Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

internet hanging - stuck in www.facebook.com address

Started by miriam67 , Jun 20 2010 07:05 PM

  • Please log in to reply

#1
miriam67
Posted 20 June 2010 - 07:05 PM

miriam67

    New Member

  • Member
  • Pip
  • 2 posts
Hi

I am trying to fix a laptop computer. Teh internet stopped functioning when my nephew was on Facebook. I have done a defrag, cleaning disks, cc cleaner to try and clean the system. It is extremely slow and when I open Internet Explorer it hangs on Facebook address but nothing comes up. I cant seem to remove IE from the add/remove programs. I spoke to tech guy and I couldnt find the internet options icon in the control panel!It seems to have disappeared.

I have done the list for malware and here is the log.

alwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

21/06/2010 12:06:54 AM
mbam-log-2010-06-21 (00-06-54).txt

Scan type: Quick scan
Objects scanned: 131146
Time elapsed: 33 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)


___________________________________________
Gmer results

ootkit scan 2010-06-20 22:09:51
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kfncikob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----

_______________________________________
OTL results

6/2010 7:35:06 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

511.00 Mb Total Physical Memory | 170.00 Mb Available Physical Memory | 33.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.79 Gb Total Space | 39.96 Gb Free Space | 71.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 465.64 Gb Total Space | 196.28 Gb Free Space | 42.15% Space Free | Partition Type: FAT32
Drive F: | 976.13 Mb Total Space | 879.86 Mb Free Space | 90.14% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-6E4434275B
Current User Name: Emma
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/20 20:52:14 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2009/06/17 09:34:10 | 000,385,024 | ---- | M] (CAMI Education) -- C:\Program Files\CAMI EduSuite\CAMIKey\CAMIKey.exe
PRC - [2008/11/18 20:22:58 | 000,435,576 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Client Server Security Agent\CNTAoSMgr.exe
PRC - [2008/05/14 19:56:34 | 000,873,856 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Client Server Security Agent\PccNTMon.exe
PRC - [2008/05/09 18:17:40 | 000,984,360 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Client Server Security Agent\TmListen.exe
PRC - [2008/05/09 18:16:46 | 000,906,536 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Client Server Security Agent\NTRtScan.exe
PRC - [2008/04/17 20:45:58 | 000,488,768 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe
PRC - [2008/04/17 20:45:18 | 000,652,552 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe
PRC - [2008/04/14 10:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/08/10 21:36:54 | 000,794,624 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
PRC - [2004/07/13 23:51:04 | 000,892,928 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2004/06/29 10:24:28 | 000,258,048 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\00THotkey.exe
PRC - [2004/06/16 18:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/06/02 13:43:28 | 000,278,528 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2004/06/02 13:43:10 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2004/04/07 09:34:50 | 000,110,592 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
PRC - [2004/03/03 06:45:28 | 000,135,168 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2004/02/04 07:47:06 | 001,089,589 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Touch and Launch\PadExe.exe
PRC - [2004/01/22 19:09:00 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003/10/16 09:03:38 | 000,073,728 | ---- | M] (TOSHIBA Corp.) -- C:\WINDOWS\system32\TFNF5.exe
PRC - [2003/09/05 20:24:46 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2003/08/03 18:01:14 | 000,086,073 | ---- | M] (SigmaTel Inc.) -- C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe
PRC - [2003/07/31 02:52:24 | 000,401,408 | ---- | M] () -- C:\Program Files\NETGEAR\WG511SCU\Utility\Gear511.exe
PRC - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/03/14 13:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2003/01/22 11:00:06 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TouchED\TouchED.exe


