I was recommended to this forum by a friend because I'm having major problems with my laptop. I share this laptop with my wife so I cannot pinpoint exactly where the problem began but I just noticed it a few days ago. I've tried several antivirus programs, the guide this site recommend and nothing seems to change. The problems are:
-locks up when the desktop loads and though after a long time I can start to do stuff but every action makes it lock up longer.
-When I can manage to get to the task manager open it always says the CPU is at 100%, but when I count everything listed and the idle time it leaves a large chunk unaccounted for.
-Norton 11 was on the laptop but crashes before it can finish a scan; even in safe mode.
-Spybot and Malware Bytes crash but both completed in safe mode. Spybot found nothing and Malware Bytes found several trojans, removed them but nothing changed.
-The screen saver can't be disabled. It will accept a change but just revert back after you close out. The screen saver is that traditional bubbles one but it now also won't run and instead brings up a black screen that mentions an issue with the video card being unable to run it and this also many times permanently locks up the computer or crashes any programs running (originally discovered the problem from it killing a malware bytes scan in safe mode)
-When the desktop comes up normally it says that "Windows Help fails to load."
-Internet won't work unless it is in safe mode with networking.
-iTunes won't recognize files.
-There is a program on there called CA Security Suite and it cannot be removed.
-All the system restore points have vanished/been deleted. I've used this in the past so I know they existed.
Just hoping someone can give some insight on how to fix this. I can't system restore due to the restore points vanishing. I considered resetting to factory default but the was either never a backup image or it too vanished and we no longer have the discs that came with the laptop so trying to fix it myself or taking it in for repair are the only real options. Big thanks in advance to any help that can be offered.
====
OTL logfile created on: 4/30/2011 11:52:40 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kasey Lamb\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 479.00 Mb Available Physical Memory | 47.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 36.04 Gb Free Space | 32.67% Space Free | Partition Type: NTFS
Computer Name: KASEYLAMB-PC | User Name: Kasey Lamb | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/04/30 23:51:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
PRC - [2011/04/30 23:39:39 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2011/04/30 23:51:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2010/11/23 22:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\ccSvcHst.exe -- (NAV)
SRV - [2010/04/12 19:15:00 | 000,214,256 | ---- | M] (CA, Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/21 19:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 22:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008/01/17 19:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/25 17:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/12/03 20:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/30 03:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2007/10/23 20:27:16 | 000,066,928 | ---- | M] () [Auto | Stopped] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/10/18 10:24:46 | 000,801,296 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2007/10/18 10:24:44 | 000,145,936 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe -- (UMxFwHlp)
SRV - [2007/09/28 20:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/09/24 21:38:00 | 000,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/06/25 22:17:04 | 000,537,840 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\dlbkcoms.exe -- (dlbk_device)
SRV - [2007/01/25 22:47:50 | 000,136,816 | ---- | M] () [Auto | Stopped] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/12/12 04:22:34 | 000,537,480 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\dlcqcoms.exe -- (dlcq_device)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 20:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2004/03/25 10:12:48 | 000,024,657 | ---- | M] (Marimba, Inc.) [Auto | Stopped] -- c:\Program Files\Marimba\Castanet Tuner\Tuner.exe -- (MarimbaClient)
========== Driver Services (SafeList) ==========
DRV - [2011/04/16 11:49:26 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/04/15 01:00:00 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20110415.035\NAVEX15.SYS -- (NAVEX15)
DRV - [2011/04/15 01:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/04/15 01:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/04/15 01:00:00 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20110415.035\NAVENG.SYS -- (NAVENG)
DRV - [2010/12/01 01:23:59 | 000,330,360 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2010/11/23 00:21:16 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/23 00:08:31 | 000,509,560 | R--- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\system32\drivers\NAV\1205000.07D\SRTSP.SYS -- (SRTSP)
DRV - [2010/11/23 00:08:31 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NAV\1205000.07D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/11/17 22:59:55 | 000,652,336 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMEFA.SYS -- (SymEFA)
DRV - [2010/11/15 21:45:33 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\system32\drivers\NAV\1205000.07D\Ironx86.SYS -- (SymIRON)
DRV - [2010/11/10 21:46:29 | 000,353,912 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20101201.001\IDSvix86.sys -- (IDSVix86)
