Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Major Errors: CPU always maxed out, laptop stays locked up besides saf

Started by blakeisamped , Apr 30 2011 10:29 PM

  • This topic is locked This topic is locked

#16
blakeisamped
Posted 24 May 2011 - 07:45 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hi, I ran the fixMBR as you laid out in option A and it completed successfully. I rebooted into normal mode and ran aswMBR and I recieved the blue memory dump screen and the computer rebooted. I put it in safe mode again and ran aswMBR again and recieved this log:

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software
Run date: 2011-05-24 21:34:13
-----------------------------
21:34:13.247 OS Version: Windows 6.0.6002 Service Pack 2
21:34:13.247 Number of processors: 2 586 0xF0D
21:34:13.247 ComputerName: KASEYLAMB-PC UserName: Kasey Lamb
21:35:41.715 Initialize success
21:35:57.362 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
21:35:57.362 Disk 0 Vendor: TOSHIBA_MK1246GSX LB213M Size: 114473MB BusType: 3
21:35:59.421 Disk 0 MBR read successfully
21:35:59.436 Disk 0 MBR scan
21:35:59.436 Disk 0 unknown MBR code
21:36:01.464 Disk 0 scanning sectors +234440704
21:36:01.511 Disk 0 scanning C:\Windows\system32\drivers
21:36:08.687 Service scanning
21:36:12.416 Disk 0 trace - called modules:
21:36:12.462 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys ndis.sys athr.sys tcpip.sys NETIO.SYS
21:36:12.478 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84cd5968]
21:36:12.509 3 CLASSPNP.SYS[82f118b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x84b5a8a0]
21:36:12.525 Scan finished successfully
21:39:33.843 Disk 0 MBR has been saved successfully to "C:\Users\Kasey Lamb\Desktop\MBR.dat"
21:39:33.936 The log file has been saved successfully to "C:\Users\Kasey Lamb\Desktop\aswMBRsavelog.txt"
  • 0

Advertisements

#17
Salagubang
Posted 24 May 2011 - 08:08 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
:)

Do you still have the driver reinstall CD that came with the laptop when you bought it. I reckon we should try reinstalling the audio drivers and see if it fixes the problem.
  • 0

#18
blakeisamped
Posted 25 May 2011 - 07:28 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
We unfortunately do not. Is there any other way that I can reinstall it?
  • 0

#19
Salagubang
Posted 25 May 2011 - 10:41 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
We could download the drivers online. What is the make and model of this machine?
  • 0

#20
blakeisamped
Posted 27 May 2011 - 02:59 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hi, it is a Toshiba Satellite A205-S5825
  • 0

#21
Salagubang
Posted 27 May 2011 - 05:30 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Visit Toshiba Support here and download the audio driver as listed below.

Realtek Audio Driver for Windows 7 (32/64)(v6.0.1.5904; 09-03-2009; 65.63M)
  • 0

#22
blakeisamped
Posted 30 May 2011 - 07:11 AM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hi,
Sorry it took so long to reply. Yes, the sound is working now and the taskbar returned to its normal state, but it has slowed the computer down tremendously. The CPU is back to 100% and I scrolled the service log and it seems like mtr.exe and TeaTimer.exe seem to be what is using it. They will fluctuate, but the cpu will still stay around 94& to 100%. Plus it took the computer almost 45 minutes to reboot.
  • 0

#23
Salagubang
Posted 30 May 2011 - 07:56 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi,

mtr.exe is a nasty while teatimer is part of S&D antispyware.

Please run OTL and and choose run scan, post the log on your next reply for review. :)
  • 0

#24
blakeisamped
Posted 30 May 2011 - 08:49 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hi,
I have the log, but when I booted to run the OTL scan. Once again there was no sound. I tried to reinstall the driver, but it did not help. The computer speed seemed to be normal though. It seems like I can either have speed or Sound.
Here is the OTL Log:
OTL logfile created on: 5/30/2011 10:22:57 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Kasey Lamb\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 344.00 Mb Available Physical Memory | 34.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 110.32 Gb Total Space | 35.39 Gb Free Space | 32.08% Space Free | Partition Type: NTFS

Computer Name: KASEYLAMB-PC | User Name: Kasey Lamb | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/30 23:51:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/20 08:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


========== Modules (SafeList) ==========

MOD - [2011/04/30 23:51:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (UMxFwHlp)
SRV - File not found [Auto | Stopped] -- -- (UmxCfg)
SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - File not found [On_Demand | Stopped] -- -- (CaCCProvSP)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/21 19:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 22:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 22:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008/01/17 19:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/25 17:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/12/03 20:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 21:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/30 03:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2007/10/23 20:27:16 | 000,066,928 | ---- | M] () [Auto | Stopped] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/09/28 20:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/09/24 21:38:00 | 000,181,784 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2007/06/25 22:17:04 | 000,537,840 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\dlbkcoms.exe -- (dlbk_device)
SRV - [2007/01/25 22:47:50 | 000,136,816 | ---- | M] () [Auto | Stopped] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/12/12 04:22:34 | 000,537,480 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\dlcqcoms.exe -- (dlcq_device)
SRV - [2006/10/05 16:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Stopped] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 20:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/09/09 04:24:30 | 000,102,400 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2004/03/25 10:12:48 | 000,024,657 | ---- | M] (Marimba, Inc.) [Auto | Stopped] -- c:\Program Files\Marimba\Castanet Tuner\Tuner.exe -- (MarimbaClient)


========== Driver Services (SafeList) ==========

DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/12/23 03:47:52 | 000,138,240 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/11/11 14:42:00 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008/11/11 14:41:00 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008/11/11 14:41:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008/07/29 05:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/01/21 18:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008/01/20 22:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2007/11/09 17:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/02 15:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/08/31 20:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/01/24 18:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/11/28 19:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/23 20:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 15:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/10 23:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/10/04 22:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 22:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/08/30 12:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/07/28 20:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.highed.aleks.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "jZip Web Search"
FF - prefs.js..browser.search.order.1: "jZip Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-i3752"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-i3752"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {dd3d7613-0246-469d-bc65-2a3cc1668adc}:0.7.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.5
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/11/09 21:31:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 23:39:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 23:39:45 | 000,000,000 | ---D | M]