========== Modules (SafeList) ==========

MOD - [2010/06/20 20:52:14 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2008/04/14 10:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004/01/22 19:08:52 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - [2008/05/09 18:17:40 | 000,984,360 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe -- (tmlisten)
SRV - [2008/05/09 18:16:46 | 000,906,536 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe -- (ntrtscan)
SRV - [2008/04/17 20:45:58 | 000,488,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\TmPfw.exe -- (TmPfw)
SRV - [2008/04/17 20:45:18 | 000,652,552 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\TmProxy.exe -- (TmProxy)
SRV - [2008/04/09 11:25:00 | 000,333,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Client Server Security Agent\..\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2004/06/16 18:44:06 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2003/10/23 03:19:22 | 000,065,536 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2009/12/04 16:39:06 | 000,230,928 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\tmxpflt.sys -- (TmFilter)
DRV - [2009/12/04 16:38:18 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\tmpreflt.sys -- (TmPreFilter)
DRV - [2009/12/04 16:05:06 | 001,322,680 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\Client Server Security Agent\vsapint.sys -- (VSApiNt)
DRV - [2009/04/02 16:00:00 | 000,142,864 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2008/06/27 08:52:52 | 000,164,480 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8u55.sys -- (SWNC8U55) Sierra Wireless MUX NDIS Driver (UMTS55)
DRV - [2008/06/27 08:52:52 | 000,140,672 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumx55.sys -- (SWUMX55) Sierra Wireless USB MUX Driver (UMTS55)
DRV - [2008/04/30 20:17:44 | 000,335,888 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2008/04/01 18:03:04 | 000,052,240 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2008/04/01 18:03:00 | 000,052,240 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2008/03/05 15:54:16 | 000,072,072 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2007/07/13 16:25:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2004/07/20 18:04:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/07/20 18:04:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/07/20 18:04:00 | 000,086,138 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/07/20 18:04:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/07/20 18:04:00 | 000,025,723 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/07/20 18:04:00 | 000,014,587 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/07/20 18:04:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/07/20 18:04:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/07/20 18:04:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/07/19 20:21:00 | 000,087,136 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/07/15 04:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/15 04:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/07/14 19:56:00 | 000,040,448 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/07/10 08:58:00 | 001,920,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/02/20 17:00:44 | 001,265,388 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/02/17 05:34:28 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS -- (TVALZ)
DRV - [2004/01/30 12:32:32 | 000,090,480 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2004/01/22 19:04:16 | 000,178,816 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/01/02 03:52:34 | 001,646,720 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w22n51.sys -- (w22n51) Intel®
DRV - [2003/09/19 18:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/07/17 19:19:32 | 000,230,416 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/06/20 13:47:04 | 000,319,040 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg511nd5.sys -- (NETGEAR_WG511_SERVICE)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/04/11 17:43:44 | 000,016,194 | ---- | M] (AMBIT Microsystems Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\AWINDIS5.SYS -- (AWINDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sdia.org.au
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



O1 HOSTS File: ([2004/08/04 22:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3C7195F6-D788-4D50-BA72-2EE212EDAC78} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {2C0A5F28-48D8-408B-9172-9C6121025BCE} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AS00_Gear511] C:\Program Files\NETGEAR\WG511SCU\Utility\Gear511.exe ()
O4 - HKLM..\Run: [CAMIKey] C:\Program Files\CAMI EduSuite\CAMIKey\CAMIKey.exe (CAMI Education)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [HPLJ Config] C:\Program Files\Hewlett-Packard\hp LaserJet 3015_3020_3030_3380\SetConfig.exe File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [OE] C:\Program Files\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SigmaTel StacMon] C:\Program Files\SigmaTel\SigmaTel AC97 Audio Drivers\stacmon.exe (SigmaTel Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.)
O4 - HKLM..\Run: [TouchED] C:\Program Files\Toshiba\TouchED\TouchED.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {1B4F9DD7-2D7C-44B5-9126-73206DA0AE75} http://files.authent.../bin/wizard.exe (CNavigationManager Object)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SDIA.local
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/09/24 08:55:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - E:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | RH-D | M] - E:\autorun -- [ FAT32 ]
O33 - MountPoints2\{1bdaabc0-fdcd-11de-b701-000e7b9a931d}\Shell - "" = AutoRun
O33 - MountPoints2\{1bdaabc0-fdcd-11de-b701-000e7b9a931d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1bdaabc0-fdcd-11de-b701-000e7b9a931d}\Shell\AutoRun\command - "" = E:\Setup.exe -- File not found
O33 - MountPoints2\{335b23e0-bf9f-11de-b6bf-000e3597a1a0}\Shell\AutoRun\command - "" = E:\Install.exe -- File not found
O33 - MountPoints2\{51588b91-ff40-11de-b707-000e7b9a931d}\Shell - "" = AutoRun
O33 - MountPoints2\{51588b91-ff40-11de-b707-000e7b9a931d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{51588b91-ff40-11de-b707-000e7b9a931d}\Shell\AutoRun\command - "" = E:\RunGame.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/09/24 08:55:15 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.iyuv - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yuy2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