DRV - [2010/10/20 22:28:36 | 000,340,016 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1205000.07D\SYMDS.SYS -- (SymDS)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/12/23 03:47:52 | 000,138,240 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/07/29 05:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/06/24 19:16:18 | 000,103,952 | ---- | M] (CA) [Kernel | Boot | Stopped] -- C:\Windows\System32\DRIVERS\kmxfw.sys -- (KmxFw)
DRV - [2008/06/24 19:16:08 | 000,138,744 | ---- | M] (CA) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KmxCF.sys -- (KmxCF)
DRV - [2008/06/24 19:08:56 | 000,066,576 | ---- | M] (CA) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\KmxSbx.sys -- (KmxSbx)
DRV - [2008/06/24 19:08:46 | 000,045,584 | ---- | M] (CA) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\KmxFile.sys -- (KmxFile)
DRV - [2008/06/24 19:08:42 | 000,088,816 | ---- | M] (CA) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2008/06/24 19:08:36 | 000,063,504 | ---- | M] (CA) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2008/01/21 18:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2007/11/09 17:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/02 15:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/08/31 20:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/01/24 18:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/23 20:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 15:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/10 23:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/10/04 22:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 22:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/08/30 12:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/07/28 20:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.highed.aleks.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "jZip Web Search"
FF - prefs.js..browser.search.order.1: "jZip Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-i3752"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-i3752"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/11/09 21:31:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\IPSFFPlgn\ [2011/04/16 11:57:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 23:39:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 23:39:45 | 000,000,000 | ---D | M]
[2009/07/19 23:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Extensions
[2009/07/19 23:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/04/30 23:50:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions
[2010/04/26 22:38:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/16 17:28:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/26 22:38:08 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2008/12/11 22:44:24 | 000,000,000 | ---D | M] (ToneThis) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\[email protected]
[2010/04/30 11:17:22 | 000,000,000 | ---D | M] ("Minnesota Wild Boom") -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\[email protected]
[2008/12/11 22:44:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\[email protected]\chrome
[2011/02/28 11:00:57 | 000,000,000 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\searchplugins\ask-1.xml
[2011/01/18 12:13:21 | 000,000,000 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\searchplugins\ask.xml
[2010/07/30 14:03:39 | 000,000,000 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\searchplugins\bing.xml
[2010/03/05 19:38:47 | 000,000,526 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\searchplugins\yahoo.xml
[2011/04/30 23:50:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/28 10:21:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 17:37:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/11/09 21:31:15 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011/04/16 11:57:05 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\IPSFFPLGN
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/12/16 13:29:40 | 000,000,839 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jZipWebSearch.xml
O1 HOSTS File: ([2011/04/18 19:07:01 | 000,432,286 | R--- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14880 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.5.0.125\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [cafwc] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe (CA, Inc.)
O4 - HKLM..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe (CA, Inc.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe (CA, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TOSCDSPD] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 76.85.229.110 76.85.229.111
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\Windows\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: C:\Users\Kasey Lamb\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kasey Lamb\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{02ae08f5-7700-11dd-b9cc-001eec337f22}\Shell - "" = AutoRun
O33 - MountPoints2\{02ae08f5-7700-11dd-b9cc-001eec337f22}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{456b0e0c-2e92-11de-9bcd-001eec337f22}\Shell - "" = Autorun
O33 - MountPoints2\{456b0e0c-2e92-11de-9bcd-001eec337f22}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\RECYCLER\S-2-4-20-100001542-100014547-100025202-4125.com i:\
O33 - MountPoints2\{456b0e0c-2e92-11de-9bcd-001eec337f22}\Shell\Open\command - "" = E:\RECYCLER\S-2-4-20-100001542-100014547-100025202-4125.com i:\
O33 - MountPoints2\{456b0e0f-2e92-11de-9bcd-001eec337f22}\Shell - "" = AutoRun
O33 - MountPoints2\{456b0e0f-2e92-11de-9bcd-001eec337f22}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{a3addf9a-5480-11df-8cc2-001eec337f22}\Shell\Auto\command - "" = E:\dds.exe
O33 - MountPoints2\{a3addf9a-5480-11df-8cc2-001eec337f22}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\dds.exe
O33 - MountPoints2\{ac720752-af85-11dd-bb28-001eec337f22}\Shell - "" = AutoRun
O33 - MountPoints2\{ac720752-af85-11dd-bb28-001eec337f22}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\sources\sperr32.exe x64
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/30 23:51:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
[2011/04/30 11:24:03 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/04/21 17:33:38 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\Desktop\Torrents
[2011/04/17 09:06:36 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\AppData\Local\CrashDumps
[2011/04/16 20:40:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/04/16 20:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/04/16 18:12:02 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\AppData\Roaming\Malwarebytes
[2011/04/16 18:11:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/04/16 18:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/04/16 18:11:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/04/16 18:11:49 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/04/16 18:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/04/16 16:59:34 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/04/16 16:59:11 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\AppData\Roaming\Tific
[2011/04/16 16:17:17 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\Documents\Symantec
[2011/04/16 12:02:17 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\AppData\Local\Symantec
[2011/04/16 11:49:26 | 000,126,512 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/04/16 11:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/04/16 11:49:08 | 000,652,336 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\SymEFA.sys
[2011/04/16 11:49:08 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\SymDS.sys
[2011/04/16 11:49:08 | 000,330,360 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\symtdiv.sys
[2011/04/16 11:49:08 | 000,295,032 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\symnets.sys
[2011/04/16 11:49:08 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\srtspx.sys
[2011/04/16 11:49:07 | 000,509,560 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\srtsp.sys
[2011/04/16 11:49:07 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1205000.07D\Ironx86.sys
[2011/04/16 11:48:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV
[2011/04/16 11:48:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV\1205000.07D
[2011/04/16 11:48:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2011/04/16 11:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2011/04/16 11:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011/04/16 11:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2011/04/16 11:29:43 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2011/04/16 11:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011/04/16 11:24:10 | 000,397,880 | ---- | C] (Symantec Corporation) -- C:\Users\Kasey Lamb\Desktop\NAVDownloader.exe
[2011/04/16 01:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\eHg06511pGcBe06511
[2011/04/14 03:01:42 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2008/12/01 23:25:02 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBKhcp.dll
[2008/12/01 23:25:00 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbkcu.dll
[2008/12/01 23:23:55 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbkcomm.dll
[2008/08/26 19:53:44 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcqinpa.dll
[2008/08/26 19:53:44 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLCQhcp.dll
[2008/08/26 19:53:43 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcqiesc.dll
[2008/08/26 19:53:42 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcqserv.dll
[2008/08/26 19:53:42 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcqusb1.dll
[2008/08/26 19:53:41 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcqpmui.dll
[2008/08/26 19:53:41 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcqlmpm.dll
[2008/08/26 19:53:41 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcqprox.dll
[2008/08/26 19:53:41 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcqpplc.dll
[2008/08/26 19:53:39 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcqhbn3.dll
[2008/08/26 19:53:39 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcqih.exe
[2008/08/26 19:53:37 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomc.dll
[2008/08/26 19:53:37 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcqcoms.exe
[2008/08/26 19:53:37 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomm.dll
[2008/08/26 19:53:36 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcqcfg.exe
[2007/06/25 22:17:06 | 000,386,288 | ---- | C] ( ) -- C:\Windows\System32\dlbkih.exe
[2007/06/25 22:17:04 | 000,537,840 | ---- | C] ( ) -- C:\Windows\System32\dlbkcoms.exe
[2007/06/25 22:17:00 | 000,382,192 | ---- | C] ( ) -- C:\Windows\System32\dlbkcfg.exe
[2007/01/30 15:47:52 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbkpmui.dll
[2007/01/30 15:46:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbkserv.dll
[2007/01/30 15:36:30 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbklmpm.dll
[2007/01/30 15:35:00 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbkiesc.dll
[2007/01/30 15:32:06 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbkpplc.dll
[2007/01/30 15:31:08 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbkcomc.dll
[2007/01/30 15:30:30 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbkprox.dll
[2007/01/30 15:22:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbkinpa.dll
[2007/01/30 15:21:46 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbkusb1.dll
[2007/01/30 15:17:02 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbkhbn3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/04/30 23:51:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
[2011/04/30 23:37:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/30 22:36:35 | 000,001,356 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Local\d3d9caps.dat