[2009/07/19 23:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Extensions
[2009/07/19 23:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/05/30 10:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions
[2010/04/26 22:38:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/16 17:28:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/26 22:38:08 | 000,000,000 | ---D | M] (BlockSite) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2008/12/11 22:44:24 | 000,000,000 | ---D | M] (ToneThis) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\[email protected]
[2010/04/30 11:17:22 | 000,000,000 | ---D | M] ("Minnesota Wild Boom") -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\[email protected]
[2008/12/11 22:44:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\extensions\[email protected]\chrome
[2010/03/05 19:38:47 | 000,000,526 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Roaming\Mozilla\Firefox\Profiles\eg72o2ud.default\searchplugins\yahoo.xml
[2011/05/30 10:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/28 10:21:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/05 17:37:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/11/09 21:31:15 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2011/02/02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/05/21 22:28:34 | 000,433,811 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14956 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No CLSID value found.
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 76.85.229.110 76.85.229.111
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\Windows\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: C:\Users\Kasey Lamb\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kasey Lamb\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/30 22:17:32 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011/05/30 22:17:32 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011/05/30 22:17:31 | 001,227,296 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011/05/30 22:17:31 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011/05/30 22:17:31 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011/05/30 22:17:31 | 000,052,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011/05/30 22:17:30 | 002,898,464 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011/05/30 22:17:30 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011/05/30 22:17:30 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011/05/30 22:17:29 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011/05/30 22:17:29 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011/05/30 22:17:28 | 000,266,240 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2011/05/30 22:17:28 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2011/05/30 22:17:28 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2011/05/30 22:17:23 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011/05/28 03:02:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011/05/27 20:34:25 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2011/05/20 13:05:50 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Kasey Lamb\Desktop\aswMBR.exe
[2011/05/17 13:22:18 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/10 12:03:28 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011/05/10 11:51:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/05/10 11:51:12 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/05/09 19:30:50 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Kasey Lamb\Desktop\esetsmartinstaller_enu.exe
[2011/05/09 19:28:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011/05/09 19:06:10 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/09 18:55:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/09 18:52:59 | 000,000,000 | ---D | C] -- C:\Users\Kasey Lamb\AppData\Local\temp
[2011/05/06 23:37:07 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/06 23:33:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/06 23:19:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/02 21:12:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\%LOCALAPPDATA%
[2011/04/30 23:51:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
[2008/12/01 23:25:02 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBKhcp.dll
[2008/12/01 23:25:00 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbkcu.dll
[2008/12/01 23:23:55 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbkcomm.dll
[2008/08/26 19:53:44 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcqinpa.dll
[2008/08/26 19:53:44 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLCQhcp.dll
[2008/08/26 19:53:43 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcqiesc.dll
[2008/08/26 19:53:42 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcqserv.dll
[2008/08/26 19:53:42 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcqusb1.dll
[2008/08/26 19:53:41 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcqpmui.dll
[2008/08/26 19:53:41 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcqlmpm.dll
[2008/08/26 19:53:41 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcqprox.dll
[2008/08/26 19:53:41 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcqpplc.dll
[2008/08/26 19:53:39 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcqhbn3.dll
[2008/08/26 19:53:39 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcqih.exe
[2008/08/26 19:53:37 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomc.dll
[2008/08/26 19:53:37 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcqcoms.exe
[2008/08/26 19:53:37 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcqcomm.dll
[2008/08/26 19:53:36 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcqcfg.exe
[2007/06/25 22:17:06 | 000,386,288 | ---- | C] ( ) -- C:\Windows\System32\dlbkih.exe
[2007/06/25 22:17:04 | 000,537,840 | ---- | C] ( ) -- C:\Windows\System32\dlbkcoms.exe
[2007/06/25 22:17:00 | 000,382,192 | ---- | C] ( ) -- C:\Windows\System32\dlbkcfg.exe
[2007/01/30 15:47:52 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbkpmui.dll
[2007/01/30 15:46:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbkserv.dll
[2007/01/30 15:36:30 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbklmpm.dll
[2007/01/30 15:35:00 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbkiesc.dll
[2007/01/30 15:32:06 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbkpplc.dll
[2007/01/30 15:31:08 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbkcomc.dll
[2007/01/30 15:30:30 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbkprox.dll
[2007/01/30 15:22:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbkinpa.dll
[2007/01/30 15:21:46 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbkusb1.dll
[2007/01/30 15:17:02 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbkhbn3.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/30 22:26:42 | 000,607,406 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/30 22:26:42 | 000,105,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/30 22:21:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/30 22:21:44 | 1063,706,624 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/30 22:17:36 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2011/05/30 21:09:05 | 000,001,356 | ---- | M] () -- C:\Users\Kasey Lamb\AppData\Local\d3d9caps.dat
[2011/05/29 09:36:12 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/29 09:36:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/29 08:58:42 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/29 08:58:41 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/27 20:47:54 | 000,002,613 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\Microsoft Word 2010.lnk
[2011/05/27 20:32:49 | 068,816,728 | ---- | M] () -- C:\Users\Kasey Lamb\Desktop\driver_audio_realtek_TC40067700A.exe
[2011/05/24 21:32:17 | 176,548,117 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/05/21 22:28:34 | 000,433,811 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/20 13:05:54 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Kasey Lamb\Desktop\aswMBR.exe
[2011/05/17 13:27:00 | 000,431,577 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110521-222834.backup
[2011/05/17 13:22:18 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/05/09 19:30:53 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Kasey Lamb\Desktop\esetsmartinstaller_enu.exe
[2011/05/09 18:55:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110517-132700.backup
[2011/05/09 18:02:08 | 000,102,528 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k0
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k7
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k6
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k5
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k4
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k3
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k2
[2011/05/09 18:02:08 | 000,000,064 | ---- | M] () -- C:\Windows\System32\drivers\kmxcfg.u2k1
[2011/04/30 23:51:50 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Kasey Lamb\Desktop\OTL.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/30 22:13:44 | 1063,706,624 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/27 20:31:17 | 068,816,728 | ---- | C] () -- C:\Users\Kasey Lamb\Desktop\driver_audio_realtek_TC40067700A.exe
[2011/05/22 11:14:19 | 000,001,983 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2011/04/24 19:32:16 | 000,163,706 | ---- | C] () -- C:\Windows\hpoins36.dat.temp
[2011/04/24 19:32:16 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat.temp
[2010/04/27 13:48:19 | 000,001,356 | ---- | C] () -- C:\Users\Kasey Lamb\AppData\Local\d3d9caps.dat
[2009/11/09 21:11:30 | 000,163,706 | ---- | C] () -- C:\Windows\hpoins36.dat
[2009/08/18 21:42:06 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/18 21:42:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/24 05:40:36 | 000,000,652 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2009/01/06 00:47:01 | 000,000,097 | ---- | C] () -- C:\Users\Kasey Lamb\AppData\Roaming\SSTracePrefs.xml
[2008/12/01 23:25:02 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbkutil.dll
[2008/12/01 23:25:02 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBKinst.dll
[2008/12/01 23:25:01 | 000,462,848 | ---- | C] () -- C:\Windows\System32\dlbkjswr.dll
[2008/12/01 23:25:00 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbkinsb.dll
[2008/12/01 23:25:00 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbkcur.dll
[2008/11/30 13:37:44 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbkvs.dll
[2008/11/30 00:17:40 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008/11/29 23:59:48 | 000,000,203 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/09/01 21:48:06 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcqcoin.dll
[2008/09/01 21:41:58 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2008/09/01 21:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2008/08/26 19:53:45 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLCQinst.dll
[2008/08/26 19:53:43 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcqutil.dll
[2008/08/26 19:53:40 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcqinsb.dll
[2008/08/26 19:53:40 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcqins.dll
[2008/08/26 19:53:40 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcqjswr.dll
[2008/08/26 19:53:40 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcqinsr.dll
[2008/08/26 19:53:39 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcqgrd.dll
[2008/08/26 19:53:38 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcqcub.dll
[2008/08/26 19:53:38 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcqcur.dll
[2008/08/26 19:53:37 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcqcu.dll
[2008/08/26 19:53:36 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLCQcfg.dll
[2008/08/08 03:01:02 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/03 23:24:50 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/05/03 21:49:43 | 000,007,168 | ---- | C] () -- C:\Users\Kasey Lamb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/05/03 16:56:51 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2008/05/03 16:56:50 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2008/02/20 15:16:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/02/20 15:16:48 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/02/20 15:16:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/02/20 15:16:48 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/02/20 15:16:48 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/02/20 15:16:48 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/02/20 15:03:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2008/02/20 15:03:54 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2008/02/20 15:03:54 | 000,000,016 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2008/02/18 22:43:23 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/02/18 22:36:45 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2008/02/18 22:33:34 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008/02/18 22:33:34 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008/02/18 22:33:34 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008/02/18 22:33:34 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008/02/18 21:31:59 | 000,157,040 | ---- | C] () -- C:\Windows\fdbpinger.exe
[2007/12/21 20:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/09/13 18:31:06 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2007/09/13 18:22:46 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/09/13 18:22:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/09/13 18:11:18 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/02/07 23:58:00 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,495,440 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,607,406 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,105,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/14 17:32:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcqcaps.dll
[2006/08/08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcqdrs.dll
[2006/05/09 10:10:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcqcnv4.dll
[2006/04/25 03:11:18 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcqvs.dll
[2006/03/09 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/11/23 18:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005/09/13 22:27:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbkcnv5.dll
[2005/09/13 22:27:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbkcnv4.dll
[2005/07/23 01:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2003/06/02 13:13:42 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbkcoin.dll
[2003/01/07 17:15:26 | 000,000,255 | ---- | C] () -- C:\Windows\System32\dlbkcoin.ini