========== Files/Folders - Created Within 90 Days ==========

[2010/06/21 00:26:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Office Genuine Advantage
[2010/06/20 23:23:47 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/20 23:23:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/20 23:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/20 21:17:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/06/20 21:16:09 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/20 21:04:51 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/06/20 21:04:47 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2010/06/20 21:04:45 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/20 21:04:36 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/06/20 20:43:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW
[2010/06/20 20:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK
[2010/06/20 20:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR
[2010/06/20 20:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE
[2010/06/20 20:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2010/06/20 20:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2010/06/20 20:43:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK
[2010/06/20 20:43:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA
[2010/06/20 20:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/06/10 19:39:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\EA Games
[2010/03/27 07:53:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]

========== Files - Modified Within 90 Days ==========

[2010/06/21 05:28:29 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/06/21 05:26:56 | 000,003,725 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/06/21 05:26:18 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/06/21 05:26:17 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/21 04:50:04 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/21 04:50:01 | 535,810,048 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/21 04:50:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/21 04:48:36 | 003,145,728 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/21 04:14:39 | 000,001,809 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/21 00:12:13 | 003,772,584 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/06/20 23:44:48 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010/06/20 23:44:47 | 000,000,482 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/20 23:44:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/06/20 23:24:01 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/20 22:56:23 | 000,508,318 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/20 22:56:23 | 000,445,938 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/20 22:56:23 | 000,072,978 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/20 22:11:16 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/20 21:16:30 | 000,000,778 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/06/20 21:16:09 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/06/20 21:16:09 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/06/20 20:52:14 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/06/20 20:51:36 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010/06/20 20:51:00 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/06/20 20:50:18 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Administrator\Desktop\erunt_setup.exe
[2010/06/20 20:49:30 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\TFC.exe
[2010/06/11 18:21:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/11 18:18:03 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2.lnk
[2010/06/11 16:13:39 | 000,004,537 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\1WelcomeUU.htm
[2010/06/05 11:34:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\defragmentation.job
[2010/06/05 09:41:30 | 099,373,056 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/05/08 14:17:19 | 000,019,968 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Holly Berry.doc
[2010/05/07 15:19:22 | 000,026,112 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Chelsea and Michael.doc
[2010/05/01 20:16:52 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Story Characters.doc
[2010/05/01 08:53:41 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/05/01 08:28:00 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/11 15:51:56 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/03/24 19:17:22 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Administrator\My Documents\~$glish yr7 1.doc
[2010/03/24 19:17:21 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\English yr7 1.doc
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/20 23:24:01 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/20 22:37:17 | 535,810,048 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/20 21:16:30 | 000,000,778 | ---- | C] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/06/20 21:16:09 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\NTREGOPT.lnk
[2010/06/20 21:16:09 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\ERUNT.lnk
[2010/06/20 21:04:41 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010/06/11 21:27:09 | 000,001,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
[2010/06/11 16:13:23 | 000,004,537 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\1WelcomeUU.htm
[2010/06/10 19:38:33 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims 2.lnk
[2010/05/08 14:17:16 | 000,019,968 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Holly Berry.doc
[2010/05/01 20:16:52 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Story Characters.doc
[2010/04/24 09:03:48 | 000,026,112 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Chelsea and Michael.doc
[2010/04/11 15:51:56 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/04/11 15:51:53 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/03/24 19:17:22 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Administrator\My Documents\~$glish yr7 1.doc
[2010/03/24 19:17:18 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\English yr7 1.doc
[2009/10/23 18:09:47 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\Mswwch.sys
[2009/10/23 18:04:16 | 000,003,120 | ---- | C] () -- C:\WINDOWS\System32\Msrdf32.sys
[2009/10/23 18:00:21 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\Machnm64.sys
[2009/10/23 18:00:21 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\Machnm32.sys
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/06/11 16:56:29 | 000,000,745 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/06/11 16:54:10 | 000,006,310 | ---- | C] () -- C:\WINDOWS\hplj3380.ini
[2009/06/11 16:40:51 | 000,221,184 | R--- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2009/05/06 09:53:58 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2009/03/25 13:36:11 | 000,000,616 | ---- | C] () -- C:\WINDOWS\System32\NTS5CSET.INI
[2009/03/25 13:03:30 | 000,012,896 | ---- | C] () -- C:\WINDOWS\cfgall.ini
[2009/03/25 12:55:17 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/07/13 06:36:36 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\acAuth.dll
[2004/10/09 04:59:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/09/24 09:29:55 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/09/24 09:26:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2004/09/24 09:26:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/09/24 09:26:48 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/09/24 09:26:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/09/24 09:26:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/09/24 09:26:48 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/09/24 09:26:48 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/09/24 09:25:11 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2004/09/24 09:25:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2004/09/24 09:25:11 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2004/09/24 09:25:11 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2004/09/24 09:22:15 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2004/09/24 09:16:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/09/24 09:04:15 | 000,000,839 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/09/24 09:00:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll
[2004/09/24 08:40:42 | 000,002,392 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/07/13 01:18:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/09/26 22:42:46 | 000,002,421 | ---- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2001/08/01 03:17:12 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL

========== LOP Check ==========

[2004/09/24 09:32:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InterTrust
[2010/01/04 17:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\InterVideo
[2010/02/21 22:07:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MSNInstaller
[2004/09/24 09:31:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\toshiba
[2009/10/23 18:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CAMI EduSuite
[2010/06/05 11:34:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\defragmentation.job
[2010/06/21 05:26:18 | 000,000,236 | ---- | M] () -- C:\WINDOWS\Tasks\OGALogon.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2004/09/24 08:55:53 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/06/20 23:44:48 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2009/05/20 11:02:26 | 169,113,458 | ---- | M] () -- C:\BWB Win Update 2.12.zip
[2009/05/18 11:45:36 | 000,339,257 | ---- | M] () -- C:\CleanUp452.exe
[2004/09/24 08:55:53 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010/06/21 04:50:01 | 535,810,048 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/18 11:58:04 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\HJTInstall.exe
[2009/05/07 09:36:33 | 000,483,757 | ---- | M] () -- C:\IMG00007-20090503-1022.jpg
[2004/09/24 08:55:53 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2009/09/30 07:41:43 | 000,025,088 | ---- | M] () -- C:\Krakatoa.doc
[2009/05/18 11:50:30 | 002,967,800 | ---- | M] (Malwarebytes Corporation ) -- C:\mbam-setup.exe
[2004/09/24 08:55:53 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/06/09 18:12:05 | 000,000,409 | ---- | M] () -- C:\My Documents (2).lnk
[2009/06/09 18:12:01 | 000,000,409 | ---- | M] () -- C:\My Documents.lnk
[2004/08/04 22:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/04/13 17:43:25 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/06/21 04:49:51 | 805,306,368 | -HS- | M] () -- C:\pagefile.sys
[2004/05/19 22:56:04 | 000,006,773 | ---- | M] () -- C:\ReadmeFirst.htm
[2009/06/11 18:14:51 | 000,000,329 | ---- | M] () -- C:\regdlls.txt
[2009/03/25 12:58:58 | 000,000,021 | ---- | M] () -- C:\tmuninst.ini
[2009/09/27 10:29:04 | 000,000,162 | -H-- | M] () -- C:\~$akatoa.doc