[2011/04/30 21:11:10 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/30 21:11:10 | 000,105,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/28 12:55:53 | 000,019,501 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\canceled check.pdf
[2011/04/25 14:13:12 | 000,078,279 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\Unit4Outline.pdf
[2011/04/20 11:34:55 | 000,000,859 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\Norton Installation Files.lnk
[2011/04/18 23:17:00 | 000,102,528 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2011/04/18 23:17:00 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2011/04/18 22:13:39 | 000,002,613 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\Microsoft Word 2010.lnk
[2011/04/18 19:07:01 | 000,432,286 | R--- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/04/17 20:30:59 | 000,432,286 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110418-190700.backup
[2011/04/17 19:04:01 | 144,412,557 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/17 18:33:09 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/17 18:28:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/17 18:28:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/17 18:24:45 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/16 23:00:14 | 000,432,286 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110417-203059.backup
[2011/04/16 20:40:56 | 000,001,090 | ---- | M] () -- C:\Users\Kasey Lamb\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/04/16 20:40:56 | 000,001,066 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\Spybot - Search & Destroy.lnk
[2011/04/16 20:35:41 | 000,495,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/04/16 18:11:54 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/16 11:55:01 | 002,327,008 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1205000.07D\Cat.DB
[2011/04/16 11:49:26 | 000,126,512 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011/04/16 11:49:26 | 000,007,456 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/04/16 11:49:26 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/04/16 11:49:14 | 000,002,147 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011/04/16 11:20:33 | 000,397,880 | ---- | M] (Symantec Corporation) -- C:\Users\Kasey Lamb\Desktop\NAVDownloader.exe
[2011/04/09 20:11:45 | 000,000,954 | ---- | M] () -- C:\Users\Kasey Lamb\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/04/09 17:14:55 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/04/09 17:14:55 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/04/09 17:13:41 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/28 12:55:53 | 000,019,501 | ---- | C] () -- C:\Users\Kasey Lamb\Desktop\canceled check.pdf
[2011/04/25 14:13:12 | 000,078,279 | ---- | C] () -- C:\Users\Kasey Lamb\Desktop\Unit4Outline.pdf
[2011/04/24 19:32:16 | 000,163,706 | ---- | C] () -- C:\Windows\hpoins36.dat.temp
[2011/04/24 19:32:16 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat.temp
[2011/04/18 23:16:40 | 000,001,983 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/04/16 20:40:56 | 000,001,090 | ---- | C] () -- C:\Users\Kasey Lamb\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/04/16 20:40:56 | 000,001,066 | ---- | C] () -- C:\Users\Kasey Lamb\Desktop\Spybot - Search & Destroy.lnk
[2011/04/16 18:11:54 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/16 11:53:07 | 002,327,008 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\Cat.DB
[2011/04/16 11:49:26 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011/04/16 11:49:26 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011/04/16 11:49:14 | 000,002,147 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011/04/16 11:48:49 | 000,003,374 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymEFA.inf
[2011/04/16 11:48:49 | 000,002,792 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymDS.inf
[2011/04/16 11:48:49 | 000,001,474 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymNetV.inf
[2011/04/16 11:48:49 | 000,001,446 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymNet.inf
[2011/04/16 11:48:49 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\srtspx.inf
[2011/04/16 11:48:49 | 000,001,383 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\srtsp.inf
[2011/04/16 11:48:49 | 000,000,742 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\Iron.inf
[2011/04/16 11:48:48 | 000,007,877 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\symnetv.cat
[2011/04/16 11:48:48 | 000,007,528 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\iron.cat
[2011/04/16 11:48:48 | 000,007,458 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymNet.cat
[2011/04/16 11:48:48 | 000,007,456 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymEFA.cat
[2011/04/16 11:48:48 | 000,007,454 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\srtspx.cat
[2011/04/16 11:48:48 | 000,007,450 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\SymDS.cat
[2011/04/16 11:48:48 | 000,007,450 | R--- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\srtsp.cat
[2011/04/16 11:48:48 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1205000.07D\isolate.ini
[2011/04/16 11:29:43 | 000,000,859 | ---- | C] () -- C:\Users\Kasey Lamb\Desktop\Norton Installation Files.lnk
[2011/04/09 17:13:41 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010/04/27 13:48:19 | 000,001,356 | ---- | C] () -- C:\Users\Kasey Lamb\AppData\Local\d3d9caps.dat
[2009/11/09 21:11:30 | 000,163,706 | ---- | C] () -- C:\Windows\hpoins36.dat
[2009/08/18 21:42:06 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/18 21:42:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/24 05:40:36 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009/01/06 00:47:01 | 000,000,097 | ---- | C] () -- C:\Users\Kasey Lamb\AppData\Roaming\SSTracePrefs.xml
[2008/12/01 23:25:02 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbkutil.dll
[2008/12/01 23:25:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBKinst.dll
[2008/12/01 23:25:01 | 000,462,848 | ---- | C] () -- C:\Windows\System32\dlbkjswr.dll
[2008/12/01 23:25:00 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbkinsb.dll
[2008/12/01 23:25:00 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbkcur.dll
[2008/11/30 13:37:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbkvs.dll
[2008/11/30 00:17:40 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/29 23:59:48 | 000,000,203 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/09/01 21:48:06 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcqcoin.dll
[2008/09/01 21:41:58 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2008/09/01 21:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2008/08/26 19:53:45 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLCQinst.dll
[2008/08/26 19:53:43 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcqutil.dll
[2008/08/26 19:53:40 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcqinsb.dll
[2008/08/26 19:53:40 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcqins.dll
[2008/08/26 19:53:40 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcqjswr.dll
[2008/08/26 19:53:40 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcqinsr.dll
[2008/08/26 19:53:39 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcqgrd.dll
[2008/08/26 19:53:38 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcqcub.dll
[2008/08/26 19:53:38 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcqcur.dll
[2008/08/26 19:53:37 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcqcu.dll
[2008/08/26 19:53:36 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLCQcfg.dll
[2008/08/08 03:01:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/03 23:24:50 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/05/03 21:49:43 | 000,007,168 | ---- | C] () -- C:\Users\Kasey Lamb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/03 16:56:51 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/05/03 16:56:50 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/02/20 15:16:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/02/20 15:16:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/02/20 15:16:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/02/20 15:16:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/02/20 15:16:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/02/20 15:16:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/02/20 15:03:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2008/02/20 15:03:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2008/02/20 15:03:54 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\RtkHDAud.dat
[2008/02/18 22:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/18 22:36:45 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2008/02/18 22:33:34 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/02/18 22:33:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/02/18 22:33:34 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/02/18 22:33:34 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/02/18 21:31:59 | 000,157,040 | ---- | C] () -- C:\Windows\fdbpinger.exe
[2007/12/21 20:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/09/13 18:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007/09/13 18:22:46 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/13 18:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/09/13 18:11:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/02/07 23:58:00 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,495,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,607,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,105,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 17:32:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcqcaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcqdrs.dll
[2006/05/09 10:10:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcqcnv4.dll
[2006/04/25 03:11:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcqvs.dll
[2006/03/09 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 18:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/09/13 22:27:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbkcnv5.dll
[2005/09/13 22:27:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbkcnv4.dll
[2005/07/23 01:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2003/06/02 13:13:42 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbkcoin.dll
[2003/01/07 17:15:26 | 000,000,255 | ---- | C] () -- C:\Windows\System32\dlbkcoin.ini
========== LOP Check ==========
[2009/06/29 09:59:14 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Common Files
[2011/03/13 20:06:03 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\FrostWire
[2010/12/20 14:57:18 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Leadertech
[2009/07/19 23:12:32 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\LimeWire
[2008/10/14 16:05:36 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Marimba
[2009/06/29 09:59:14 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\MDSelfPlay
[2008/12/01 20:51:01 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Opera
[2011/04/18 18:48:19 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Ringtone Expressions
[2011/04/16 16:59:11 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Tific
[2008/05/03 17:31:01 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\TOSHIBA
[2008/05/03 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\Ulead Systems
[2011/04/22 12:31:36 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\uTorrent
[2008/05/03 21:02:40 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\WildTangent
[2008/05/03 17:10:32 | 000,000,000 | ---D | M] -- C:\Users\Kasey Lamb\AppData\Roaming\WinBatch
[2011/04/17 02:33:53 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >