tried to remove fake windows security, now usb won't work

3 posters

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Technical Support

bump18th June 2011, 8:29 pm

Hi, it's even worse now...I tried to run the otlpe from the disc and now it says "missing operating system" and just sits there

Re: tried to remove fake windows security, now usb won't work21st June 2011, 3:41 am

Hi,

So you can't boot with OTLPE anymore? Try re-downloading it.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work22nd June 2011, 2:49 am

Ok, I was able to load and run the otl again. The first time I ran it, I was instructed to change drivers to "non-microsoft", but the only options were "none", "all", "use safelist". That time I chose "none" and posted that log. This time I ran it choosing "safelist". Here is the log:
OTL logfile created on: 6/21/2011 11:43:24 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 101.73 Gb Free Space | 70.49% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.42 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 15:14:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/27 23:22:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BVRP Software
[2011/05/27 23:21:29 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2366736.sys
[2011/05/27 23:21:29 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667361.sys
[2011/05/27 23:21:29 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667362.sys
[2011/05/27 23:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1
[2011/05/27 23:18:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/27 23:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/27 18:42:58 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\6435323.sys
[2011/05/27 18:42:58 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353231.sys
[2011/05/27 18:42:58 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353232.sys
[2011/05/27 18:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool
[2011/05/26 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Malwarebytes
[2011/05/26 21:03:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/26 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/26 21:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/26 21:03:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/25 09:49:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Recent
[2011/05/25 08:17:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Start Menu\Programs\Windows XP Recovery
[2011/05/24 20:55:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\_paul cat scans april 2011
[2011/05/24 20:53:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\My Documents\paul 2011 ct scans
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/18 14:31:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/06/18 12:57:10 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/30 18:42:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/05/27 23:23:34 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/27 20:52:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:51 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/26 18:28:32 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/26 09:12:20 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/25 18:40:38 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:25:16 | 000,000,400 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/25 08:17:49 | 000,000,819 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZyXEL PLA-4xx Series Configuration
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WordPerfect Office 12
[2011/05/25 06:57:01 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2010
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TabIt
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickVerse 2006
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickBooks
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm Desktop
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem On Hold
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem Helper
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memorex exPressit Label Design Studio
[2011/05/25 06:56:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Desktop
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Finale NotePad 2007
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\e-Sword
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Encountering The New Testament 2
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EasyWorship
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Games
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon PIXMA iP3000 Manual
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bible Explorer 4
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Software Suite
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft MediaImpression for Kodak
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2011/05/24 20:22:10 | 005,139,129 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/05/24 00:01:43 | 000,995,548 | -H-- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/05/24 00:01:43 | 000,907,041 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/05/24 00:01:43 | 000,021,123 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/05/24 00:01:43 | 000,000,533 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/27 23:14:24 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/27 20:52:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 18:45:22 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/26 21:03:51 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/26 18:28:32 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/25 18:56:51 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:17:49 | 000,000,819 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/24 20:22:10 | 005,139,129 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/05/30 18:42:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

ok, i followed the instructions on the "read this before posting" page 23rd June 2011, 1:03 am

included below are the otl log, otl text, aswmbr txt log, and checkup.txt

otl log:
========== OTL ==========
File C:\WINDOWS\System32\drivers\7582 not found.
File C:\WINDOWS\System32\drivers\jvvkws.sys not found.
File C:\WINDOWS\System32\drivers\aaain.sys not found.
File C:\WINDOWS\System32\drivers\qiofkd.sys not found.
File C:\Documents and Settings\Jesse\Application Data\mfwxgh.dat not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\completescan not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\start not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\install not found.
File C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\15825.bat not found.

OTLPE by OldTimer - Version 3.1.46.0 log created on 06222011_204148

otl txt: (attached file)

aswmbr txt log:
aswMBR version 0.9.5.317 Copyright(c) 2011 AVAST Software
Run date: 2011-06-22 21:43:00
-----------------------------
21:43:00.828 OS Version: Windows 5.1.2600
21:43:00.828 Number of processors: 1 586 0x403
21:43:00.828 ComputerName: REATOGO UserName: SYSTEM
21:43:01.109 Initialze error 0
21:44:38.906 The log file has been saved successfully to "K:\aswMBR.txt"

checkup.txt:
Results of screen317's Security Check version 0.99.15
Windows XP
Out of date service pack!!
Internet Explorer 6 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
```````````````````````````````
Anti-malware/Other Utilities Check:
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````

otl.txt and comment on security check23rd June 2011, 1:09 am

Ps - when I ran the security check, i got a pop up box that said "Auto It Error...Line -1:
Error: variable must be of type "object"....i clicked ok, and then got the checkup.txt output (included in my previous post)

I was not able to put the entire otl.txt here, and it would not let me attach the file, so here is the first part of the otl.txt...the second part will be in the next post

otl.txt
OTL logfile created on: 6/22/2011 9:17:23 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.42 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive K: | 7.45 Gb Total Space | 6.51 Gb Free Space | 87.33% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {0430454D-47EA-11D6-AD58-00010333D0AD} - Yahoo! Import WAB
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - WXcom Class
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - YbUploadFavsCtl Class
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{64A10DCF-7FF1-4600-9824-DE0BCC2AA72E} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/05 15:14:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/27 23:22:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\BVRP Software
[2011/05/27 23:21:29 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\2366736.sys
[2011/05/27 23:21:29 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667361.sys
[2011/05/27 23:21:29 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\23667362.sys
[2011/05/27 23:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1
[2011/05/27 23:18:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/05/27 23:18:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/05/27 18:42:58 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\6435323.sys
[2011/05/27 18:42:58 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353231.sys
[2011/05/27 18:42:58 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\64353232.sys
[2011/05/27 18:42:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool
[2011/05/26 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Malwarebytes
[2011/05/26 21:03:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/26 21:03:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/26 21:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/26 21:03:05 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/25 09:49:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Recent
[2011/05/25 08:17:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\Start Menu\Programs\Windows XP Recovery
[2011/05/24 20:55:21 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\_paul cat scans april 2011
[2011/05/24 20:53:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\PAUL NEWMAN\My Documents\paul 2011 ct scans
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

Re: tried to remove fake windows security, now usb won't work23rd June 2011, 1:10 am

========== Files - Modified Within 30 Days ==========

[2011/06/22 20:05:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/22 20:04:22 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/06/22 20:01:23 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/05/27 23:23:34 | 000,002,418 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/27 20:52:47 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/27 20:52:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/26 21:03:51 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:07 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/26 18:28:32 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/26 09:12:20 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/25 18:40:38 | 001,007,108 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:25:16 | 000,000,400 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/25 08:17:49 | 000,000,819 | -H-- | M] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZyXEL PLA-4xx Series Configuration
[2011/05/25 06:57:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WordPerfect Office 12
[2011/05/25 06:57:01 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Digital Media Enhancements
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2010
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\TabIt
[2011/05/25 06:57:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sonic
[2011/05/25 06:57:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickVerse 2006
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/05/25 06:56:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickBooks
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm Desktop
[2011/05/25 06:56:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Palm
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem On Hold
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Modem Helper
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Tools
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
[2011/05/25 06:56:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Memorex exPressit Label Design Studio
[2011/05/25 06:56:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel Network Adapters
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Desktop
[2011/05/25 06:56:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Garmin
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Finale NotePad 2007
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\e-Sword
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Encountering The New Testament 2
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EasyWorship
[2011/05/25 06:56:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support Center
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Support
[2011/05/25 06:56:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Games
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell Accessories
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Dell
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon PIXMA iP3000 Manual
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Bible Explorer 4
[2011/05/25 06:56:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Software Suite
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/05/25 06:56:52 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft MediaImpression for Kodak
[2011/05/25 06:56:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\ArcSoft Connect
[2011/05/24 20:22:10 | 005,139,129 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/05/24 00:01:43 | 000,995,548 | -H-- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/05/24 00:01:43 | 000,907,041 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2011/05/24 00:01:43 | 000,021,123 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2011/05/24 00:01:43 | 000,000,533 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2011/05/24 00:01:43 | 000,000,285 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2011/05/24 00:01:43 | 000,000,085 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2011/05/24 00:01:43 | 000,000,049 | -H-- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/22 20:49:35 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/27 23:14:24 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rkill.scr
[2011/05/27 20:52:47 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/27 18:45:22 | 000,002,418 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk
[2011/05/26 21:03:51 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/05/26 21:03:51 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/26 18:28:32 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.com
[2011/05/25 18:56:51 | 001,007,108 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\rkill.scr
[2011/05/25 08:17:49 | 000,000,819 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Desktop\Windows XP Recovery.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/05/24 20:22:10 | 005,139,129 | -H-- | C] () -- C:\Documents and Settings\All Users\Documents\paul medical records as of may 23 2011.pdf
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========

========== Custom Scans ==========

Invalid Environment Variable: %APPDATA%\Microsoft\*.*

< %systemroot%\system32\config\systemprofile\*.dat /x >

Invalid Environment Variable: %USERPROFILE%\Desktop\*.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

Invalid Environment Variable: %USERPROFILE%\My Documents\*.exe

Invalid Environment Variable: %USERPROFILE%\*.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/03/03 02:55:19 | 000,149,504 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2011/02/22 19:06:28 | 011,080,704 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2011/02/22 19:06:28 | 001,991,680 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 20:12:00 | 000,274,944 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 20:12:02 | 000,067,072 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2011/01/21 10:44:37 | 008,462,336 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/08/06 09:03:55 | 000,000,000 | -H-D | M] -- C:\Program Files\AAdvantage eShoppingSM Toolbar
[2010/08/14 16:59:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Adobe
[2006/03/04 23:58:07 | 000,000,000 | -H-D | M] -- C:\Program Files\AIM
[2005/11/11 13:09:01 | 000,000,000 | -H-D | M] -- C:\Program Files\AOD
[2005/12/01 19:24:09 | 000,000,000 | -H-D | M] -- C:\Program Files\AOL
[2008/08/23 14:43:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Apple Software Update
[2006/03/25 14:38:41 | 000,000,000 | -H-D | M] -- C:\Program Files\ArcSoft
[2011/03/08 07:53:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Ask.com
[2008/02/29 00:36:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Bible Explorer 4
[2011/05/27 20:23:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Bonjour
[2010/07/25 21:42:34 | 000,000,000 | -H-D | M] -- C:\Program Files\CA
[2007/08/21 12:43:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Cakewalk
[2011/05/18 23:28:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Canon
[2007/10/20 12:33:16 | 000,000,000 | -H-D | M] -- C:\Program Files\CDKnet
[2010/12/27 21:46:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Common Files
[2004/08/19 17:02:56 | 000,000,000 | -H-D | M] -- C:\Program Files\ComPlus Applications
[2011/05/15 08:46:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Conduit
[2011/05/15 08:46:04 | 000,000,000 | -H-D | M] -- C:\Program Files\ConduitEngine
[2010/08/07 10:29:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Coupons
[2005/10/23 10:34:49 | 000,000,000 | -H-D | M] -- C:\Program Files\CyberLink
[2005/10/23 10:46:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell
[2009/05/19 20:31:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell A920
[2009/08/21 12:00:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell AIO Printer A920
[2008/02/03 02:41:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell Support Center
[2007/04/11 20:50:15 | 000,000,000 | -H-D | M] -- C:\Program Files\DellSupport
[2010/09/12 13:22:52 | 000,000,000 | -H-D | M] -- C:\Program Files\DIFX
[2007/08/28 12:41:31 | 000,000,000 | -H-D | M] -- C:\Program Files\DigiTech
[2008/02/28 08:11:19 | 000,000,000 | -H-D | M] -- C:\Program Files\e-Sword
[2005/10/23 10:38:40 | 000,000,000 | -H-D | M] -- C:\Program Files\EarthLink Setup
[2010/11/02 21:43:32 | 000,000,000 | -H-D | M] -- C:\Program Files\EasyGPS
[2007/09/24 22:06:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Encountering the New Testament 2
[2004/08/19 17:16:18 | 000,000,000 | -H-D | M] -- C:\Program Files\EnglishOtto
[2011/01/10 21:04:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Finale NotePad 2007
[2010/09/12 13:22:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Garmin
[2004/08/19 17:16:22 | 000,000,000 | -H-D | M] -- C:\Program Files\GemMaster
[2009/03/15 07:34:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Google
[2010/06/19 15:21:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Hanes T-ShirtMaker Premier
[2008/05/12 20:29:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Homestead
[2005/10/29 15:16:26 | 000,000,000 | -H-D | M] -- C:\Program Files\illiminable
[2011/01/21 06:30:52 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/10/23 10:34:35 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel
[2011/04/15 03:12:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Internet Explorer
[2005/10/23 10:39:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Intuit
[2010/09/03 15:52:54 | 000,000,000 | -H-D | M] -- C:\Program Files\iolo
[2011/05/07 10:24:18 | 000,000,000 | -H-D | M] -- C:\Program Files\iPod
[2010/11/01 18:02:43 | 000,000,000 | -H-D | M] -- C:\Program Files\ISSThirdParty
[2011/05/07 10:25:26 | 000,000,000 | -H-D | M] -- C:\Program Files\iTunes
[2010/09/10 07:28:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Java
[2010/05/22 13:34:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Kodak
[2008/02/29 00:35:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Laridian
[2005/10/23 10:38:33 | 000,000,000 | -H-D | M] -- C:\Program Files\Learn2.com
[2007/10/29 15:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Linksys
[2008/07/08 00:52:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Ludia
[2011/05/27 20:52:48 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/19 18:27:39 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee
[2009/08/19 18:27:37 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee.com
[2007/08/31 17:56:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Memorex exPressit Label Design Studio
[2008/08/13 18:18:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Messenger
[2008/11/06 13:14:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/02/22 18:39:55 | 000,000,000 | -H-D | M] -- C:\Program Files\microsoft frontpage
[2007/08/15 00:30:11 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Games
[2009/09/01 20:28:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Office
[2005/10/23 10:36:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/10/23 10:36:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/04/22 15:30:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Silverlight
[2008/11/05 00:06:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2005/12/01 22:05:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Streets and Trips
[2006/10/23 19:57:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft.NET
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem Helper
[2005/10/23 10:34:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem On Hold
[2010/08/11 17:36:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Movie Maker
[2007/02/27 23:36:03 | 000,000,000 | -H-D | M] -- C:\Program Files\Mozilla Firefox
[2011/05/15 08:43:26 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket
[2011/05/15 07:02:12 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket FileBulldog Toolbar
[2009/08/21 21:35:33 | 000,000,000 | -H-D | M] -- C:\Program Files\MSBuild
[2009/09/01 20:28:19 | 000,000,000 | -H-D | M] -- C:\Program Files\MSECache
[2009/01/06 19:43:37 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN
[2004/08/19 17:01:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/26 20:53:36 | 000,000,000 | -H-D | M] -- C:\Program Files\MSXML 4.0
[2008/11/13 22:39:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MUSICMATCH
[2009/02/28 19:53:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MySpace
[2008/07/24 20:15:49 | 000,000,000 | -H-D | M] -- C:\Program Files\NetMeeting
[2008/07/25 08:20:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Oberon Media
[2006/10/23 20:26:26 | 000,000,000 | -H-D | M] -- C:\Program Files\OfficeUpdate11
[2004/08/19 17:02:42 | 000,000,000 | -H-D | M] -- C:\Program Files\Online Services
[2010/12/16 04:01:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Outlook Express
[2011/01/27 08:06:43 | 000,000,000 | -H-D | M] -- C:\Program Files\Palm
[2006/03/25 14:29:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Panasonic
[2007/09/21 18:18:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Parsons
[2011/05/13 22:03:03 | 000,000,000 | -H-D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2008/04/06 19:10:45 | 000,000,000 | -H-D | M] -- C:\Program Files\PIXELA
[2007/08/28 12:57:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Pro Tracks
[2010/12/18 10:21:05 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickTime
[2010/12/10 14:28:48 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickVerse 2006
[2011/05/15 08:46:01 | 000,000,000 | -H-D | M] -- C:\Program Files\quixley_v2
[2005/10/23 10:38:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Real
[2009/08/21 21:35:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Reference Assemblies
[2004/08/19 17:20:24 | 000,000,000 | -H-D | M] -- C:\Program Files\RGB
[2008/11/01 08:41:09 | 000,000,000 | RH-D | M] -- C:\Program Files\rnamfler
[2011/05/07 10:14:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Safari
[2005/10/23 10:32:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Sigmatel
[2008/10/14 09:57:19 | 000,000,000 | -H-D | M] -- C:\Program Files\SiteAdvisor
[2008/12/20 17:54:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Softouch
[2011/05/15 07:02:07 | 000,000,000 | -H-D | M] -- C:\Program Files\somototoolbar
[2005/10/23 10:39:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Sonic
[2010/12/27 21:45:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony
[2008/04/06 19:08:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Corporation
[2010/12/27 21:41:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Media Go Install
[2010/08/06 14:11:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Symantec
[2005/11/06 14:35:09 | 000,000,000 | -H-D | M] -- C:\Program Files\TabIt
[2006/08/09 21:24:31 | 000,000,000 | -H-D | M] -- C:\Program Files\The Weather Channel FW
[2005/10/29 15:21:36 | 000,000,000 | -H-D | M] -- C:\Program Files\TrueSwitch
[2008/07/08 00:52:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Trymedia
[2011/01/29 11:02:25 | 000,000,000 | -H-D | M] -- C:\Program Files\TurboTax
[2004/08/19 17:14:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/03 00:11:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Universal
[2009/09/03 00:12:14 | 000,000,000 | -H-D | M] -- C:\Program Files\VersalSoft
[2007/04/14 14:13:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Viewpoint
[2009/07/05 15:55:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Virtual Earth 3D
[2008/04/12 22:16:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Visual Bible The Birth of Jesus_The Story Behind the Cross
[2005/10/23 10:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files\WebCyberCoach
[2006/06/20 23:53:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WildTangent
[2008/11/13 23:03:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Live Toolbar
[2010/12/27 21:44:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Media Player
[2008/07/24 20:15:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows NT
[2004/08/19 17:02:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Plus
[2009/08/23 16:39:24 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Sidebar
[2004/08/19 17:05:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/10/23 10:41:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WordPerfect Office 12
[2007/06/16 19:08:10 | 000,000,000 | -H-D | M] -- C:\Program Files\WSfonts
[2004/08/19 17:07:50 | 000,000,000 | -H-D | M] -- C:\Program Files\xerox
[2010/02/18 00:55:53 | 000,000,000 | -H-D | M] -- C:\Program Files\Yahoo!
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Yapta
[2005/10/23 10:37:32 | 000,000,000 | -H-D | M] -- C:\Program Files\Your Company Name
[2009/08/21 14:54:27 | 000,000,000 | -H-D | M] -- C:\Program Files\ZyXEL Communications Corporation

< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< CREATERESTOREPOINT >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Re: tried to remove fake windows security, now usb won't work23rd June 2011, 4:29 am

Hi,

Please download ComboFix tried to remove fake windows security, now usb won't work - Page 1 Combofix

from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

tried to remove fake windows security, now usb won't work - Page 1 Query_RC

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
tried to remove fake windows security, now usb won't work - Page 1 RC_successful

tried to remove fake windows security, now usb won't work - Page 1 RC_successful

Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work23rd June 2011, 11:13 pm

hi,
i'm only able to do anything on the pc with the otl booting up first from the disc. I don't think any antivirus programs can run with this, can they? anyway, i didn't know how to disable them if they were. so i copied the commy, and the text, run, ok....got a popup asking if i agreed to the terms of combofix, i said agree, and immediately got another popup saying "Combofix error opening file for writing: x:\32788r22fwjfw\023.dat click abort to stop the installation,retry to try again, or ignore to skip this file..i tried ignore, and then another one popped up, this time 023.datx, and then many more, so i aborted..

Re: tried to remove fake windows security, now usb won't work24th June 2011, 6:36 am

Try running this:

tried to remove fake windows security, now usb won't work - Page 1 Bf_new

Please download Malwarebytes Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work25th June 2011, 2:29 am

hi, unfortunately i'm still getting an error about drive x...
x:\i386\system32\drivers\mbamswissarmy.sys
An error occurred while trying to create a file in the destination directory: access is denied
i had to abort

Re: tried to remove fake windows security, now usb won't work25th June 2011, 3:09 am

Are you not able to boot into Windows regularly at all?

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work25th June 2011, 3:24 am

no, the windows login screen comes on (where i can click my user name), but the mouse won't work...not in safe mode or regular..

Re: tried to remove fake windows security, now usb won't work26th June 2011, 5:37 am

Hi,

Please re-run OTL once again.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work4th July 2011, 11:33 pm

ok, i reran otlpe from the disk...inserted the fix code from the "read this before posting" section of the site...there was no extras.txt output, but here is the otl.txt output:
OTL logfile created on: 7/4/2011 8:15:01 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.48 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive J: | 7.45 Gb Total Space | 6.49 Gb Free Space | 87.15% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {0430454D-47EA-11D6-AD58-00010333D0AD} - Yahoo! Import WAB
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - WXcom Class
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - YbUploadFavsCtl Class
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{64A10DCF-7FF1-4600-9824-DE0BCC2AA72E} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2011/06/05 15:14:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/25 01:48:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/25 01:48:39 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/25 01:45:33 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/25 01:47:01 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/18 12:58:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/06/22 20:02:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

2nd half of last otl.txt4th July 2011, 11:34 pm

========== Purity Check ==========

========== Custom Scans ==========

Invalid Environment Variable: %APPDATA%\Microsoft\*.*

< %systemroot%\system32\config\systemprofile\*.dat /x >

Invalid Environment Variable: %USERPROFILE%\Desktop\*.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

Invalid Environment Variable: %USERPROFILE%\My Documents\*.exe

Invalid Environment Variable: %USERPROFILE%\*.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/03/03 02:55:19 | 000,149,504 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2011/02/22 19:06:28 | 011,080,704 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2011/02/22 19:06:28 | 001,991,680 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/13 20:12:00 | 000,274,944 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/13 20:12:02 | 000,067,072 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2011/01/21 10:44:37 | 008,462,336 | -H-- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/08/06 09:03:55 | 000,000,000 | -H-D | M] -- C:\Program Files\AAdvantage eShoppingSM Toolbar
[2010/08/14 16:59:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Adobe
[2006/03/04 23:58:07 | 000,000,000 | -H-D | M] -- C:\Program Files\AIM
[2005/11/11 13:09:01 | 000,000,000 | -H-D | M] -- C:\Program Files\AOD
[2005/12/01 19:24:09 | 000,000,000 | -H-D | M] -- C:\Program Files\AOL
[2008/08/23 14:43:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Apple Software Update
[2006/03/25 14:38:41 | 000,000,000 | -H-D | M] -- C:\Program Files\ArcSoft
[2011/03/08 07:53:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Ask.com
[2008/02/29 00:36:28 | 000,000,000 | -H-D | M] -- C:\Program Files\Bible Explorer 4
[2011/05/27 20:23:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Bonjour
[2010/07/25 21:42:34 | 000,000,000 | -H-D | M] -- C:\Program Files\CA
[2007/08/21 12:43:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Cakewalk
[2011/05/18 23:28:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Canon
[2007/10/20 12:33:16 | 000,000,000 | -H-D | M] -- C:\Program Files\CDKnet
[2010/12/27 21:46:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Common Files
[2004/08/19 17:02:56 | 000,000,000 | -H-D | M] -- C:\Program Files\ComPlus Applications
[2011/05/15 08:46:06 | 000,000,000 | -H-D | M] -- C:\Program Files\Conduit
[2011/05/15 08:46:04 | 000,000,000 | -H-D | M] -- C:\Program Files\ConduitEngine
[2010/08/07 10:29:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Coupons
[2005/10/23 10:34:49 | 000,000,000 | -H-D | M] -- C:\Program Files\CyberLink
[2005/10/23 10:46:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell
[2009/05/19 20:31:20 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell A920
[2009/08/21 12:00:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell AIO Printer A920
[2008/02/03 02:41:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Dell Support Center
[2007/04/11 20:50:15 | 000,000,000 | -H-D | M] -- C:\Program Files\DellSupport
[2010/09/12 13:22:52 | 000,000,000 | -H-D | M] -- C:\Program Files\DIFX
[2007/08/28 12:41:31 | 000,000,000 | -H-D | M] -- C:\Program Files\DigiTech
[2008/02/28 08:11:19 | 000,000,000 | -H-D | M] -- C:\Program Files\e-Sword
[2005/10/23 10:38:40 | 000,000,000 | -H-D | M] -- C:\Program Files\EarthLink Setup
[2010/11/02 21:43:32 | 000,000,000 | -H-D | M] -- C:\Program Files\EasyGPS
[2007/09/24 22:06:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Encountering the New Testament 2
[2004/08/19 17:16:18 | 000,000,000 | -H-D | M] -- C:\Program Files\EnglishOtto
[2011/01/10 21:04:02 | 000,000,000 | -H-D | M] -- C:\Program Files\Finale NotePad 2007
[2010/09/12 13:22:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Garmin
[2004/08/19 17:16:22 | 000,000,000 | -H-D | M] -- C:\Program Files\GemMaster
[2009/03/15 07:34:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Google
[2010/06/19 15:21:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Hanes T-ShirtMaker Premier
[2008/05/12 20:29:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Homestead
[2005/10/29 15:16:26 | 000,000,000 | -H-D | M] -- C:\Program Files\illiminable
[2011/01/21 06:30:52 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/10/23 10:34:35 | 000,000,000 | -H-D | M] -- C:\Program Files\Intel
[2011/04/15 03:12:48 | 000,000,000 | -H-D | M] -- C:\Program Files\Internet Explorer
[2005/10/23 10:39:05 | 000,000,000 | -H-D | M] -- C:\Program Files\Intuit
[2010/09/03 15:52:54 | 000,000,000 | -H-D | M] -- C:\Program Files\iolo
[2011/05/07 10:24:18 | 000,000,000 | -H-D | M] -- C:\Program Files\iPod
[2010/11/01 18:02:43 | 000,000,000 | -H-D | M] -- C:\Program Files\ISSThirdParty
[2011/05/07 10:25:26 | 000,000,000 | -H-D | M] -- C:\Program Files\iTunes
[2010/09/10 07:28:47 | 000,000,000 | -H-D | M] -- C:\Program Files\Java
[2010/05/22 13:34:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Kodak
[2008/02/29 00:35:30 | 000,000,000 | -H-D | M] -- C:\Program Files\Laridian
[2005/10/23 10:38:33 | 000,000,000 | -H-D | M] -- C:\Program Files\Learn2.com
[2007/10/29 15:54:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Linksys
[2008/07/08 00:52:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Ludia
[2011/05/27 20:52:48 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/25 01:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2009/08/19 18:27:39 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee
[2009/08/19 18:27:37 | 000,000,000 | -H-D | M] -- C:\Program Files\McAfee.com
[2007/08/31 17:56:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Memorex exPressit Label Design Studio
[2008/08/13 18:18:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Messenger
[2008/11/06 13:14:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/02/22 18:39:55 | 000,000,000 | -H-D | M] -- C:\Program Files\microsoft frontpage
[2007/08/15 00:30:11 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Games
[2009/09/01 20:28:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Office
[2005/10/23 10:36:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/10/23 10:36:40 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/04/22 15:30:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Silverlight
[2008/11/05 00:06:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2005/12/01 22:05:34 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft Streets and Trips
[2006/10/23 19:57:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Microsoft.NET
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem Helper
[2005/10/23 10:34:41 | 000,000,000 | -H-D | M] -- C:\Program Files\Modem On Hold
[2010/08/11 17:36:09 | 000,000,000 | -H-D | M] -- C:\Program Files\Movie Maker
[2007/02/27 23:36:03 | 000,000,000 | -H-D | M] -- C:\Program Files\Mozilla Firefox
[2011/05/15 08:43:26 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket
[2011/05/15 07:02:12 | 000,000,000 | -H-D | M] -- C:\Program Files\MP3 Rocket FileBulldog Toolbar
[2009/08/21 21:35:33 | 000,000,000 | -H-D | M] -- C:\Program Files\MSBuild
[2009/09/01 20:28:19 | 000,000,000 | -H-D | M] -- C:\Program Files\MSECache
[2009/01/06 19:43:37 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN
[2004/08/19 17:01:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/26 20:53:36 | 000,000,000 | -H-D | M] -- C:\Program Files\MSXML 4.0
[2008/11/13 22:39:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MUSICMATCH
[2009/02/28 19:53:48 | 000,000,000 | -H-D | M] -- C:\Program Files\MySpace
[2008/07/24 20:15:49 | 000,000,000 | -H-D | M] -- C:\Program Files\NetMeeting
[2008/07/25 08:20:45 | 000,000,000 | -H-D | M] -- C:\Program Files\Oberon Media
[2006/10/23 20:26:26 | 000,000,000 | -H-D | M] -- C:\Program Files\OfficeUpdate11
[2004/08/19 17:02:42 | 000,000,000 | -H-D | M] -- C:\Program Files\Online Services
[2010/12/16 04:01:29 | 000,000,000 | -H-D | M] -- C:\Program Files\Outlook Express
[2011/01/27 08:06:43 | 000,000,000 | -H-D | M] -- C:\Program Files\Palm
[2006/03/25 14:29:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Panasonic
[2007/09/21 18:18:26 | 000,000,000 | -H-D | M] -- C:\Program Files\Parsons
[2011/05/13 22:03:03 | 000,000,000 | -H-D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2008/04/06 19:10:45 | 000,000,000 | -H-D | M] -- C:\Program Files\PIXELA
[2007/08/28 12:57:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Pro Tracks
[2010/12/18 10:21:05 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickTime
[2010/12/10 14:28:48 | 000,000,000 | -H-D | M] -- C:\Program Files\QuickVerse 2006
[2011/05/15 08:46:01 | 000,000,000 | -H-D | M] -- C:\Program Files\quixley_v2
[2005/10/23 10:38:18 | 000,000,000 | -H-D | M] -- C:\Program Files\Real
[2009/08/21 21:35:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Reference Assemblies
[2004/08/19 17:20:24 | 000,000,000 | -H-D | M] -- C:\Program Files\RGB
[2008/11/01 08:41:09 | 000,000,000 | RH-D | M] -- C:\Program Files\rnamfler
[2011/05/07 10:14:37 | 000,000,000 | -H-D | M] -- C:\Program Files\Safari
[2005/10/23 10:32:16 | 000,000,000 | -H-D | M] -- C:\Program Files\Sigmatel
[2008/10/14 09:57:19 | 000,000,000 | -H-D | M] -- C:\Program Files\SiteAdvisor
[2008/12/20 17:54:25 | 000,000,000 | -H-D | M] -- C:\Program Files\Softouch
[2011/05/15 07:02:07 | 000,000,000 | -H-D | M] -- C:\Program Files\somototoolbar
[2005/10/23 10:39:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Sonic
[2010/12/27 21:45:56 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony
[2008/04/06 19:08:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Corporation
[2010/12/27 21:41:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Sony Media Go Install
[2010/08/06 14:11:22 | 000,000,000 | -H-D | M] -- C:\Program Files\Symantec
[2005/11/06 14:35:09 | 000,000,000 | -H-D | M] -- C:\Program Files\TabIt
[2006/08/09 21:24:31 | 000,000,000 | -H-D | M] -- C:\Program Files\The Weather Channel FW
[2005/10/29 15:21:36 | 000,000,000 | -H-D | M] -- C:\Program Files\TrueSwitch
[2008/07/08 00:52:59 | 000,000,000 | -H-D | M] -- C:\Program Files\Trymedia
[2011/01/29 11:02:25 | 000,000,000 | -H-D | M] -- C:\Program Files\TurboTax
[2004/08/19 17:14:00 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/09/03 00:11:58 | 000,000,000 | -H-D | M] -- C:\Program Files\Universal
[2009/09/03 00:12:14 | 000,000,000 | -H-D | M] -- C:\Program Files\VersalSoft
[2007/04/14 14:13:50 | 000,000,000 | -H-D | M] -- C:\Program Files\Viewpoint
[2009/07/05 15:55:01 | 000,000,000 | -H-D | M] -- C:\Program Files\Virtual Earth 3D
[2008/04/12 22:16:13 | 000,000,000 | -H-D | M] -- C:\Program Files\Visual Bible The Birth of Jesus_The Story Behind the Cross
[2005/10/23 10:43:51 | 000,000,000 | -H-D | M] -- C:\Program Files\WebCyberCoach
[2006/06/20 23:53:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WildTangent
[2008/11/13 23:03:51 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Live Toolbar
[2010/12/27 21:44:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Media Player
[2008/07/24 20:15:44 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows NT
[2004/08/19 17:02:14 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Plus
[2009/08/23 16:39:24 | 000,000,000 | -H-D | M] -- C:\Program Files\Windows Sidebar
[2004/08/19 17:05:02 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/10/23 10:41:05 | 000,000,000 | -H-D | M] -- C:\Program Files\WordPerfect Office 12
[2007/06/16 19:08:10 | 000,000,000 | -H-D | M] -- C:\Program Files\WSfonts
[2004/08/19 17:07:50 | 000,000,000 | -H-D | M] -- C:\Program Files\xerox
[2010/02/18 00:55:53 | 000,000,000 | -H-D | M] -- C:\Program Files\Yahoo!
[2010/09/11 21:33:49 | 000,000,000 | -H-D | M] -- C:\Program Files\Yapta
[2005/10/23 10:37:32 | 000,000,000 | -H-D | M] -- C:\Program Files\Your Company Name
[2009/08/21 14:54:27 | 000,000,000 | -H-D | M] -- C:\Program Files\ZyXEL Communications Corporation

< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/04 00:07:42 | 000,042,368 | -H-- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | -H-- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | -H-- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 06:00:00 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | -H-- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | -H-- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< CREATERESTOREPOINT >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | -H-- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | -H-- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Re: tried to remove fake windows security, now usb won't work6th July 2011, 12:42 am

Hi,

Please download aswMBR from here

Save aswMBR.exe to your Desktop
Double click aswMBR.exe to run it
Click the Scan button to start the scan as illustrated below

tried to remove fake windows security, now usb won't work - Page 1 AswMBR_Scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

Once the scan finishes click Save log to save the log to your Desktop
Copy and paste the contents of aswMBR.txt back here for review

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work7th July 2011, 10:42 am

Hi,
I downloaded the aswmbr to my thumb drive (from my laptop which works), then put the thumb drive into the pc, copied the file to the desktop and doubleclicked. It says:
os version windows: 5.1.2600
number of processors:1 586 0x403
computer name : REATOGO username: system
initialize error 0
AVAST engine download error: 0

I can still hit the scan button, but with the initialize error, i don't know if it gives the desired results.

Re: tried to remove fake windows security, now usb won't work7th July 2011, 10:45 am

here is the log:
aswMBR version 0.9.7.705 Copyright(c) 2011 AVAST Software
Run date: 2011-07-07 08:38:15
-----------------------------
08:38:15.812 OS Version: Windows 5.1.2600
08:38:15.812 Number of processors: 1 586 0x403
08:38:15.812 ComputerName: REATOGO UserName: SYSTEM
08:38:15.953 Initialze error 0
08:38:19.343 AVAST engine download error: 0
08:42:41.234 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-17
08:42:41.250 Disk 0 Vendor: ST3160023AS 8.12 Size: 152587MB BusType: 3
08:42:43.281 Disk 0 MBR read successfully
08:42:43.281 Disk 0 MBR scan
08:42:43.296 Disk 0 unknown MBR code
08:42:45.312 Disk 0 scanning sectors +312496380
08:42:45.343 Disk 0 scanning X:\i386\system32\drivers
08:42:45.359 Service scanning
08:42:55.515 Disk 0 trace - called modules:
08:42:55.531 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys halaacpi.dll pciide.sys PCIIDEX.SYS
08:42:55.562 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b2b76a0]
08:42:55.578 3 CLASSPNP.SYS[f74e805b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-17[0x8b36ab00]
08:42:55.593 Scan finished successfully
08:43:27.890 Disk 0 MBR has been saved successfully to "B:\Documents and Settings\Default User\Desktop\MBR.dat"
08:43:27.921 The log file has been saved successfully to "B:\Documents and Settings\Default User\Desktop\aswMBR.txt"

Re: tried to remove fake windows security, now usb won't work8th July 2011, 3:57 am

Hi,

Please download TDSSKiller from here and save it to your Desktop.

Doubleclick TDSSKiller.exe to run the tool
Click the Start Scan button
After the scan has finished, click the Close button
Click the Report button and copy/paste the contents of it into your next reply

Note:It will also create a log in the C:\ directory.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work9th July 2011, 3:45 pm

ok, I downloaded the tsskiller to my thumbdrive on the laptop, started up the pc using the otlpe disk, (reatogo starts up), copy the tsskiller to the desktop with the thumbdrive, and then doubleclick....first i get a warning "can't initialize log", i say ok, then error "can't load driver", i say ok, tdsskiller comes up, i hit scan, it says scan completed, processed 6 objects, infection not found, i hit close, then the tdsskiller comes up again, but report is greyed out, so i can only close it. I don't see any log or output on the c drive.

I think the problem is that since i can only start up the pc using the otlpe disk, none of the scans are looking into my entire pc, but only working off what's available from the reatogo thing. Am I supposed to do something to get to my regular desktop once i use the otlpe disc to start?

Re: tried to remove fake windows security, now usb won't work9th July 2011, 10:21 pm

Hi,

Yeah, but let's try this.

Download and run SafeBootKeyRepair-CF from: BleepingComputer.com

It will take only a moment for it to run. If it produces a log, please post it in your next reply.

Does Safe Mode work now?

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work10th July 2011, 11:32 am

Hi, it didn't run...application errror: "the exception unknown software exception (0x0eedfade) occurred in the application at location 0x7c81eb33"

Re: tried to remove fake windows security, now usb won't work11th July 2011, 4:50 am

Hi,

Could you please re-run OTL one more time? I'm going to fix it so you can boot with that.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work11th July 2011, 11:26 pm

ok, i just reran the otlpe that is on the disk i use to start up the reatogo...didn't change any settings or anything. Here is the log:
OTL logfile created on: 7/11/2011 9:18:36 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 16:50:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/10 13:06:01 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Re: tried to remove fake windows security, now usb won't work12th July 2011, 5:23 am

Hi,

Please run OTL.exe.

Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:OTL
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

:Files
ipconfig /flushdns /c
C:\WINDOWS\System32\mkghj.dll
C:\WINDOWS\System32\cfgmig32.dll
C:\Documents and Settings\All Users\Application Data\hOdMj05700
C:\Documents and Settings\All Users\Application Data\MCA219.tmp

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\Windows\System32\userinit.exe,"

:commands
[emptytemp]
[resethosts]
Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
Click the red Run Fix button.
A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTL.exe

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work12th July 2011, 8:57 pm

Hi, i copied otl.exe and otl.com (same?) via the thumbdrive to the desktop, but they wouldn't start (error message: unable to locate component...application failed to start because framdyn.dll was not found ). So I ran otlpe, added the fixes, ran fix, and copied the resulting txt file (below)...but i think i screwed up, because then another txt file popped up and i lost that one...i tried to rerun everything, but i'm not sure what i lost. here is the first txt:
OTL logfile created on: 7/12/2011 6:43:35 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 98.49 Gb Free Space | 68.24% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.45 Gb Total Space | 5.64 Gb Free Space | 75.76% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2011/01/25 03:57:04 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\24185 -- (24185)
DRV - [2010/11/22 12:03:58 | 000,009,072 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\19757 -- (19757)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2004/08/10 06:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [bdWruSduNKKJP] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab (DLM Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab (MSN Photo Upload Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} http://www.trueswitch.com/verizonyahoo/TrueInstallVerizonYahoo.exe (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/mygarmin/m/GarminAxControl.CAB (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:42 | 000,000,053 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/07/10 18:47:55 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/10 16:50:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/10 13:06:01 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/07/25 21:41:46 | 000,000,007 | -H-- | C] () -- C:\WINDOWS\System32\mkghj.dll
[2010/07/25 21:40:49 | 001,054,032 | -H-- | C] () -- C:\WINDOWS\System32\cfgmig32.dll
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2010/12/13 05:14:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\hOdMj05700
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2005/10/29 16:33:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MCA219.tmp
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/10 13:33:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/10 13:32:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Re: tried to remove fake windows security, now usb won't work12th July 2011, 9:18 pm

ps - -i tried to rerun everything, but the screen just hung...so i turned off the pc and tried the whole thing over again...this time it said the scan was complete...here is the log:
========== OTL ==========
Service\Driver key 24185 not found.
File C:\WINDOWS\system32\drivers\24185 not found.
Service\Driver key 19757 not found.
File C:\WINDOWS\system32\drivers\19757 not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\bdWruSduNKKJP not found.
Registry value HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDesktop not found.
Registry value HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr not found.
Starting removal of ActiveX control {0CCA191D-13A6-4E29-B746-314DEE697D83}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CCA191D-13A6-4E29-B746-314DEE697D83}\ not found.
Starting removal of ActiveX control {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)\ not found.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {4871A87A-BFDD-4106-8153-FFDE2BAC2967}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967}\ not found.
Starting removal of ActiveX control {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}\ not found.
Starting removal of ActiveX control {4F1E5B1A-2A80-42CA-8532-2D05CB959537}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F1E5B1A-2A80-42CA-8532-2D05CB959537}\ not found.
Starting removal of ActiveX control {8100D56A-5661-482C-BEE8-AFECE305D968}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8100D56A-5661-482C-BEE8-AFECE305D968}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {B8BE5E93-A60C-4D26-A2DC-220313175592}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8BE5E93-A60C-4D26-A2DC-220313175592}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {FFFFFFFF-CACE-BABE-BABE-00AA0055595A}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CACE-BABE-BABE-00AA0055595A}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In\ not found.
File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\Jesse_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\Nikko_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
File\Folder C:\WINDOWS\System32\mkghj.dll not found.
File\Folder C:\WINDOWS\System32\cfgmig32.dll not found.
File\Folder C:\Documents and Settings\All Users\Application Data\hOdMj05700 not found.
File\Folder C:\Documents and Settings\All Users\Application Data\MCA219.tmp not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Userinit"|"C:\Windows\System32\userinit.exe," /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Application Data

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DIANE BLUMENFIELD
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jesse
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Nikko
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: PAUL NEWMAN
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33023 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

Total Files Cleaned = 0.00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTLPE by OldTimer - Version 3.1.46.0 log created on 07122011_201607

Re: tried to remove fake windows security, now usb won't work13th July 2011, 5:59 am

Are you able to boot into Windows now?

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work13th July 2011, 11:47 pm

no, once again, if i try to boot normally into windows, the keyboard and mouse both freeze and i can't do anything. maybe i'm doing something wrong. when i try to boot normally, I go to boot sequence and set the "onboard SATA Hard drive" as first, followed by the "onboard or usb cd-rom drive". When i boot from the reatogo disc, i switch that order. The other things listed there are "usb device", "onboard IDE hard drive", and "onboard or usb floppy drive" all which say
"not present"
should i be changing something else?

Re: tried to remove fake windows security, now usb won't work14th July 2011, 12:56 am

ps- when i go into setup mode to change the boot sequence, the keyboard works, but not the mouse....when i go into regular startup, neither mouse nor keyboard work

Re: tried to remove fake windows security, now usb won't work14th July 2011, 5:53 am

This has got me kinda stumped. Let me call for back up and get some second opinions.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work14th July 2011, 11:03 am

thanks very much!!

Re: tried to remove fake windows security, now usb won't work15th July 2011, 3:51 am

In the mean-time, could you please re-run OTL?

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work15th July 2011, 11:21 am

hi, i've tried to post this 3 times and don't see it showing up, so forgive me if you end up seeing the same message again and again!
just to be sure i'm doing this right, i am using the otlpe that is on the desktop of the reatogo once i boot with the disk....i don't change any settings or add any fix code...is this correct? thanks

Re: tried to remove fake windows security, now usb won't work16th July 2011, 4:19 am

You'll have to split it into multiple posts, then. Just make two seperate posts.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work16th July 2011, 3:31 pm

oh, no, I just meant that i was trying to post this question below 3 times:
just to be sure i'm doing this right, i am using the otlpe that is on the desktop of the reatogo once i boot with the disk....i don't change any settings or add any fix code...is this correct? thanks.

i will assume that the above is what you want me to do - let me know if not.
btw, i'm running otlpe version 3.1.46.0

OTL logfile created on: 7/16/2011 1:11:49 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 99.41 Gb Free Space | 68.88% Space Free | Partition Type: NTFS
Drive D: | 1863.01 Gb Total Space | 1742.41 Gb Free Space | 93.53% Space Free | Partition Type: NTFS
Drive I: | 436.44 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2011/07/12 20:16:21 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/02 17:30:52 | 000,000,000 | RH-D | M] - D:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2001/07/25 17:14:48 | 000,180,224 | R--- | M] (Dell Computer Corporation) - I:\AUTORCD.EXE -- [ CDFS ]
O32 - AutoRun File - [2000/01/11 18:51:40 | 000,000,049 | RH-- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/12 18:49:15 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/13 19:58:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/13 19:56:22 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/13 19:56:15 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Re: tried to remove fake windows security, now usb won't work17th July 2011, 3:46 am

Yes, you're doing it correct.

What happens when you boot into Last Known Good Configuration instead of Safe Mode? Have you tried it? If not, then please try it. Also, have you installed the Recovery Console?

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work17th July 2011, 12:09 pm

hi, yes, i have tried last known...same problem
i've just loaded the windows recovery console from the originally supplied windows xp disk...and i now have the command prompt...what do i do now?

Re: tried to remove fake windows security, now usb won't work19th July 2011, 4:28 am

I'm having sort of a writers block at the moment. Let me try and ask again.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work19th July 2011, 11:30 am

ok, thanks...i hope this will work! my husband is ready to junk the pc and buy a new one!

Re: tried to remove fake windows security, now usb won't work20th July 2011, 5:45 am

Alrighty, lets run a custom scan with OTL that'll show me some info about the mouse and keyboard files.

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Under the Custom Scan box paste this in

/md5start
USBHID.sys
mouclass.sys
kbdhid.sys
IdeChnDr.sys
usbstor.sys
kbdmouse.dll
i8042prt.*
kbdclass.sys
sermouse.*
/md5stop
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work21st July 2011, 3:26 am

ok, so i exited out of the windows recovery console, and booted up with the reatogo disk...once again, i couldn't run the plain otl...i got the same error message as before: unable to locate component...application failed to start because framdyn.dll was not found ). So I opened otlpe, then pasted in the code, ran otlpe (run scan), and here's the output:

OTL logfile created on: 7/21/2011 3:19:38 AM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 100.89 Gb Free Space | 69.90% Space Free | Partition Type: NTFS
Drive J: | 7.45 Gb Total Space | 5.34 Gb Free Space | 71.69% Space Free | Partition Type: FAT32
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003

========== Win32 Services (SafeList) ==========

SRV - [2011/05/14 02:57:53 | 000,251,216 | -H-- | M] (CA, Inc.) [On_Demand] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2011/05/14 02:57:53 | 000,206,160 | -H-- | M] (Computer Associates International, Inc.) [Auto] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/03/11 01:36:10 | 000,724,152 | -H-- | M] (iolo technologies, LLC) [Auto] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloFileInfoList)
SRV - [2010/08/23 21:21:40 | 000,013,672 | -H-- | M] (Intuit Inc.) [Disabled] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | -H-- | M] (ArcSoft Inc.) [Disabled] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | -H-- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | -H-- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before Last Install)
DRV - File not found [Adapter | On_Demand] -- -- (Winsock - Google Desktop Search Backup Before First Install)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | System] -- -- (Beep)
DRV - [2010/09/24 11:16:18 | 000,146,000 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2010/09/24 11:16:18 | 000,115,792 | -H-- | M] (CA) [Kernel | System] -- C:\WINDOWS\system32\drivers\KmxFw.sys -- (KmxFw)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2010/09/24 11:16:18 | 000,061,008 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2010/09/17 12:21:00 | 000,135,248 | -H-- | M] (CA) [File_System | Boot] -- C:\WINDOWS\system32\drivers\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | -H-- | M] (CA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/03 02:12:02 | 000,108,112 | -H-- | M] (CA) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\KmxStart.sys -- (KmxStart)
DRV - [2010/03/22 13:58:42 | 000,079,864 | -H-- | M] (CA) [File_System | System] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2009/11/19 15:33:20 | 000,051,200 | -H-- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | -H-- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2009/03/27 15:27:04 | 000,598,656 | -H-- | M] (Computer Associates International, Inc.) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 14:41:01 | 000,052,352 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2007/12/20 07:32:10 | 000,016,694 | -H-- | M] (PalmSource, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | -H-- | M] (ArcSoft Inc.) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | -H-- | M] (Intellon, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | -H-- | M] (ArcSoft Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/04/24 12:33:50 | 000,007,680 | -H-- | M] (ArcSoft Inc.) [Recognizer | System] -- C:\WINDOWS\System32\drivers\ArcRec.sys -- (ArcRec)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | -H-- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | -H-- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/06/14 23:40:08 | 000,180,864 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) High Definition Audio Driver (WDM)
DRV - [2004/06/16 04:52:40 | 000,061,157 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2004/03/24 11:12:44 | 000,004,272 | -H-- | M] () [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | -H-- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2004/03/06 05:15:34 | 000,647,929 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2004/03/06 05:14:42 | 001,233,525 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2004/03/06 05:13:38 | 000,037,048 | -H-- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2003/12/17 15:30:46 | 000,017,005 | -H-- | M] (Adaptec) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | -H-- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | RH-- | M] (CEntrance, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | -H-- | M] (GEAR Software) [Kernel | System] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\.DEFAULT\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://verizon.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\DIANE_BLUMENFIELD_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\DIANE_BLUMENFIELD_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Jesse_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Jesse_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60468
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\Nikko_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\Nikko_ON_C\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKU\Nikko_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKU\PAUL_NEWMAN_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - Reg Error: Key error. File not found
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\PAUL_NEWMAN_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\caaphishtoolbar@ca.com: C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\Firefox [2011/05/16 05:30:57 | 000,000,000 | -H-D | M]

O1 HOSTS File: ([2011/07/12 20:16:21 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CA Anti-Phishing Toolbar Helper) - {45011CF5-E4A9-4F13-9093-F30A784EB9B2} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\DIANE_BLUMENFIELD_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Jesse_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\Nikko_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (CA Anti-Phishing Toolbar) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Phishing\Toolbar\caIEToolbar.dll (CA, Inc.)
O3 - HKU\PAUL_NEWMAN_ON_C\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKU\Administrator_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Jesse_ON_C..\Run: [swg] File not found
O4 - HKU\Nikko_ON_C..\Run: [AIM] File not found
O4 - HKU\Nikko_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Nikko_ON_C..\Run: [swg] File not found
O4 - HKU\PAUL_NEWMAN_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\kasperskysetup_9.0.0.722_27.05.2011_16-20.lnk = C:\Documents and Settings\Administrator\Desktop\Virus Removal Tool1\kasperskysetup_9.0.0.722_27.05.2011_16-20\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\DIANE_BLUMENFIELD_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Jesse_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Nikko_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\PAUL_NEWMAN_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\VetRedir.dll (Computer Associates International, Inc.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.129 167.206.245.130
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (UmxSbxExw.dll) - C:\WINDOWS\System32\UmxSbxExw.dll (CA)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:42 | 000,000,053 | ---- | M] () - J:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (autocheck smrgdf C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo\) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/17 09:11:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/07/12 18:49:15 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2011/06/25 01:21:08 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2008/07/27 20:21:51 | 000,726,008 | -H-- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/17 09:11:44 | 000,000,280 | RHS- | M] () -- C:\boot.ini
[2011/07/13 19:58:05 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/13 19:56:22 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/13 19:56:15 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/06/25 01:38:33 | 000,000,542 | ---- | M] () -- C:\Malwarebytes' Anti-Malware.lnk
[1 C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Nikko\Local Settings\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/17 09:11:43 | 000,000,209 | -HS- | C] () -- C:\BOOT.BAK
[2011/07/17 09:11:40 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/07/10 18:47:55 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/25 01:41:14 | 000,000,542 | ---- | C] () -- C:\Malwarebytes' Anti-Malware.lnk
[2011/05/25 08:17:43 | 000,000,400 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | -H-- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | -H-- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | -H-- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | -H-- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/06/05 07:19:48 | 000,004,272 | -H-- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | -H-- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2009/05/19 20:31:59 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\dlbkvs.dll
[2009/05/19 20:31:20 | 000,000,255 | -H-- | C] () -- C:\WINDOWS\System32\dlbkcoin.ini
[2008/11/13 23:06:43 | 000,108,712 | -H-- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | -H-- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | -H-- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | -H-- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | RH-- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | -H-- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | -H-- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | -H-- | C] () -- C:\WINDOWS\EReg184.dat
[2007/02/04 22:34:15 | 000,029,696 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/01 17:52:34 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | -H-- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | -H-- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | -H-- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | -H-- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/19 09:17:08 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JPR.{PB
[2005/11/19 09:17:08 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Nikko\Application Data\PFP120JCM.{PB
[2005/11/09 23:25:38 | 000,061,678 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JPR.{PB
[2005/11/09 23:25:38 | 000,012,358 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Application Data\PFP120JCM.{PB
[2005/11/06 14:39:06 | 000,000,116 | -H-- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/11/05 17:06:06 | 000,000,128 | -H-- | C] () -- C:\Documents and Settings\Jesse\Local Settings\Application Data\fusioncache.dat
[2005/11/05 16:50:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Nikko\Local Settings\Application Data\fusioncache.dat
[2005/10/31 22:13:04 | 000,000,134 | -H-- | C] () -- C:\Documents and Settings\PAUL NEWMAN\Local Settings\Application Data\fusioncache.dat
[2005/10/29 16:32:57 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | -H-- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | -H-- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | -H-- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 15:01:54 | 000,239,104 | -H-- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 18:04:54 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 17:20:39 | 000,000,908 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:16:24 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:58 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/19 16:49:51 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/19 16:49:47 | 000,491,160 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/19 16:49:47 | 000,088,640 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:47 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/19 16:49:47 | 000,004,627 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 16:49:44 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/19 16:49:43 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/19 16:49:38 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/19 16:49:38 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/19 16:49:30 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/19 16:49:22 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/31 20:43:38 | 000,005,632 | -H-- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/03/17 22:44:17 | 000,000,000 | -H-D | M] -- C:\WINDOWS\system32\config\systemprofile\Application Data\SACore
[2005/12/01 19:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Aim
[2010/11/01 18:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CallingID
[2010/10/30 11:48:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\CBS Interactive
[2011/05/15 07:02:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\dtband
[2010/11/03 16:44:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Free Upload Manager
[2010/06/05 19:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\GARMIN
[2007/12/20 07:32:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\HotSync
[2011/01/24 07:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\iolo
[2005/11/27 19:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Leadertech
[2011/05/15 08:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\MP3Rocket
[2010/10/30 11:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\OpenCandy
[2008/12/20 17:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Softouch
[2011/05/15 07:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\somototoolbar
[2010/10/30 14:10:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Spyware Terminator
[2007/02/15 09:56:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Viewpoint
[2007/07/15 21:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\WildTangent
[2008/05/12 22:21:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Yapta
[2010/10/27 18:27:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\CallingID
[2011/05/19 18:12:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\dtband
[2010/06/30 13:36:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\FCTB000062125
[2009/03/07 08:44:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\GOODSEARCH
[2007/12/25 16:14:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\HotSync
[2010/09/13 07:02:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\iolo
[2008/01/25 08:24:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Leadertech
[2011/05/19 18:13:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\somototoolbar
[2010/12/27 21:00:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Sony
[2008/05/22 06:53:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Jesse\Application Data\Yapta
[2010/09/03 15:53:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2009/07/07 22:37:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2005/11/05 17:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Aim
[2006/10/29 17:38:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Cakewalk
[2010/10/30 16:50:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\CallingID
[2011/05/21 08:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\dtband
[2010/06/28 12:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\FCTB000062125
[2008/12/31 19:55:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\GOODSEARCH
[2007/12/21 15:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\HotSync
[2010/12/13 08:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\iolo
[2011/05/21 08:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\somototoolbar
[2010/10/30 16:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Spyware Terminator
[2007/02/02 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Viewpoint
[2008/05/13 15:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Nikko\Application Data\Yapta
[2005/11/19 16:20:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Aim
[2006/10/24 16:54:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Cakewalk
[2010/11/01 14:31:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\CallingID
[2011/05/16 19:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\dtband
[2010/06/25 18:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\FCTB000062125
[2009/03/23 22:41:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GARMIN
[2010/09/11 21:34:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\GOODSEARCH
[2007/12/20 23:45:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\HotSync
[2010/11/25 07:51:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\iolo
[2007/12/25 23:08:34 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Leadertech
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Ludia
[2009/07/08 20:51:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\MSNInstaller
[2010/12/10 14:27:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\QuickVerse10
[2011/02/25 09:47:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Raintree
[2011/05/16 19:36:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\somototoolbar
[2010/12/27 21:50:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Sony
[2007/01/17 00:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Viewpoint
[2006/06/20 23:47:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\WildTangent
[2009/03/06 10:33:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\PAUL NEWMAN\Application Data\Yapta
[2010/11/01 18:07:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/07/25 19:36:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
[2011/05/27 23:18:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2009/03/23 23:06:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2007/12/20 07:33:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2011/05/26 22:31:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\iolo
[2008/07/08 01:02:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Ludia
[2010/02/27 00:53:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MediaMall
[2011/05/27 23:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2008/11/01 15:13:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2011/05/13 22:03:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008/12/20 17:54:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Softouch
[2008/02/03 02:42:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2011/05/13 22:04:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2007/04/14 14:13:46 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2006/06/20 23:47:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2008/02/29 00:36:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WORDsearch
[2007/06/16 19:08:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\wsc
[2009/03/14 09:29:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2007/06/16 19:08:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{10659AF2-4F35-499C-A058-D29D27AEE138}
[2010/04/08 18:07:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/11/06 22:08:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/16 17:36:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 22:00:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/30 18:01:00 | 000,000,258 | -H-- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2011/07/13 19:43:00 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/13 19:57:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: I8042PRT.SY_ >
[2004/08/10 07:00:00 | 000,026,025 | R--- | M] () MD5=819D427AB9DBE6AC2960A585087CB766 -- C:\cmdcons\i8042prt.sy_

< MD5 for: I8042PRT.SYS >
[2008/04/13 15:18:00 | 000,052,480 | -H-- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys
[2008/04/13 15:18:00 | 000,052,480 | -H-- | M] (Microsoft Corporation) MD5=4A0B06AA8943C1E332520F7440C0AA30 -- C:\WINDOWS\system32\drivers\i8042prt.sys
[2004/08/10 06:00:00 | 000,052,736 | -H-- | M] (Microsoft Corporation) MD5=5502B58EEF7486EE6F93F3F164DCB808 -- C:\i386\i8042prt.sys
[2004/08/10 06:00:00 | 000,052,736 | -H-- | M] (Microsoft Corporation) MD5=5502B58EEF7486EE6F93F3F164DCB808 -- C:\WINDOWS\$NtServicePackUninstall$\i8042prt.sys

< MD5 for: KBDCLASS.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:kbdclass.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdclass.sys
[2008/04/13 14:39:47 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=463C1EC80CD17420A542B7F36A36F128 -- C:\WINDOWS\ServicePackFiles\i386\kbdclass.sys
[2008/04/13 14:39:47 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=463C1EC80CD17420A542B7F36A36F128 -- C:\WINDOWS\system32\drivers\kbdclass.sys
[2004/08/03 23:58:34 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=EBDEE8A2EE5393890A1ACEE971C4C246 -- C:\i386\kbdclass.sys
[2004/08/03 23:58:34 | 000,024,576 | -H-- | M] (Microsoft Corporation) MD5=EBDEE8A2EE5393890A1ACEE971C4C246 -- C:\WINDOWS\$NtServicePackUninstall$\kbdclass.sys

< MD5 for: KBDHID.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:kbdhid.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:kbdhid.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:kbdhid.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:kbdhid.sys
[2008/04/13 14:39:48 | 000,014,592 | -H-- | M] (Microsoft Corporation) MD5=9EF487A186DEA361AA06913A75B3FA99 -- C:\WINDOWS\ServicePackFiles\i386\kbdhid.sys
[2008/04/13 14:39:48 | 000,014,592 | -H-- | M] (Microsoft Corporation) MD5=9EF487A186DEA361AA06913A75B3FA99 -- C:\WINDOWS\system32\drivers\kbdhid.sys
[2004/08/03 23:58:36 | 000,014,848 | -H-- | M] (Microsoft Corporation) MD5=E182FA8E49E8EE41B4ADC53093F3C7E6 -- C:\i386\kbdhid.sys
[2004/08/03 23:58:36 | 000,014,848 | -H-- | M] (Microsoft Corporation) MD5=E182FA8E49E8EE41B4ADC53093F3C7E6 -- C:\WINDOWS\$NtServicePackUninstall$\kbdhid.sys

< MD5 for: MOUCLASS.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:mouclass.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:mouclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:mouclass.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:mouclass.sys
[2004/08/03 23:58:34 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=34E1F0031153E491910E12551400192C -- C:\i386\mouclass.sys
[2004/08/03 23:58:34 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=34E1F0031153E491910E12551400192C -- C:\WINDOWS\$NtServicePackUninstall$\mouclass.sys
[2008/04/13 14:39:47 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=35C9E97194C8CFB8430125F8DBC34D04 -- C:\WINDOWS\ServicePackFiles\i386\mouclass.sys
[2008/04/13 14:39:47 | 000,023,040 | -H-- | M] (Microsoft Corporation) MD5=35C9E97194C8CFB8430125F8DBC34D04 -- C:\WINDOWS\system32\drivers\mouclass.sys

< MD5 for: USBSTOR.SYS >
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\i386\sp2.cab:usbstor.sys
[2004/08/10 06:00:00 | 016,971,599 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/07/24 20:05:43 | 023,852,652 | -H-- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/04 00:08:48 | 000,026,496 | -H-- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\i386\USBSTOR.SYS
[2004/08/04 00:08:48 | 000,026,496 | -H-- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | -H-- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | -H-- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\Book_Worm-Setup.exe:SummaryInformation
< End of report >

Note, this was the only output file

Re: tried to remove fake windows security, now usb won't work22nd July 2011, 4:53 am

Hi,

Could you please download one of these boot-environements and burn it to a CD and run it?

Kaspersky Rescue Environment: ftp://rescuedisk.kaspersky-labs.com/rescuedisk/
F-Secure Linux Environment: http://www.f-secure.com/en_EMEA-Labs/security-threats/tools/rescue-cd
SUPERAntiSpyware Portable: http://www.superantispyware.com/portablescanner.html

I completely missed something.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work23rd July 2011, 2:15 am

ok, not going well....first of all, i left my desktop on overnight, with the c drive open...this morning there was a popup asking me to buy "window blinds 4"...don't know where that came from...tried to put the kaspersky on a cd and on a thumb drive and transfer to the desktop, but it wouldn't run. Then I downloaded the SUPERAntiSpyware Portable, tried to run it...and got this blue screen on the desktop..."a problem has been detected and windows has been shut down to prevent damage to your computer. if this is the first time you've seen this stop error screen, restart your computer..blah blah blah...so i restarted several times and tried to run the program again (i even went to the support tab from the website from SUPERAntiSpyware Portable and tried the different methods with the sas.exe and then the saferun or whatever it was called...still got the same blue screen...btw, i tried to run the program from the reatogo desktop, and also from inside the drive where the thumb drive was plugged in, and also from inside the c drive...got the same blue screen each time

Re: tried to remove fake windows security, now usb won't work23rd July 2011, 2:40 am

Alright, let me call for assistance again. Let me think

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work25th July 2011, 9:10 pm

Kaspersky RescueDisk
If you encounter problems running the RescueDisk, you can get further assistance at the Kaspersky Support Forum.

If you are not sure how to burn an image, please read How to write a CD/DVD image or ISO. If you need a FREE utility to burn the ISO image, download and use ImgBurn.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work29th July 2011, 1:43 am

hi again,
Great news! While i was waiting for your last reply, i somehow was able to reload windows from the installation disk....and then the cursor/keyboard started to work!! Since then there have been numerous windows updates that I've had to download, and dell updates as well. I am still in the process of downloading/running all of these, but when they are finished, I thought I should rerun the otl and other programs that are mentioned as what to do first...and then post the outputs....just to see if there is stilll anything amiss. Is that what you would recommend?

Re: tried to remove fake windows security, now usb won't work29th July 2011, 5:33 am

Yes, please run OTL, ComboFix, Malwarebytes, and aswMBR and post those logs here.

............................................................................................
I'm livin' life in the fast lane.

Re: tried to remove fake windows security, now usb won't work1st August 2011, 2:07 am

ok, here we go:

attched is aswmbr.txt

here is otl.txt:(part 1)
OTL logfile created on: 7/31/2011 9:08:54 PM - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\DIANE BLUMENFIELD\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.24 Gb Total Physical Memory | 2.69 Gb Available Physical Memory | 82.99% Memory free
5.08 Gb Paging File | 4.61 Gb Available in Paging File | 90.77% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.33 Gb Total Space | 93.99 Gb Free Space | 65.12% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: DIANE BLUMENFIELD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/24 20:54:58 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/07/19 15:40:10 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/05 11:06:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\OTL.exe
PRC - [2011/04/21 07:54:05 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/20 10:09:40 | 000,080,384 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 17:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/03/22 17:20:44 | 000,339,968 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe

========== Modules (SafeList) ==========

MOD - [2011/06/05 11:06:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 20:11:58 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 20:11:48 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/07/24 20:54:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/07/19 15:40:10 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

========== Driver Services (SafeList) ==========

DRV - [2011/07/24 20:55:00 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/24 20:55:00 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/11/19 15:33:20 | 000,051,200 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/14 10:59:38 | 000,022,696 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2007/12/20 07:32:10 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/11/06 14:22:00 | 000,036,224 | ---- | M] (ArcSoft Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ArcCD.sys -- (ArcCD)
DRV - [2007/07/30 21:59:14 | 000,017,280 | ---- | M] (Intellon, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PLCNDIS5.SYS -- (PLCNDIS5)
DRV - [2007/04/25 09:55:02 | 000,134,912 | ---- | M] (ArcSoft Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\ArcUdfs.sys -- (ArcUdfs)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/03/01 20:30:54 | 000,618,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC52.sys -- (IntelC52)
DRV - [2005/11/16 15:36:00 | 001,047,816 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/05/06 14:42:26 | 001,339,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC51.sys -- (IntelC51)
DRV - [2005/05/06 14:40:50 | 000,047,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntelC53.sys -- (IntelC53)
DRV - [2005/05/06 14:40:20 | 000,036,880 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mohfilt.sys -- (mohfilt)
DRV - [2004/03/24 11:12:44 | 000,004,272 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bvrp_pci.sys -- (bvrp_pci)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/12/17 15:30:46 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2003/09/19 16:47:24 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/03/27 16:12:36 | 000,015,360 | R--- | M] (CEntrance, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ceusbaud.sys -- (CEUSBAUD)
DRV - [2002/06/24 10:00:00 | 000,053,412 | ---- | M] (GEAR Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GEARASPISYS.SYS -- (GearAspiSys)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://red.clientapps.yahoo.com/customize/ie/defaults/cs/sbcydsl/*http://www.yahoo.com/search/ie.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://sn142w.snt142.mail.live.com/default.aspx?wa=wsignin1.0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

O1 HOSTS File: ([2011/07/24 23:29:38 | 000,000,352 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0123B506-0AD9-43AA-B0CF-916C122AD4C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-95BA-ED6DB186BE32} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (MP3 Rocket Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/06 19:12:07 | 000,000,050 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{26c62dc4-8f53-11dd-80eb-00123fa87022}\Shell\AutoRun\command - "" = AUTORUN.EXE
O33 - MountPoints2\{66c15dd2-65c7-11df-8363-00123fa87022}\Shell\AutoRun\command - "" = K:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {00F0EE7F-2C61-4EBD-A209-00281BDC869C} - Yahoo! Toolbar
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {0430454D-47EA-11D6-AD58-00010333D0AD} - Yahoo! Import WAB
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {270C7F22-6D59-4041-B865-76C48D190D91} - Yahoo! Search Settings Update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - WXcom Class
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8FD9D712-A285-4834-9F46-705AD5146A6B} - NoIETour
ActiveX: {924C1588-90C3-4910-B6CA-D57A1C0418FE} - YbUploadFavsCtl Class
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: wave - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
Drivers32: wave9 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (73197104696131584)

========== Files/Folders - Created Within 30 Days ==========

[2011/07/31 21:08:08 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\OTL.exe
[2011/07/31 16:37:50 | 000,139,264 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2011/07/28 21:56:57 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iAlmCoIn_v4543.dll
[2011/07/28 21:56:00 | 000,000,000 | ---D | C] -- C:\drvrtmp
[2011/07/28 08:27:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Start Menu\Programs\Dell Inc
[2011/07/28 08:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\Deployment
[2011/07/27 08:33:55 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/07/27 08:33:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/07/27 08:33:23 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/07/27 08:32:52 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2011/07/27 08:31:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/07/27 06:42:51 | 001,915,904 | ---- | C] (AVAST Software) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\aswMBR.exe
[2011/07/27 06:33:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Avira
[2011/07/26 22:52:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon MX870 series
[2011/07/26 22:52:06 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
[2011/07/26 22:51:52 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/07/26 22:51:32 | 000,277,504 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMLMA7.DLL
[2011/07/26 20:16:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/07/26 19:52:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/07/25 06:26:47 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2011/07/25 06:26:06 | 011,081,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/07/25 06:26:06 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/07/25 06:26:06 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/07/25 06:26:06 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/07/25 06:26:06 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/07/25 05:56:52 | 002,083,464 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator32.dll
[2011/07/24 22:22:42 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011/07/24 22:22:42 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011/07/24 22:22:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/07/24 22:05:16 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/07/24 22:05:16 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2011/07/24 22:05:15 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/07/24 22:05:14 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/07/24 22:03:55 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/07/24 22:03:52 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2011/07/24 22:03:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/07/24 22:03:44 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2011/07/24 22:03:29 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/07/24 22:03:28 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/07/24 22:01:56 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2011/07/24 22:00:24 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2011/07/24 21:58:37 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmSE.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmRU.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmPT.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmPL.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmNL.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmID.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmGR.DLL
[2011/07/24 20:52:28 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmFI.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmTR.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmTH.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmNO.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmKR.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmHU.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmDK.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmCZ.DLL
[2011/07/24 20:52:28 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmAR.DLL
[2011/07/24 20:52:28 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmTW.DLL
[2011/07/24 20:52:28 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmCN.DLL
[2011/07/24 20:52:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmIT.DLL
[2011/07/24 20:52:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmFR.DLL
[2011/07/24 20:52:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmES.DLL
[2011/07/24 20:52:27 | 000,003,584 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmDE.DLL
[2011/07/24 20:52:27 | 000,003,072 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmUS.DLL
[2011/07/24 20:52:27 | 000,002,560 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFLmJP.DLL
[2011/07/24 20:52:26 | 000,296,960 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCF2Lm.DLL
[2011/07/24 20:52:26 | 000,168,448 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\CNCFMSm.EXE
[2011/07/24 20:50:44 | 000,354,816 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPPM.DLL
[2011/07/24 20:50:44 | 000,137,216 | ---- | C] (CANON INC.) -- C:\WINDOWS\System32\CNMNPUI.DLL
[2011/07/24 20:50:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\STRING
[2011/07/24 20:50:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CHM
[2011/07/24 19:27:53 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wiafbdrv.dll
[2011/07/24 19:27:53 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiafbdrv.dll
[2011/07/24 18:01:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/07/24 18:00:46 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/07/24 18:00:40 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/07/24 18:00:40 | 000,066,616 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/07/24 18:00:40 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/07/24 18:00:40 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/07/24 18:00:36 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/07/24 18:00:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/07/24 16:42:33 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/24 16:20:07 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresja.dll
[2011/07/24 16:20:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresko.dll
[2011/07/24 16:20:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresfr.dll
[2011/07/24 16:20:05 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehresde.dll
[2011/07/24 16:19:53 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ehreschs.dll
[2011/07/24 16:19:34 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2011/07/24 16:19:23 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/07/24 16:19:23 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/07/24 16:19:19 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/07/24 16:19:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/07/24 16:19:06 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/07/24 16:19:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/07/24 16:19:05 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/07/24 16:19:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/07/24 16:19:04 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/07/24 16:19:03 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/07/24 16:19:02 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/07/24 16:19:02 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/07/24 16:18:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/07/24 16:18:48 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/07/24 16:18:47 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/07/24 16:18:47 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/07/24 16:18:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/07/24 16:18:47 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/07/24 16:18:46 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/07/24 16:18:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/07/24 16:18:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/07/24 16:18:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/07/24 16:18:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/07/24 16:18:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/07/24 16:18:45 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/07/24 16:18:44 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/07/24 16:18:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/07/24 16:18:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/07/24 16:18:33 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/07/24 16:18:28 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/07/24 16:18:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/07/24 16:18:23 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/07/24 16:18:18 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/07/24 16:18:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/07/24 16:18:17 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/07/24 16:18:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/07/24 16:18:16 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/07/24 16:18:16 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/07/24 16:18:02 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/07/24 16:17:34 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/07/24 16:17:34 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/07/24 16:17:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/07/24 16:17:24 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/07/24 16:17:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/07/24 16:17:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/07/24 16:17:22 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/07/24 16:17:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/07/24 16:17:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/07/24 16:17:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/07/24 16:17:21 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/07/24 16:17:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/07/24 16:17:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/07/24 16:17:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/07/24 16:17:18 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/07/24 16:17:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/07/24 16:17:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/07/24 16:17:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/07/24 16:17:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/07/24 16:17:16 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/07/24 16:17:15 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/07/24 16:17:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/07/24 16:17:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/07/24 16:17:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/07/24 16:17:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/07/24 16:17:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/07/24 16:17:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/07/24 16:17:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/07/24 16:17:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/07/24 16:17:10 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/07/24 16:16:50 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/07/24 16:16:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2011/07/24 16:16:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/07/24 16:16:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/07/24 16:16:33 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/07/24 16:16:32 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/07/24 16:16:32 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/07/24 16:16:32 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/07/24 16:16:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/07/24 16:16:07 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/07/24 16:16:06 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/07/24 16:16:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/07/24 16:16:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/07/24 16:16:04 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/07/24 16:16:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/07/24 16:16:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/07/24 16:16:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/07/24 16:16:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/07/24 16:16:00 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/07/24 16:15:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/07/24 16:15:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/07/24 16:15:21 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/07/24 16:15:17 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/07/24 16:07:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/07/24 15:26:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/07/24 15:26:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/07/24 15:26:53 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/07/24 15:26:53 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/07/24 00:58:15 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/07/23 12:54:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2011/07/23 08:04:25 | 009,954,344 | ---- | C] (SUPERAntiSpyware.com) -- C:\SAS_PRO.EXE
[2011/07/23 08:04:25 | 009,953,832 | ---- | C] (SUPERAntiSpyware.com) -- C:\SAS_FREE.EXE
[2011/07/17 09:11:24 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/07/12 18:49:15 | 002,234,368 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2011/07/12 18:41:52 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\OTL.com
[22 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/31 21:12:00 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1A35984-F22F-4BA0-BA99-E6E9D8122569}.job
[2011/07/31 21:01:00 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/07/31 20:50:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/31 20:49:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/31 20:49:46 | 3479,326,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/31 16:41:31 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{076D2C88-0114-4736-B794-BBF9AE1663D4}.job
[2011/07/28 21:57:39 | 000,491,474 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/28 21:57:39 | 000,088,762 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/28 21:55:46 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\drivers\DELL_XPS_Dell DM051 .MRK
[2011/07/28 21:55:46 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\drivers\1028_DELL_XPS_Dell DM051 .MRK
[2011/07/28 08:32:34 | 000,490,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/27 22:35:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/27 06:43:56 | 000,879,225 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\SecurityCheck.exe
[2011/07/27 06:42:52 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\aswMBR.exe
[2011/07/26 20:19:28 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/07/25 07:30:27 | 000,000,900 | ---- | M] () -- C:\WINDOWS\orun32.ini
[2011/07/25 06:45:58 | 000,958,972 | ---- | M] () -- C:\WINDOWS\System32\drivers\KmxAgent.asc
[2011/07/25 06:22:34 | 000,000,104 | ---- | M] () -- C:\Microsoft Outlook (2).lnk
[2011/07/25 06:22:24 | 000,000,104 | ---- | M] () -- C:\Microsoft Outlook.lnk
[2011/07/24 20:55:00 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/07/24 20:55:00 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/07/24 17:53:58 | 000,459,696 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\sm_dm.exe
[2011/07/24 17:52:30 | 056,039,816 | ---- | M] () -- C:\avira_antivir_personal_en.exe
[2011/07/24 16:42:38 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/07/24 16:24:55 | 000,000,264 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/07/24 16:13:36 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/07/24 16:13:36 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/07/24 16:13:23 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/07/24 16:08:35 | 000,036,992 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/07/24 16:08:07 | 000,001,066 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/07/24 16:05:57 | 000,000,280 | -HS- | M] () -- C:\boot.ini
[2011/07/24 15:31:12 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2011/07/22 22:00:54 | 016,127,536 | ---- | M] () -- C:\SASSAFERUN.COM
[2011/07/22 21:59:36 | 009,954,344 | ---- | M] (SUPERAntiSpyware.com) -- C:\SAS_PRO.EXE
[2011/07/22 21:59:08 | 009,953,832 | ---- | M] (SUPERAntiSpyware.com) -- C:\SAS_FREE.EXE
[2011/07/22 21:58:28 | 000,299,008 | ---- | M] () -- C:\RUNSAS.EXE
[2011/07/22 19:38:54 | 016,096,200 | ---- | M] () -- C:\SAS_857009.COM
[2011/07/19 16:25:32 | 000,011,776 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/07/19 16:25:22 | 000,029,696 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/07/19 15:42:44 | 002,083,464 | ---- | M] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator32.dll
[2011/07/12 16:39:36 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\OTL.com
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[22 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/28 21:56:42 | 000,001,902 | ---- | C] () -- C:\WINDOWS\System32\SetupBD.din
[2011/07/28 21:55:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\DELL_XPS_Dell DM051 .MRK
[2011/07/28 21:55:46 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\drivers\1028_DELL_XPS_Dell DM051 .MRK
[2011/07/28 09:10:31 | 000,876,544 | ---- | C] () -- C:\WINDOWS\System32\TEACico2.dll
[2011/07/27 06:43:55 | 000,879,225 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\SecurityCheck.exe
[2011/07/25 06:22:34 | 000,000,104 | ---- | C] () -- C:\Microsoft Outlook (2).lnk
[2011/07/25 06:22:24 | 000,000,104 | ---- | C] () -- C:\Microsoft Outlook.lnk
[2011/07/24 17:57:48 | 056,039,816 | ---- | C] () -- C:\avira_antivir_personal_en.exe
[2011/07/24 17:57:45 | 000,459,696 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\sm_dm.exe
[2011/07/24 16:26:35 | 3479,326,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/24 16:17:04 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/07/24 16:16:05 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/07/24 15:26:24 | 000,077,881 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plus.cat
[2011/07/24 15:26:23 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/07/24 15:26:23 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/07/24 15:26:23 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/07/24 15:26:23 | 000,017,916 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sonic.cat
[2011/07/24 15:26:23 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/07/24 15:26:23 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/07/24 15:26:23 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/07/24 15:26:22 | 000,106,147 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2011/07/24 00:58:34 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/07/24 00:47:09 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/07/23 17:11:49 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2011/07/23 08:04:26 | 000,299,008 | ---- | C] () -- C:\RUNSAS.EXE
[2011/07/23 08:04:24 | 016,127,536 | ---- | C] () -- C:\SASSAFERUN.COM
[2011/07/23 04:09:49 | 016,096,200 | ---- | C] () -- C:\SAS_857009.COM
[2011/07/23 01:28:15 | 125,927,424 | ---- | C] () -- C:\f-secure-rescue-cd-3.11-23804.iso
[2011/07/17 09:11:40 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/05/25 08:17:43 | 000,000,400 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\22404900
[2011/01/30 12:52:49 | 000,300,848 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/01/21 06:36:09 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2011/01/21 06:35:10 | 000,000,183 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2010/09/03 15:51:48 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2010/07/31 12:47:03 | 000,005,636 | ---- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2010/06/05 07:19:48 | 000,004,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\bvrp_pci.sys
[2010/01/09 12:10:10 | 000,115,660 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/08 21:39:13 | 000,000,246 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2009/07/08 19:57:22 | 000,000,797 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\Launch Internet Explorer Browser.lnk
[2009/07/08 19:44:19 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2009/07/08 19:44:19 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2009/07/08 19:43:23 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2009/07/08 19:43:23 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2009/07/08 19:43:22 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008/11/13 23:06:43 | 000,108,712 | ---- | C] () -- C:\WINDOWS\TrueInstall.exe
[2008/11/12 19:59:17 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/05/12 20:29:27 | 000,091,648 | ---- | C] () -- C:\WINDOWS\gzip.exe
[2008/04/06 19:09:11 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2008/02/06 19:36:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2007/12/25 23:25:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QUICKI~1.INI
[2007/12/25 23:15:52 | 000,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2007/11/25 21:02:49 | 000,000,085 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2007/11/06 20:57:57 | 000,215,144 | R--- | C] () -- C:\WINDOWS\patchw32.dll
[2007/11/06 20:57:03 | 000,215,144 | R--- | C] () -- C:\WINDOWS\pw32a.dll
[2007/10/29 15:25:47 | 000,001,214 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2007/10/21 01:21:07 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.PAUL NEWMAN.ini
[2007/09/23 17:37:57 | 000,000,299 | ---- | C] () -- C:\WINDOWS\EReg184.dat
[2006/12/14 16:04:00 | 000,057,344 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/07 23:03:36 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\REWCACHE.DAT
[2006/10/07 07:57:55 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/28 23:42:17 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/23 17:24:24 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JPR.{PB
[2006/04/23 17:24:24 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Application Data\PFP120JCM.{PB
[2006/03/25 14:38:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2006/03/25 14:18:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005/12/12 22:26:38 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2005/12/09 17:07:45 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/28 23:58:11 | 000,000,104 | RHS- | C] () -- C:\WINDOWS\System32\066CD7E7C2.sys
[2005/11/28 23:58:10 | 000,004,184 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/11/06 14:39:06 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/10/29 16:32:57 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\instlsp.exe
[2005/10/29 16:15:27 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS61.DLL
[2005/10/29 15:14:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2005/10/29 14:50:42 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/10/29 14:47:13 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Local Settings\Application Data\fusioncache.dat
[2005/10/23 10:48:13 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/10/23 10:45:41 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/23 10:39:58 | 000,000,860 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/10/23 10:37:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/10/23 10:12:14 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/10/23 10:11:52 | 000,000,392 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/03/22 18:38:24 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 18:38:24 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/19 17:20:39 | 000,000,900 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/19 17:12:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/19 17:03:04 | 000,036,992 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/19 17:01:43 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/19 16:57:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/19 16:57:07 | 000,490,680 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/19 16:49:47 | 000,491,474 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/19 16:49:47 | 000,088,762 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/19 16:49:43 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 00:11:42 | 000,185,856 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/05/31 20:43:38 | 000,005,632 | ---- | C] () -- C:\WINDOWS\TrueProcess.exe
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 04:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== Custom Scans ==========

otl part 2, checkup.txt, mbamlog1st August 2011, 2:09 am

otl part 2:

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/07/27 06:42:52 | 001,915,904 | ---- | M] (AVAST Software) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\aswMBR.exe
[2011/06/05 11:06:04 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\OTL.exe
[2011/07/27 06:43:56 | 000,879,225 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\SecurityCheck.exe
[2011/07/24 17:53:58 | 000,459,696 | ---- | M] () -- C:\Documents and Settings\DIANE BLUMENFIELD\Desktop\sm_dm.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >
[2006/10/07 08:31:43 | 014,405,024 | ---- | M] (Macrovision Corporation) -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\GoogleEarthWin.exe
[2007/03/26 12:30:04 | 001,435,937 | ---- | M] (Radiant Morning ) -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\setup-en.exe
[2010/11/02 21:42:19 | 004,055,048 | ---- | M] (TopoGrafix ) -- C:\Documents and Settings\DIANE BLUMENFIELD\My Documents\SetupEasyGPS.exe

< %USERPROFILE%\*.exe >
[2009/02/15 22:15:05 | 000,726,008 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Documents and Settings\DIANE BLUMENFIELD\gotomypc_437.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2008/04/13 20:11:51 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[2004/08/10 07:00:00 | 000,127,213 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ega.cpi
[2004/08/19 17:00:16 | 000,000,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\h323log.txt
[2008/04/13 11:42:06 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\stdole2.tlb
[22 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/08/06 09:03:55 | 000,000,000 | ---D | M] -- C:\Program Files\AAdvantage eShoppingSM Toolbar
[2010/08/14 16:59:26 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2006/03/04 23:58:07 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2005/11/11 13:09:01 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2005/12/01 19:24:09 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2008/08/23 14:43:22 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2006/03/25 14:38:41 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2011/03/08 07:53:14 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2011/07/24 18:00:36 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2008/02/29 00:36:28 | 000,000,000 | ---D | M] -- C:\Program Files\Bible Explorer 4
[2011/05/27 20:23:55 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/07/25 06:41:07 | 000,000,000 | ---D | M] -- C:\Program Files\CA
[2007/08/21 12:43:50 | 000,000,000 | ---D | M] -- C:\Program Files\Cakewalk
[2011/05/18 23:28:44 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2007/10/20 12:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\CDKnet
[2010/12/27 21:46:02 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2004/08/19 17:02:56 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2011/05/15 08:46:06 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2011/05/15 08:46:04 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2010/08/07 10:29:23 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2005/10/23 10:34:49 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2005/10/23 10:46:00 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2008/02/03 02:41:45 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/04/11 20:50:15 | 000,000,000 | ---D | M] -- C:\Program Files\DellSupport
[2010/09/12 13:22:52 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2007/08/28 12:41:31 | 000,000,000 | ---D | M] -- C:\Program Files\DigiTech
[2008/02/28 08:11:19 | 000,000,000 | ---D | M] -- C:\Program Files\e-Sword
[2005/10/23 10:38:40 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink Setup
[2010/11/02 21:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\EasyGPS
[2007/09/24 22:06:17 | 000,000,000 | ---D | M] -- C:\Program Files\Encountering the New Testament 2
[2004/08/19 17:16:18 | 000,000,000 | ---D | M] -- C:\Program Files\EnglishOtto
[2011/01/10 21:04:02 | 000,000,000 | ---D | M] -- C:\Program Files\Finale NotePad 2007
[2010/09/12 13:22:47 | 000,000,000 | ---D | M] -- C:\Program Files\Garmin
[2004/08/19 17:16:22 | 000,000,000 | ---D | M] -- C:\Program Files\GemMaster
[2009/03/15 07:34:17 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/06/19 15:21:00 | 000,000,000 | ---D | M] -- C:\Program Files\Hanes T-ShirtMaker Premier
[2008/05/12 20:29:05 | 000,000,000 | ---D | M] -- C:\Program Files\Homestead
[2005/10/29 15:16:26 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2011/07/28 21:49:43 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/07/25 06:52:33 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2011/07/27 22:27:00 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/10/23 10:39:05 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2010/09/03 15:52:54 | 000,000,000 | ---D | M] -- C:\Program Files\iolo
[2011/05/07 10:24:18 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/05/07 10:25:26 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2010/09/10 07:28:47 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/05/22 13:34:12 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2008/02/29 00:35:30 | 000,000,000 | ---D | M] -- C:\Program Files\Laridian
[2005/10/23 10:38:33 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2007/10/29 15:54:14 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys
[2008/07/08 00:52:49 | 000,000,000 | ---D | M] -- C:\Program Files\Ludia
[2011/07/24 16:42:39 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/25 01:23:56 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware2
[2009/08/19 18:27:39 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2009/08/19 18:27:37 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2007/08/31 17:56:51 | 000,000,000 | ---D | M] -- C:\Program Files\Memorex exPressit Label Design Studio
[2011/07/26 22:38:59 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2008/11/06 13:14:16 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006/02/22 18:39:55 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/08/15 00:30:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009/09/01 20:28:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2005/10/23 10:36:37 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Digital Media Edition
[2005/10/23 10:36:40 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Plus! Photo Story 2 LE
[2011/04/22 15:30:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/11/05 00:06:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2005/12/01 22:05:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Streets and Trips
[2006/10/23 19:57:25 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/07/28 08:34:33 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2011/07/28 22:33:06 | 000,000,000 | ---D | M] -- C:\Program Files\Modem On Hold
[2011/07/27 22:21:54 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2007/02/27 23:36:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2011/05/15 08:43:26 | 000,000,000 | ---D | M] -- C:\Program Files\MP3 Rocket
[2011/05/15 07:02:12 | 000,000,000 | ---D | M] -- C:\Program Files\MP3 Rocket FileBulldog Toolbar
[2009/08/21 21:35:33 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/09/01 20:28:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2009/01/06 19:43:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/19 17:01:48 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2010/07/26 20:53:36 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/07/25 06:26:47 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2008/11/13 22:39:48 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2009/02/28 19:53:48 | 000,000,000 | ---D | M] -- C:\Program Files\MySpace
[2011/07/26 20:00:29 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2008/07/25 08:20:45 | 000,000,000 | ---D | M] -- C:\Program Files\Oberon Media
[2006/10/23 20:26:26 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2004/08/19 17:02:42 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/07/27 22:18:38 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/01/27 08:06:43 | 000,000,000 | ---D | M] -- C:\Program Files\Palm
[2006/03/25 14:29:00 | 000,000,000 | ---D | M] -- C:\Program Files\Panasonic
[2007/09/21 18:18:26 | 000,000,000 | ---D | M] -- C:\Program Files\Parsons
[2011/05/13 22:03:03 | 000,000,000 | ---D | M] -- C:\Program Files\PC Drivers HeadQuarters
[2008/04/06 19:10:45 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA
[2007/08/28 12:57:44 | 000,000,000 | ---D | M] -- C:\Program Files\Pro Tracks
[2010/12/18 10:21:05 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/12/10 14:28:48 | 000,000,000 | ---D | M] -- C:\Program Files\QuickVerse 2006
[2011/05/15 08:46:01 | 000,000,000 | ---D | M] -- C:\Program Files\quixley_v2
[2005/10/23 10:38:18 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/08/21 21:35:13 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2004/08/19 17:20:24 | 000,000,000 | ---D | M] -- C:\Program Files\RGB
[2008/11/01 08:41:09 | 000,000,000 | R--D | M] -- C:\Program Files\rnamfler
[2011/05/07 10:14:37 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2005/10/23 10:32:16 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2008/10/14 09:57:19 | 000,000,000 | ---D | M] -- C:\Program Files\SiteAdvisor
[2008/12/20 17:54:25 | 000,000,000 | ---D | M] -- C:\Program Files\Softouch
[2011/05/15 07:02:07 | 000,000,000 | ---D | M] -- C:\Program Files\somototoolbar
[2005/10/23 10:39:58 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2010/12/27 21:45:56 | 000,000,000 | ---D | M] -- C:\Program Files\Sony
[2008/04/06 19:08:49 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Corporation
[2010/12/27 21:41:49 | 000,000,000 | ---D | M] -- C:\Program Files\Sony Media Go Install
[2010/08/06 14:11:22 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2005/11/06 14:35:09 | 000,000,000 | ---D | M] -- C:\Program Files\TabIt
[2006/08/09 21:24:31 | 000,000,000 | ---D | M] -- C:\Program Files\The Weather Channel FW
[2005/10/29 15:21:36 | 000,000,000 | ---D | M] -- C:\Program Files\TrueSwitch
[2008/07/08 00:52:59 | 000,000,000 | ---D | M] -- C:\Program Files\Trymedia
[2011/01/29 11:02:25 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2004/08/19 17:14:00 | 000,000,000 | ---D | M] -- C:\Program Files\Uninstall Information
[2009/09/03 00:11:58 | 000,000,000 | ---D | M] -- C:\Program Files\Universal
[2009/09/03 00:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\VersalSoft
[2007/04/14 14:13:50 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/07/05 15:55:01 | 000,000,000 | ---D | M] -- C:\Program Files\Virtual Earth 3D
[2008/04/12 22:16:13 | 000,000,000 | ---D | M] -- C:\Program Files\Visual Bible The Birth of Jesus_The Story Behind the Cross
[2005/10/23 10:43:51 | 000,000,000 | ---D | M] -- C:\Program Files\WebCyberCoach
[2006/06/20 23:53:05 | 000,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2008/11/13 23:03:51 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Toolbar
[2011/07/24 16:11:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2011/07/26 20:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/08/19 17:02:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Plus
[2009/08/23 16:39:24 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2004/08/19 17:05:02 | 000,000,000 | ---D | M] -- C:\Program Files\WindowsUpdate
[2005/10/23 10:41:05 | 000,000,000 | ---D | M] -- C:\Program Files\WordPerfect Office 12
[2007/06/16 19:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\WSfonts
[2004/08/19 17:07:50 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/02/18 00:55:53 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2010/09/11 21:33:49 | 000,000,000 | ---D | M] -- C:\Program Files\Yapta
[2005/10/23 10:37:32 | 000,000,000 | ---D | M] -- C:\Program Files\Your Company Name
[2009/08/21 14:54:27 | 000,000,000 | ---D | M] -- C:\Program Files\ZyXEL Communications Corporation

< MD5 for: AGP440.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:AGP440.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\i386\AGP440.SYS
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:atapi.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0028\DriverFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0029\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\i386\atapi.sys
[2004/08/10 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/10 06:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\i386\sp2.cab:disk.sys
[2004/08/10 07:00:00 | 016,971,599 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2011/07/26 19:52:11 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\sp3.cab:disk.sys
[2004/08/10 06:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\i386\disk.sys
[2004/08/10 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: IASTOR.SYS >
[2006/05/11 12:30:52 | 000,247,808 | R--- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\cmdcons\iastor.sys
[2006/05/11 12:30:52 | 000,247,808 | ---- | M] (Intel Corporation) MD5=294110966CEDD127629C5BE48367C8CF -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtUninstallKB975467$\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\78cf8552430e25a8f24bc1e4dfb1970e\sp2qfe\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\de81b460c3abcfc5b8494c785a5f3944\sp2qfe\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\SoftwareDistribution\Download\fbdd9f75315c1cf9ff63f37aaca267d3\sp2qfe\netlogon.dll
[2004/08/10 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\i386\netlogon.dll
[2004/08/10 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/10 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-31 19:28:51

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/04/25 08:01:34 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/03/21 20:10:48 | 002,388,264 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Book_Worm-Setup.exe:SummaryInformation

< End of report >

checkup.txt:
Results of screen317's Security Check version 0.99.18
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
McAfee Shredder
iolo technologies' System Mechanic
Antivirus up to date!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 13
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java 2 Runtime Environment, SE v1.4.2_03
Out of date Java installed!
Adobe Flash Player
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
iolo Common Lib ioloServiceManager.exe
``````````End of Log````````````

mbam log:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7342

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/31/2011 10:01:22 PM
mbam-log-2011-07-31 (22-01-22).txt

Scan type: Quick scan
Objects scanned: 232571
Time elapsed: 5 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

tried to remove fake windows security, now usb won't work

descriptionbump18th June 2011, 8:29 pm

descriptionRe: tried to remove fake windows security, now usb won't work21st June 2011, 3:41 am

descriptionRe: tried to remove fake windows security, now usb won't work22nd June 2011, 2:49 am

descriptionok, i followed the instructions on the "read this before posting" page 23rd June 2011, 1:03 am

descriptionotl.txt and comment on security check23rd June 2011, 1:09 am

descriptionRe: tried to remove fake windows security, now usb won't work23rd June 2011, 1:10 am

descriptionRe: tried to remove fake windows security, now usb won't work23rd June 2011, 4:29 am

descriptionRe: tried to remove fake windows security, now usb won't work23rd June 2011, 11:13 pm

descriptionRe: tried to remove fake windows security, now usb won't work24th June 2011, 6:36 am

descriptionRe: tried to remove fake windows security, now usb won't work25th June 2011, 2:29 am

descriptionRe: tried to remove fake windows security, now usb won't work25th June 2011, 3:09 am

descriptionRe: tried to remove fake windows security, now usb won't work25th June 2011, 3:24 am

descriptionRe: tried to remove fake windows security, now usb won't work26th June 2011, 5:37 am

descriptionRe: tried to remove fake windows security, now usb won't work4th July 2011, 11:33 pm

description2nd half of last otl.txt4th July 2011, 11:34 pm

descriptionRe: tried to remove fake windows security, now usb won't work6th July 2011, 12:42 am

descriptionRe: tried to remove fake windows security, now usb won't work7th July 2011, 10:42 am

descriptionRe: tried to remove fake windows security, now usb won't work7th July 2011, 10:45 am

descriptionRe: tried to remove fake windows security, now usb won't work8th July 2011, 3:57 am

descriptionRe: tried to remove fake windows security, now usb won't work9th July 2011, 3:45 pm

descriptionRe: tried to remove fake windows security, now usb won't work9th July 2011, 10:21 pm

descriptionRe: tried to remove fake windows security, now usb won't work10th July 2011, 11:32 am

descriptionRe: tried to remove fake windows security, now usb won't work11th July 2011, 4:50 am

descriptionRe: tried to remove fake windows security, now usb won't work11th July 2011, 11:26 pm

descriptionRe: tried to remove fake windows security, now usb won't work12th July 2011, 5:23 am

descriptionRe: tried to remove fake windows security, now usb won't work12th July 2011, 8:57 pm

descriptionRe: tried to remove fake windows security, now usb won't work12th July 2011, 9:18 pm

descriptionRe: tried to remove fake windows security, now usb won't work13th July 2011, 5:59 am

descriptionRe: tried to remove fake windows security, now usb won't work13th July 2011, 11:47 pm

descriptionRe: tried to remove fake windows security, now usb won't work14th July 2011, 12:56 am

descriptionRe: tried to remove fake windows security, now usb won't work14th July 2011, 5:53 am

descriptionRe: tried to remove fake windows security, now usb won't work14th July 2011, 11:03 am

descriptionRe: tried to remove fake windows security, now usb won't work15th July 2011, 3:51 am

descriptionRe: tried to remove fake windows security, now usb won't work15th July 2011, 11:21 am

descriptionRe: tried to remove fake windows security, now usb won't work16th July 2011, 4:19 am

descriptionRe: tried to remove fake windows security, now usb won't work16th July 2011, 3:31 pm

descriptionRe: tried to remove fake windows security, now usb won't work17th July 2011, 3:46 am

descriptionRe: tried to remove fake windows security, now usb won't work17th July 2011, 12:09 pm

descriptionRe: tried to remove fake windows security, now usb won't work19th July 2011, 4:28 am

descriptionRe: tried to remove fake windows security, now usb won't work19th July 2011, 11:30 am

descriptionRe: tried to remove fake windows security, now usb won't work20th July 2011, 5:45 am

descriptionRe: tried to remove fake windows security, now usb won't work21st July 2011, 3:26 am

descriptionRe: tried to remove fake windows security, now usb won't work22nd July 2011, 4:53 am

descriptionRe: tried to remove fake windows security, now usb won't work23rd July 2011, 2:15 am

descriptionRe: tried to remove fake windows security, now usb won't work23rd July 2011, 2:40 am

descriptionRe: tried to remove fake windows security, now usb won't work25th July 2011, 9:10 pm

descriptionRe: tried to remove fake windows security, now usb won't work29th July 2011, 1:43 am

descriptionRe: tried to remove fake windows security, now usb won't work29th July 2011, 5:33 am

descriptionRe: tried to remove fake windows security, now usb won't work1st August 2011, 2:07 am

descriptionotl part 2, checkup.txt, mbamlog1st August 2011, 2:09 am

descriptionRe: tried to remove fake windows security, now usb won't work

bump18th June 2011, 8:29 pm

Re: tried to remove fake windows security, now usb won't work21st June 2011, 3:41 am

Re: tried to remove fake windows security, now usb won't work22nd June 2011, 2:49 am

ok, i followed the instructions on the "read this before posting" page 23rd June 2011, 1:03 am

otl.txt and comment on security check23rd June 2011, 1:09 am

Re: tried to remove fake windows security, now usb won't work23rd June 2011, 1:10 am

Re: tried to remove fake windows security, now usb won't work23rd June 2011, 4:29 am

Re: tried to remove fake windows security, now usb won't work23rd June 2011, 11:13 pm

Re: tried to remove fake windows security, now usb won't work24th June 2011, 6:36 am

Re: tried to remove fake windows security, now usb won't work25th June 2011, 2:29 am

Re: tried to remove fake windows security, now usb won't work25th June 2011, 3:09 am

Re: tried to remove fake windows security, now usb won't work25th June 2011, 3:24 am

Re: tried to remove fake windows security, now usb won't work26th June 2011, 5:37 am

Re: tried to remove fake windows security, now usb won't work4th July 2011, 11:33 pm

2nd half of last otl.txt4th July 2011, 11:34 pm

Re: tried to remove fake windows security, now usb won't work6th July 2011, 12:42 am

Re: tried to remove fake windows security, now usb won't work7th July 2011, 10:42 am

Re: tried to remove fake windows security, now usb won't work7th July 2011, 10:45 am

Re: tried to remove fake windows security, now usb won't work8th July 2011, 3:57 am

Re: tried to remove fake windows security, now usb won't work9th July 2011, 3:45 pm

Re: tried to remove fake windows security, now usb won't work9th July 2011, 10:21 pm

Re: tried to remove fake windows security, now usb won't work10th July 2011, 11:32 am

Re: tried to remove fake windows security, now usb won't work11th July 2011, 4:50 am

Re: tried to remove fake windows security, now usb won't work11th July 2011, 11:26 pm

Re: tried to remove fake windows security, now usb won't work12th July 2011, 5:23 am

Re: tried to remove fake windows security, now usb won't work12th July 2011, 8:57 pm

Re: tried to remove fake windows security, now usb won't work12th July 2011, 9:18 pm

Re: tried to remove fake windows security, now usb won't work13th July 2011, 5:59 am

Re: tried to remove fake windows security, now usb won't work13th July 2011, 11:47 pm

Re: tried to remove fake windows security, now usb won't work14th July 2011, 12:56 am

Re: tried to remove fake windows security, now usb won't work14th July 2011, 5:53 am

Re: tried to remove fake windows security, now usb won't work14th July 2011, 11:03 am

Re: tried to remove fake windows security, now usb won't work15th July 2011, 3:51 am

Re: tried to remove fake windows security, now usb won't work15th July 2011, 11:21 am

Re: tried to remove fake windows security, now usb won't work16th July 2011, 4:19 am

Re: tried to remove fake windows security, now usb won't work16th July 2011, 3:31 pm

Re: tried to remove fake windows security, now usb won't work17th July 2011, 3:46 am

Re: tried to remove fake windows security, now usb won't work17th July 2011, 12:09 pm

Re: tried to remove fake windows security, now usb won't work19th July 2011, 4:28 am

Re: tried to remove fake windows security, now usb won't work19th July 2011, 11:30 am

Re: tried to remove fake windows security, now usb won't work20th July 2011, 5:45 am

Re: tried to remove fake windows security, now usb won't work21st July 2011, 3:26 am

Re: tried to remove fake windows security, now usb won't work22nd July 2011, 4:53 am

Re: tried to remove fake windows security, now usb won't work23rd July 2011, 2:15 am

Re: tried to remove fake windows security, now usb won't work23rd July 2011, 2:40 am

Re: tried to remove fake windows security, now usb won't work25th July 2011, 9:10 pm

Re: tried to remove fake windows security, now usb won't work29th July 2011, 1:43 am

Re: tried to remove fake windows security, now usb won't work29th July 2011, 5:33 am

Re: tried to remove fake windows security, now usb won't work1st August 2011, 2:07 am

otl part 2, checkup.txt, mbamlog1st August 2011, 2:09 am

Re: tried to remove fake windows security, now usb won't work