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 22:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2003/07/25 10:15:06 | 000,063,488 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HPPRN05.DLL
[2007/04/09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2004/09/24 01:46:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/09/24 01:46:15 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/09/24 01:46:15 | 000,884,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008/04/14 10:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/04/14 10:12:10 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=2CCC474EB85CEAA3E1FA1726580A3E5A -- C:\WINDOWS\system32\ws2_32.dll

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 2756 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
< End of report >

___________________________________________

Extra OTL results

OTL Extras logfile created on: 21/06/2010 7:35:06 AM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

511.00 Mb Total Physical Memory | 170.00 Mb Available Physical Memory | 33.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.79 Gb Total Space | 39.96 Gb Free Space | 71.63% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 465.64 Gb Total Space | 196.28 Gb Free Space | 42.15% Space Free | Partition Type: FAT32
Drive F: | 976.13 Mb Total Space | 879.86 Mb Free Space | 90.14% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-6E4434275B
Current User Name: Emma
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"60271:TCP" = 60271:TCP:*:Enabled:Trend Micro Client/Server Security Agent Listener

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"18277:TCP" = 18277:TCP:*:Enabled:Trend Micro Client/Server Security Agent Listener

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe" = C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe:*:Disabled:javaw -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC}" = TOSHIBA Console
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47DC4B39-B1F6-498A-AFFE-E78FDAF34D1F}" = Picture Enhancement Utility
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{492724FC-3B26-46B4-824F-3CE2722D9AA0}" = Apple Software Update
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{68D368EE-F5AC-4402-BD45-B454B5453FE1}" = SRS WOW XT Plug-In for Windows Media Player for Toshiba version 1.0.2
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Family Fun Stuff
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{7959721D-8268-4565-9E0E-C41A9F4848A9}" = SigmaTel AC97 Audio Drivers
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AB8D458-939E-403F-0097-9BA1C1F013D5}" = The Sims 2
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{ABCE1C63-56ED-41FF-BEAF-57321F70DC49}" = iTunes
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.1
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C9D20484-D3CC-4CD2-B1ED-B72A9CEFD45D}" = NETGEAR 108 Mbps Wireless PC Card WG511T
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA5784C0-06BB-4884-A7C4-89CC206EA2B6}" = ninemsn Toolbar
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"CAMI Language and Reading System" = CAMI Language and Reading System
"CAMI Language and Reading System Australian Module" = CAMI Language and Reading System Australian Module
"CAMI Mathematics" = CAMI Mathematics
"CAMI Student Reports" = CAMI Student Reports
"CAMIKey" = CAMIKey
"CleanUp!" = CleanUp!
"CutePDF Writer Installation" = CutePDF Writer 2.7
"ERUNT_is1" = ERUNT 1.1j
"HijackThis" = HijackThis 2.0.2
"hp LaserJet-all-in-one" = hp LaserJet-all-in-one
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{68D368EE-F5AC-4402-BD45-B454B5453FE1}" = SRS WOW XT Plug-In for Windows Media Player for Toshiba version 1.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeScanNT" = Trend Micro Client/Server Security Agent
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Power Saver" = TOSHIBA Power Saver
"PROSet" = Intel® PRO Network Adapters and Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TDspBtn" = TOSHIBA Display Devices Change Utility
"TFNF5" = TOSHIBA Hotkey Utility for Display Devices
"the CAMI EduSuite" = the CAMI EduSuite
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TOSHIBA Utilities" = TOSHIBA Utilities
"TouchED" = TOSHIBA TouchPad On/Off Utility V2.05.00
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/06/2010 8:37:31 AM | Computer Name = YOUR-6E4434275B | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 20/06/2010 8:37:32 AM | Computer Name = YOUR-6E4434275B | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 20/06/2010 9:12:55 AM | Computer Name = YOUR-6E4434275B | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 20/06/2010 9:12:55 AM | Computer Name = YOUR-6E4434275B | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 20/06/2010 9:17:10 AM | Computer Name = YOUR-6E4434275B | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 20/06/2010 9:17:10 AM | Computer Name = YOUR-6E4434275B | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 20/06/2010 10:17:11 AM | Computer Name = YOUR-6E4434275B | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 20/06/2010 10:17:12 AM | Computer Name = YOUR-6E4434275B | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 20/06/2010 2:52:18 PM | Computer Name = YOUR-6E4434275B | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.

Error - 20/06/2010 2:52:19 PM | Computer Name = YOUR-6E4434275B | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

[ System Events ]
Error - 20/06/2010 6:01:11 PM | Computer Name = YOUR-6E4434275B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 20/06/2010 6:01:21 PM | Computer Name = YOUR-6E4434275B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 20/06/2010 6:01:30 PM | Computer Name = YOUR-6E4434275B | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 20/06/2010 6:02:54 PM | Computer Name = YOUR-6E4434275B | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 20/06/2010 6:03:03 PM | Computer Name = YOUR-6E4434275B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 20/06/2010 6:03:12 PM | Computer Name = YOUR-6E4434275B | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 20/06/2010 6:03:21 PM | Computer Name = YOUR-6E4434275B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 20/06/2010 6:03:30 PM | Computer Name = YOUR-6E4434275B | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 20/06/2010 6:03:39 PM | Computer Name = YOUR-6E4434275B | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
period.

Error - 20/06/2010 6:03:48 PM | Computer Name = YOUR-6E4434275B | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >

I appreciate your assistance thank you.
  • 0

Advertisements

#2
miriam67
Posted 21 June 2010 - 10:01 PM

miriam67

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
[quote name='dakicka' date='Jan 24 2006, 02:58 AM' post='538044']
Hi,

I began having a problem with my laptop last night where the internet page began to run extremely slow and freeze up and also when running windows media player. I also experienced a "clicking" sound from the system (not from speakers). After this happened I began receiving errors each time I attempted to log onto the internet. My first issue is:

ISSUE #1

When going into internet explorer, the page loads then freezes as the system makes the loud loading sound then a message appears:
"Internet Explorer has encountered a problem and needs to close. We are sorry for the inconvenience.
To see what the data this error report contains, click here."
After clicking it shows"
"Error Signature
Event Type: InPageError P1:C000009C P2:00000003
C:\DOCUME~1\Brent\LOCALS~1\Temp\WER4992.dir00/iexplore.exe.mdmp
C:\DOCUME~1\Brent\LOCALS~1\Temp\WER4992.dir00/appcompat.txt"

Then I am forced to select don't send report or send error report, then internet explorer closes out.
I tried rebooting several times, also followed instructions from one message board to run "CHKDSK" and perform a disk check for errors, and errors were reported and apparently fixed. I also deleted my cookies, and temp internet files. Regarding the above two file names, I cannot find a "C:\DOCUME~1..." anywhere on my system.

I still cannot get into internet explorer without it closing out immediately each time, please help!

ISSUE #2 (which I may think can be related to #1 somehow)

When I run spyware doctor to detect malware/adware etc, I get 3/4 of the way done and receive an error message of "error in .dll Scan_Start: External exception C0000006"
I select ok then the spyware proceeds to finish (without fixing that one error I'm assuming)


Symptoms/Problems/Issues I am experiencing now:
1. I cannot access the internet b/c I get the error and it closes on me
2. I cannot access windows media player because it freezes and locks up


Thank you in advance for your assistance,

Hi my second entry

I researched the error messages and in c drive I went to properties and ticked both boxes in error checking section. This fixed the file system error so now have the internet running!! after 48 hours of tinkering!! But still computer very slow so would appreciate your help here. When I type sometimes the computer cant keep up with me and it takes ages to move frm one page to the next.

Looking forward to your reply.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP