips
[2006/10/23 19:57:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft.NET
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem Helper
[2005/10/23 10:34:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem On Hold
[2010/08/11 17:36:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Movie Maker
[2007/02/27 23:36:03 | 000,000,000 | -H-D | M] -- C:\Program Files\Mozilla Firefox
[2011/05/15 08:43:26 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket
[2011/05/15 07:02:12 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket FileBulldog Toolbar
[2009/08/21 21:35:33 | 000,000,000 | -H-D | M] -- C:\Program Files\MSBuild
[2009/09/01 20:28:19 | 000,000,000 | -H-D | M] -- C:\Program Files\MSECache
[2009/01/06 19:43:37 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN
[2004/08/19 17:01:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/26 20:53:36 | 000,000,000 | -H-D | M] -- C:\Program Files\MSXML 4.0
[2008/11/13 22:39:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MUSICMATCH
[2009/02/28 19:53:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MySpace
[2008/07/24 20:15:49 | 000,000,000 | -H-D | M] -- C:\Program Files\NetMeeting
[2008/07/25 08:20:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Oberon Media
[2006/10/23 20:26:26 | 000,000,000 | -H-D | M] -- C:\Program Files\OfficeUpdate11
[2004/08/19 17:02:42 | 000,000,000 | -H-D | M] -- C:\Program Files\Online Services
[2010/12/16 04:01:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Outlook Express
[2011/01/27 08:06:43 | 000,000,000 | -H-D | M] -- C:\Program Files\Palm
[2006/03/25 14:29:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Panasonic
[2007/09/21 18:18:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Parsons
[2011/05/13 22:03:03 | 000,000,000 | -H-D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2008/04/06 19:10:45 | 000,000,000 | -H-D | M] -- C:\Program Files\PIXELA
[2007/08/28 12:57:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Pro Tracks
[2010/12/18 10:21:05 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickTime
[2010/12/10 14:28:48 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickVerse 2006
[2011/05/15 08:46:01 | 000,000,000 | -H-D | M] -- C:\Program Files\quixley_v2
[2005/10/23 10:38:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Real
[2009/08/21 21:35:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Reference Assemblies
[2004/08/19 17:20:24 | 000,000,000 | -H-D | M] -- C:\Program Files\RGB
[2008/11/01 08:41:09 | 000,000,000 | RH-D | M] -- C:\Program Files\rnamfler
[2011/05/07 10:14:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Safari
[2005/10/23 10:32:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Sigmatel
[2008/10/14 09:57:19 | 000,000,000 | -H-D | M] -- C:\Program Files\SiteAdvisor
[2008/12/20 17:54:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Softouch
[2011/05/15 07:02:07 | 000,000,000 | -H-D | M] -- C:\Program Files\somototoolbar
[2005/10/23 10:39:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Sonic
[2010/12/27 21:45:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony
[2008/04/06 19:08:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Corporation
[2010/12/27 21:41:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Media Go Install
[2010/08/06 14:11:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Symantec
[2005/11/06 14:35:09 | 000,000,000 | -H-D | M] -- C:\Program Files\TabIt
[2006/08/09 21:24:31 | 000,000,000 | -H-D | M] -- C:\Program Files\The Weather Channel FW
[2005/10/29 15:21:36 | 000,000,000 | -H-D | M] -- C:\Program Files\TrueSwitch
[2008/07/08 00:52:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Trymedia
[2011/01/29 11:02:25 | 000,000,000 | -H-D | M] -- C:\Program Files\TurboTax
[2004/08/19 17:14:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/03 00:11:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Universal
[2009/09/03 00:12:14 | 000,000,000 | -H-D | M] -- C:\Program Files\VersalSoft
[2007/04/14 14:13:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Viewpoint
[2009/07/05 15:55:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Virtual Earth 3D
[2008/04/12 22:16:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Visual Bible The Birth of Jesus_The Story Behind the Cross
[2005/10/23 10:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files\WebCyberCoach
[2006/06/20 23:53:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WildTangent
[2008/11/13 23:03:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Live Toolbar
[2010/12/27 21:44:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Media Player
[2008/07/24 20:15:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows NT
[2004/08/19 17:02:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Plus
[2009/08/23 16:39:24 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Sidebar
[2004/08/19 17:05:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/10/23 10:41:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WordPerfect Office 12
[2007/06/16 19:08:10 | 000,000,000 | -H-D | M] -- C:\Program Files\WSfonts
[2004/08/19 17:07:50 | 000,000,000 | -H-D | M] -- C:\Program Files\xerox
[2010/02/18 00:55:53 | 000,000,000 | -H-D | M] -- C:\Program Files\Yahoo!
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Yapta
[2005/10/23 10:37:32 | 000,000,000 | -H-D | M] -- C:\Program Files\Your Company Name
[2009/08/21 14:54:27 | 000,000,000 | -H-D | M] -- C:\Program Files\ZyXEL Communications Corporation


< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< CREATERESTOREPOINT >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Hi,

Please download aswMBR from here

• Save aswMBR.exe to your Desktop
  
• Double click aswMBR.exe to run it
  
• Click the Scan button to start the scan as illustrated below
  

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

• Once the scan finishes click Save log to save the log to your Desktop
  
  
  
• Copy and paste the contents of aswMBR.txt back here for review
  

Hi,
I downloaded the aswmbr to my thumb drive (from my laptop which works), then put the thumb drive into the pc, copied the file to the desktop and doubleclicked. It says:
os version windows: 5.1.2600
number of processors:1 586 0x403
computer name : REATOGO username: system
initialize error 0
AVAST engine download error: 0

I can still hit the scan button, but with the initialize error, i don't know if it gives the desired results.

here is the log:
aswMBR version 0.9.7.705 Copyright(c) 2011 AVAST Software
Run date: 2011-07-07 08:38:15
-----------------------------
08:38:15.812 OS Version: Windows 5.1.2600
08:38:15.812 Number of processors: 1 586 0x403
08:38:15.812 ComputerName: REATOGO UserName: SYSTEM
08:38:15.953 Initialze error 0
08:38:19.343 AVAST engine download error: 0
08:42:41.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
08:42:41.250 Disk 0 Vendor: ST3160023AS 8.12 Size: 152587MB BusType: 3
08:42:43.281 Disk 0 MBR read successfully
08:42:43.281 Disk 0 MBR scan
08:42:43.296 Disk 0 unknown MBR code
08:42:45.312 Disk 0 scanning sectors +312496380
08:42:45.343 Disk 0 scanning X:\i386\system32\drivers
08:42:45.359 Service scanning
08:42:55.515 Disk 0 trace - called modules:
08:42:55.531 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys halaacpi.dll pciide.sys PCIIDEX.SYS
08:42:55.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b2b76a0]
08:42:55.578 3 CLASSPNP.SYS[f74e805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8b36ab00]
08:42:55.593 Scan finished successfully
08:43:27.890 Disk 0 MBR has been saved successfully to "B:\Documents and Settings\Default User\Desktop\MBR.dat"
08:43:27.921 The log file has been saved successfully to "B:\Documents and Settings\Default User\Desktop\aswMBR.txt"

Hi,

Please download TDSSKiller from here and save it to your Desktop.

• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

ok, I downloaded the tsskiller to my thumbdrive on the laptop, started up the pc using the otlpe disk, (reatogo starts up), copy the tsskiller to the desktop with the thumbdrive, and then doubleclick....first i get a warning "can't initialize log", i say ok, then error "can't load driver", i say ok, tdsskiller comes up, i hit scan, it says scan completed, processed 6 objects, infection not found, i hit close, then the tdsskiller comes up again, but report is greyed out, so i can only close it. I don't see any log or output on the c drive.

I think the problem is that since i can only start up the pc using the otlpe disk, none of the scans are looking into my entire pc, but only working off what's available from the reatogo thing. Am I supposed to do something to get to my regular desktop once i use the otlpe disc to start?

Hi,

Yeah, but let's try this.

Download and run SafeBootKeyRepair-CF from: BleepingComputer.com

It will take only a moment for it to run. If it produces a log, please post it in your next reply.

Does Safe Mode work now?

Hi, it didn't run...application errror: "the exception unknown software exception (0x0eedfade) occurred in the application at location 0x7c81eb33"

Hi,

Could you please re-run OTL one more time? I'm going to fix it so you can boot with that.

ok, i just reran the otlpe that is on the disk i use to start up the reatogo...didn't change any settings or anything. Here is the log:
OTL logfile created on: 7/11/2011 9:18:36 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 16:50:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/10 13:06:01 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Hi,

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
  DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
  O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
  O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
  O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
  O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
  O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
  O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
  O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
  O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
  O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
  O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
  O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
  O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
  O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
  O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
  O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
  O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
  O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
  
  :Files
  ipconfig /flushdns /c
  C:\WINDOWS\System32\mkghj.dll
  C:\WINDOWS\System32\cfgmig32.dll
  C:\Documents and Settings\All Users\Application Data\hOdMj05700
  C:\Documents and Settings\All Users\Application Data\MCA219.tmp
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  "Userinit"="C:\Windows\System32\userinit.exe,"
  
  :commands
  [emptytemp]
  [resethosts]
  
  
  
• Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Hi, i copied otl.exe and otl.com (same?) via the thumbdrive to the desktop, but they wouldn't start (error message: unable to locate component...application failed to start because framdyn.dll was not found ). So I ran otlpe, added the fixes, ran fix, and copied the resulting txt file (below)...but i think i screwed up, because then another txt file popped up and i lost that one...i tried to rerun everything, but i'm not sure what i lost. here is the first txt:
OTL logfile created on: 7/12/2011 6:43:35 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.45 Gb Total Space | 5.64 Gb Free Space | 75.76% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:42 | 000,000,053 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/07/10 18:47:55 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 16:50:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/10 13:06:01 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

ps - -i tried to rerun everything, but the screen just hung...so i turned off the pc and tried the whole thing over again...this time it said the scan was complete...here is the log:
========== OTL ==========
Service\Driver key 24185 not found.
File C:\WINDOWS\system32\drivers\24185 not found.
Service\Driver key 19757 not found.
File C:\WINDOWS\system32\drivers\19757 not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\bdWruSduNKKJP not found.
Registry value HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop not found.
Registry value HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
Starting removal of ActiveX control {0CCA191D-13A6-4E29-B746-314DEE697D83}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Starting removal of ActiveX control {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Starting removal of ActiveX control {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Starting removal of ActiveX control {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Starting removal of ActiveX control {8100D56A-5661-482C-BEE8-AFECE305D968}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {B8BE5E93-A60C-4D26-A2DC-220313175592}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {FFFFFFFF-CACE-BABE-BABE-00AA0055595A}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
File\Folder C:\WINDOWS\System32\mkghj.dll not found.
File\Folder C:\WINDOWS\System32\cfgmig32.dll not found.
File\Folder C:\Documents and Settings\All Users\Application Data\hOdMj05700 not found.
File\Folder C:\Documents and Settings\All Users\Application Data\MCA219.tmp not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\Windows\System32\userinit.exe," /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Application Data

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DIANE BLUMENFIELD
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jesse
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nikko
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: PAUL NEWMAN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33023 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

Total Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.46.0 log created on 07122011_201607

Are you able to boot into Windows now?

no, once again, if i try to boot normally into windows, the keyboard and mouse both freeze and i can't do anything. maybe i'm doing something wrong. when i try to boot normally, I go to boot sequence and set the "onboard SATA Hard drive" as first, followed by the "onboard or usb cd-rom drive". When i boot from the reatogo disc, i switch that order. The other things listed there are "usb device", "onboard IDE hard drive", and "onboard or usb floppy drive" all which say
"not present"
should i be changing something else?

ps- when i go into setup mode to change the boot sequence, the keyboard works, but not the mouse....when i go into regular startup, neither mouse nor keyboard work

This has got me kinda stumped. Let me call for back up and get some second opinions.

thanks very much!!

In the mean-time, could you please re-run OTL?

hi, i've tried to post this 3 times and don't see it showing up, so forgive me if you end up seeing the same message again and again!
just to be sure i'm doing this right, i am using the otlpe that is on the desktop of the reatogo once i boot with the disk....i don't change any settings or add any fix code...is this correct? thanks

You'll have to split it into multiple posts, then. Just make two seperate posts.

oh, no, I just meant that i was trying to post this question below 3 times:
just to be sure i'm doing this right, i am using the otlpe that is on the desktop of the reatogo once i boot with the disk....i don't change any settings or add any fix code...is this correct? thanks.

i will assume that the above is what you want me to do - let me know if not.
btw, i'm running otlpe version 3.1.46.0

OTL logfile created on: 7/16/2011 1:11:49 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 99.41 Gb Free Space | 68.88% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]


O1 HOSTS File: ([2011/07/12 20:16:21 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/12 18:49:15 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/13 19:58:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/13 19:56:22 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/13 19:56:15 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Yes, you're doing it correct.

What happens when you boot into Last Known Good Configuration instead of Safe Mode? Have you tried it? If not, then please try it. Also, have you installed the Recovery Console?

hi, yes, i have tried last known...same problem
i've just loaded the windows recovery console from the originally supplied windows xp disk...and i now have the command prompt...what do i do now?

I'm having sort of a writers block at the moment. Let me try and ask again.

ok, thanks...i hope this will work! my husband is ready to junk the pc and buy a new one!