< End of report >
  • 0

#25
Salagubang
Posted 30 May 2011 - 09:01 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Lets try a different scan.

Download AVPTool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan
On the first tab select all elements down to Computer and then select start scan
Once it has finished select report and post that.

Posted Image

Do not close AVPTool or it will self uninstall, if it does uninstall - then just rerun the setup file on your desktop

Now an analysis scan
Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

Advertisements

#26
blakeisamped
Posted 02 June 2011 - 09:50 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Hi,
I have done the steps above and it will give me the same blue memory dump screen and restart the computer. In normal and safe mode.
  • 0

#27
Salagubang
Posted 02 June 2011 - 10:02 PM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Hi,

Please upload the minidump file so I could the blue screen error. It is located at C:\Windows\Minidump\Minidump.dmp.

Right click on the minidump.dmp then select "Send to" and choose "Compressed Zipped". Attached the file on your next reply.
  • 0

#28
blakeisamped
Posted 04 June 2011 - 12:19 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Attached File  Mini053111-01.zip   21.42KB   89 downloads

Hi,
Here is the dump file you requested.
  • 0

#29
Salagubang
Posted 05 June 2011 - 04:53 AM

Salagubang

    Trusted Helper

  • Malware Removal
  • 3,891 posts
Re run Kaspersky Removal Tool

Select the Manual Disinfection tab
Press the Gather System Information button
Once done Open the last report saved folder then attach the zip file to your next post zip
The file is located at C:\Users\your name\Desktop\Virus Removal Tool\setup_9.0.0.722_05.01.2011_20-34\LOG\avptool_sysinfo.zip

Posted Image
  • 0

#30
blakeisamped
Posted 05 June 2011 - 02:19 PM

blakeisamped

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Here is the .zip file:

Attached File  avptool_sysinfo.zip   159.77KB   78 downloads
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP