Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extremely slow computer, would appreciate advice.


  • Please log in to reply
19 replies to this topic

#1 metalmaiden

metalmaiden

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 19 October 2012 - 03:32 AM

Hi there,

My son has a laptop which I pay the school for. It is extremely slow. I am sure it has viruses.
After he first got it new, he was complaining about it being slow after about a week. I checked over it and found it has Trend Micro on running on it and Windows Defender is also running. I'm pretty sure they're not supposed to be running together, also the firewall is turned off on both of them. We don't have administrator access, so my hands are fairly tied at what I can tinker with on it. I did find malware on it when I ran Malwarebytes and told the school.

Am I right in telling the school that both Trend and Defender shouldn't be running together? And why is the firewall off?

Also the laptops backup to the schools servers when the students arrive at school. Can the backups from infected computers be transferred to clean computers this way?
Any advice on what to say when I approach the school about antivirus software would be appreciated.
They kind of ignored me last time.

I'd just like my son to have a functioning laptop, after all, I am paying for it. He cannot use it because it takes around 5 minutes to start up and shut down. Programs regularly crash, if they start up at all. I've sent it in for repair at the school IT dept, but it comes back the same.

Thanks,
Tascha

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 19 October 2012 - 08:13 PM

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 21 October 2012 - 03:29 AM

Hi Broni, thanks for the reply.

Here are the logs.


Results of screen317's Security Check version 0.99.53
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Trend Micro Client/Server Security Agent Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 30
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.2.153.1 Flash Player out of Date!
Adobe Reader X 10.1.0 Adobe Reader out of Date!
Google Chrome 21.0.1180.75
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
````````Process Check: objlist.exe by Laurent````````
Trend Micro OfficeScan Client pccntmon.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Trend Micro Client Server Security Agent ntrtscan.exe
Trend Micro Client Server Security Agent tmlisten.exe
Trend Micro BM TMBMSRV.exe
Trend Micro Client Server Security Agent TmProxy.exe
Trend Micro Client Server Security Agent CNTAoSMgr.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````




Farbar Service Scanner Version: 19-10-2012
Ran by bart (administrator) on 21-10-2012 at 17:33:16
Running from "C:\Users\bart\Desktop"
Microsoft Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit

ATTENTION!=====> z:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING AND SHOULD BE RESTORED.

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




MiniToolBox by Farbar Version: 23-07-2012
Ran by bart (administrator) on 21-10-2012 at 17:38:45
Microsoft Windows 7 Enterprise Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: netfox:8080
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82577LC Gigabit Network Connection = Local Area Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : MS-C4L2011-007
Primary Dns Suffix . . . . . . . : curric.un.sa.edu.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : curric.un.sa.edu.au
home.gateway

Wireless LAN adapter Wireless Network Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home.gateway
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN #2
Physical Address. . . . . . . . . : 58-94-6B-75-65-E0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home.gateway
Description . . . . . . . . . . . : Intel® 82577LC Gigabit Network Connection
Physical Address. . . . . . . . . : 1C-C1-DE-AC-E7-02
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6d30:80e5:93ec:245d%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, 21 October 2012 5:18:35 PM
Lease Expires . . . . . . . . . . : Monday, 22 October 2012 5:18:34 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 392442192
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-3A-11-57-1C-C1-DE-AC-E7-02
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : E0-2A-82-30-E9-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home.gateway:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home.gateway
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c64:3832:3f57:fef6(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c64:3832:3f57:fef6%22(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{E35BD593-E5E0-4FAF-93A9-4AF7203B6C7B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 2404:6800:4006:804::1006
74.125.237.135
74.125.237.136
74.125.237.137
74.125.237.142
74.125.237.128
74.125.237.129
74.125.237.130
74.125.237.131
74.125.237.132
74.125.237.133
74.125.237.134


Pinging google.com [74.125.237.135] with 32 bytes of data:
Reply from 74.125.237.135: bytes=32 time=56ms TTL=53
Reply from 74.125.237.135: bytes=32 time=56ms TTL=53

Ping statistics for 74.125.237.135:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 56ms, Average = 56ms
Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=385ms TTL=47
Reply from 98.139.183.24: bytes=32 time=375ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 375ms, Maximum = 385ms, Average = 380ms
Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...58 94 6b 75 65 e0 ......Intel® Centrino® Advanced-N 6200 AGN #2
14...1c c1 de ac e7 02 ......Intel® 82577LC Gigabit Network Connection
12...e0 2a 82 30 e9 8b ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.9 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.9 276
192.168.1.9 255.255.255.255 On-link 192.168.1.9 276
192.168.1.255 255.255.255.255 On-link 192.168.1.9 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.9 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.9 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
22 58 ::/0 On-link
1 306 ::1/128 On-link
22 58 2001::/32 On-link
22 306 2001:0:9d38:953c:2c64:3832:3f57:fef6/128
On-link
14 276 fe80::/64 On-link
22 306 fe80::/64 On-link
22 306 fe80::2c64:3832:3f57:fef6/128
On-link
14 276 fe80::6d30:80e5:93ec:245d/128
On-link
1 306 ff00::/8 On-link
22 306 ff00::/8 On-link
14 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 z:\Windows\system32\NLAapi.dll [File Not found] ()
Catalog5 02 z:\Windows\system32\napinsp.dll [File Not found] ()
Catalog5 03 z:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 04 z:\Windows\system32\pnrpnsp.dll [File Not found] ()
Catalog5 05 z:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 06 z:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 z:\Windows\system32\wshbth.dll [File Not found] ()
Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\CyberSafehouse.dll [359424] (Netbox Blue)
Catalog9 02 C:\Windows\system32\CyberSafehouse.dll [359424] (Netbox Blue)
Catalog9 03 C:\Windows\system32\CyberSafehouse.dll [359424] (Netbox Blue)
Catalog9 04 C:\Windows\system32\CyberSafehouse.dll [359424] (Netbox Blue)
Catalog9 05 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 06 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 07 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 08 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 09 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 10 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 11 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 12 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 13 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 14 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 15 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 16 C:\Windows\system32\CyberSafehouse.dll [359424] (Netbox Blue)
Catalog9 17 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 18 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 19 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 20 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 21 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 22 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 23 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 24 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 25 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 26 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 27 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 28 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 29 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 30 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 31 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 32 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 33 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 34 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 35 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 36 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 37 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 38 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 39 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 40 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 41 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 42 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 43 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 44 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 45 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 46 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 47 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 48 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 49 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 50 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 51 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 52 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 53 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 54 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 55 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 56 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 57 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 58 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 59 z:\Windows\system32\mswsock.dll [File Not found] ()
Catalog9 60 z:\Windows\system32\mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/21/2012 05:11:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2012 09:18:40 PM) (Source: Application Hang) (User: )
Description: The program CoD2MP_s.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f54

Start Time: 01cdaead456a3265

Termination Time: 1333

Application Path: C:\Program Files\Steam\steamapps\common\Call of Duty 2\CoD2MP_s.exe

Report Id:

Error: (10/20/2012 09:10:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x00001926
Faulting process id: 0x27dc
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3

Error: (10/20/2012 09:07:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x0004c45e
Faulting process id: 0x225c
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3

Error: (10/20/2012 09:06:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x00001926
Faulting process id: 0x1af0
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3

Error: (10/20/2012 09:05:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x00001926
Faulting process id: 0x13e0
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3

Error: (10/20/2012 09:04:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x00001926
Faulting process id: 0x2718
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3

Error: (10/20/2012 08:55:41 PM) (Source: Application Hang) (User: )
Description: The program CoD2MP_s.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 210c

Start Time: 01cdaea816f95686

Termination Time: 30

Application Path: C:\Program Files\Steam\steamapps\common\Call of Duty 2\CoD2MP_s.exe

Report Id:

Error: (10/20/2012 08:33:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x00001926
Faulting process id: 0x22c4
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3

Error: (10/20/2012 08:19:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: CyberSafehouse.exe, version: 2.1.55.4, time stamp: 0x4f28a509
Faulting module name: kmplg.dll, version: 2.1.55.4, time stamp: 0x4f28aba6
Exception code: 0xc0000005
Fault offset: 0x00001926
Faulting process id: 0x70c
Faulting application start time: 0xCyberSafehouse.exe0
Faulting application path: CyberSafehouse.exe1
Faulting module path: CyberSafehouse.exe2
Report Id: CyberSafehouse.exe3


System errors:
=============
Error: (10/21/2012 05:13:48 PM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (10/21/2012 05:12:22 PM) (Source: Microsoft-Windows-GroupPolicy) (User: CURRIC)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/21/2012 05:12:21 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{1CCB96F4-B8AD-4B43-9688-B273F58E0910}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (10/21/2012 05:11:44 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (10/21/2012 05:11:38 PM) (Source: Service Control Manager) (User: )
Description: The adfs service failed to start due to the following error:
%%2

Error: (10/21/2012 05:11:37 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain CURRIC due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (10/21/2012 05:11:33 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:25:37 PM on ?10/?20/?2012 was unexpected.

Error: (10/20/2012 09:26:39 PM) (Source: srv) (User: )
Description: The server's call to a system service failed unexpectedly.

Error: (10/20/2012 09:26:39 PM) (Source: srv) (User: )
Description: The server's call to a system service failed unexpectedly.

Error: (10/20/2012 09:26:39 PM) (Source: srv) (User: )
Description: The server's call to a system service failed unexpectedly.


Microsoft Office Sessions:
=========================
Error: (10/21/2012 05:11:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/20/2012 09:18:40 PM) (Source: Application Hang)(User: )
Description: CoD2MP_s.exe0.0.0.0f5401cdaead456a32651333C:\Program Files\Steam\steamapps\common\Call of Duty 2\CoD2MP_s.exe

Error: (10/20/2012 09:10:36 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c00000050000192627dc01cdaeaef56d7ce8C:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dll94aca1cf-1aa2-11e2-b4b5-1cc1deace702

Error: (10/20/2012 09:07:52 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c00000050004c45e225c01cdaeaecd9af732C:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dll32b846f2-1aa2-11e2-b4b5-1cc1deace702

Error: (10/20/2012 09:06:45 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c0000005000019261af001cdaeaea6ab81cfC:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dll0b00005f-1aa2-11e2-b4b5-1cc1deace702

Error: (10/20/2012 09:05:40 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c00000050000192613e001cdaeae7e73a91eC:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dlle3f0a675-1aa1-11e2-b4b5-1cc1deace702

Error: (10/20/2012 09:04:32 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c000000500001926271801cdaeaa16fc9c37C:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dllbbb7953f-1aa1-11e2-b4b5-1cc1deace702

Error: (10/20/2012 08:55:41 PM) (Source: Application Hang)(User: )
Description: CoD2MP_s.exe0.0.0.0210c01cdaea816f9568630C:\Program Files\Steam\steamapps\common\Call of Duty 2\CoD2MP_s.exe

Error: (10/20/2012 08:33:01 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c00000050000192622c401cdaea82fde0b07C:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dll5446c9ff-1a9d-11e2-b4b5-1cc1deace702

Error: (10/20/2012 08:19:24 PM) (Source: Application Error)(User: )
Description: CyberSafehouse.exe2.1.55.44f28a509kmplg.dll2.1.55.44f28aba6c00000050000192670c01cdaea55f2c9c3aC:\Program Files\Netbox Laptop Protector\CyberSafehouse.exec:\windows\system32\kmplg.dll6d45853d-1a9b-11e2-b4b5-1cc1deace702


=========================== Installed Programs ============================

3ivx MPEG-4 5.0.3 (remove only) (Version: 5.0.3)
Adobe After Effects CS4 (Version: 9.0.2)
Adobe After Effects CS4 Presets (Version: 9)
Adobe After Effects CS4 Third Party Content (Version: 9.0.2)
Adobe AIR (Version: 2.5.1.17730)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color Video Profiles AE CS4 (Version: 2.0)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 (Version: 4)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Flash Player 10 Plugin (Version: 10.2.153.1)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Fonts All (Version: 2.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe MotionPicture Color Files CS4 (Version: 2.0)
Adobe OnLocation CS4 (Version: 4)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Premiere Pro CS4 (Version: 4.2.1)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4.2.1)
Adobe Reader X (10.1.0) (Version: 10.1.0)
Adobe Setup (Version: 2.0)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Adobe XMP Panels CS4 (Version: 2.0)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
Blender (Version: 2.64a-release)
Bonjour (Version: 3.0.0.10)
Cabri Geometry II
Call of Duty 2
Configuration Manager Client (Version: 5.00.7711.0000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Digital Blue™ QX5™ Computer Microscope
Fable - The Lost Chapters (Version: 1.00.0000)
FARO LS 1.1.406.58 (Version: 4.6.58.2)
FlipShare (Version: 5.12.3.0)
GameMaker 8.1
Google Chrome (Version: 64.228.63)
Google SketchUp 8 (Version: 3.0.4811)
Google Update Helper (Version: 1.3.21.123)
HP 3D DriveGuard (Version: 4.1.10.1)
HP HD Webcam [Fixed] (Version: 3.3.4.12)
HP HotKey Support (Version: 4.0.20.1)
HP Web Camera (Version: 1.0.0)
HP Webcam (Version: 1.0.26.3)
HP Webcam Driver (Version: 6.1.7600.0028)
IDT Audio (Version: 1.0.6341.0)
Inspiration 8 IE
Intel A/V Codecs V2.0
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Network Connections Drivers (Version: 16.3)
Intel® Processor Graphics (Version: 8.15.10.2559)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
JMicron 1394 Filter Driver (Version: 1.00.21.00)
JMicron Flash Media Controller Driver (Version: 1.0.58.0)
Kidspiration 3 IE
LAME v3.98.2 for Audacity
LEGO MINDSTORMS Edu NXT - English Language Pack (Version: 2.1.79.0)
LEGO MINDSTORMS Edu NXT Software v2.1 (Version: 2.1.76.0)
LEGO MINDSTORMS NXT Driver (Version: 1.19.768)
LSI HDA Modem (Version: 2.2.100)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Policy Platform (Version: 1.2.3520.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.40219)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31119)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31124)
Microsoft Windows Logo
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netbox Laptop Protector (Version: 2.53.10-1)
PaperCut NG Client 11.1
PDF Settings CS5 (Version: 10.0)
Photo Story 3 for Windows (Version: 3.0.1115.11)
Photoshop Camera Raw (Version: 5.0)
Pivot Stickfigure Animator version 2.2.6 (Version: 2.2.6)
Pixel Bender Toolkit (Version: 1.0)
Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 (Version: 4.4.0)
PxMergeModule (Version: 1.00.0000)
QuickTime (Version: 7.71.80.42)
RICOH Media Driver (Version: 2.14.00.05)
Robotic Arm
SMART Common Platform (Version: 10.8.159.0)
SMART English (United Kingdom) Language Pack (Version: 10.8.76.0)
SMART Notebook (Version: 10.8.364.0)
SMART Product Drivers (Version: 10.8.212.0)
SRWare Iron version SRWare Iron 21.0.1200.0 (Version: SRWare Iron 21.0.1200.0)
Steam (Version: 1.0.0.0)
Stop Motion Pro v7 Action! / Action! Plus Network (Version: 7)
Suite Shared Configuration CS4 (Version: 1.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
SysAid Agent version 8.5.05 (Version: 8.5)
Trend Micro Client/Server Security Agent (Version: 16.0.4243)
Typequick (Version: 14.3.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Validity Fingerprint Sensor Driver (Version: 4.3.216.0)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Driver Package - Digital Blue (marsqx5) Image (04/04/2007 1.0.0.0) (Version: 04/04/2007 1.0.0.0)
Windows Firewall Configuration Provider (Version: 1.2.3412.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
World Book 2005 (Deluxe Network)

========================= Devices: ================================

Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 2991.43 MB
Available physical RAM: 1573.83 MB
Total Pagefile: 5981.15 MB
Available Pagefile: 4011.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.37 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:297.99 GB) (Free:229.71 GB) NTFS

========================= Users: ========================================

User accounts for \\MS-C4L2011-007

Administrator ASPNET Guest


**** End of log ****



Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.21.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
bart :: MS-C4L2011-007 [administrator]

Protection: Disabled

21/10/2012 5:56:09 PM
mbam-log-2012-10-21 (17-56-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 268975
Time elapsed: 11 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-21 18:11:55
-----------------------------
18:11:55.078 OS Version: Windows 6.1.7601 Service Pack 1
18:11:55.078 Number of processors: 4 586 0x2505
18:11:55.080 ComputerName: MS-C4L2011-007 UserName: bart
18:12:15.766 Initialize success
18:16:01.967 AVAST engine defs: 12102001
18:18:27.848 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:18:27.852 Disk 0 Vendor: WDC_WD3200BEKT-60PVMT0 01.01A01 Size: 305245MB BusType: 11
18:18:27.867 Disk 0 MBR read successfully
18:18:27.870 Disk 0 MBR scan
18:18:27.876 Disk 0 Windows 7 default MBR code
18:18:27.879 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:18:27.896 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305143 MB offset 206848
18:18:28.427 Disk 0 scanning sectors +625139712
18:18:28.511 Disk 0 scanning C:\Windows\system32\drivers
18:18:48.051 Service scanning
18:19:11.895 Service tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys **LOCKED** 5
18:19:12.316 Service tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys **LOCKED** 5
18:19:12.598 Service tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys **LOCKED** 5
18:19:12.846 Service TmFilter C:\Program Files\Trend Micro\Client Server Security Agent\TmXPFlt.sys **LOCKED** 32
18:19:13.028 Service TmPreFilter C:\Program Files\Trend Micro\Client Server Security Agent\TmPreFlt.sys **LOCKED** 32
18:19:15.523 Service VSApiNt C:\Program Files\Trend Micro\Client Server Security Agent\VSApiNt.sys **LOCKED** 32
18:19:18.468 Modules scanning
18:19:27.805 Disk 0 trace - called modules:
18:19:27.822 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
18:19:27.831 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86872030]
18:19:27.838 3 CLASSPNP.SYS[8b9a459e] -> nt!IofCallDriver -> [0x86871518]
18:19:27.846 5 hpdskflt.sys[8b955f8a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x866d7908]
18:19:29.003 AVAST engine scan C:\Windows
18:19:34.161 AVAST engine scan C:\Windows\system32
18:25:56.806 AVAST engine scan C:\Windows\system32\drivers
18:26:18.431 AVAST engine scan C:\Users\bart
18:31:22.105 AVAST engine scan C:\ProgramData
18:35:09.117 Scan finished successfully
18:38:14.842 Disk 0 MBR has been saved successfully to "C:\Users\bart\Desktop\MBR.dat"
18:38:14.849 The log file has been saved successfully to "C:\Users\bart\Desktop\aswMBR.txt"

I'm currently on the laptop and it seems ok today.

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 21 October 2012 - 02:13 PM

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 23 October 2012 - 05:29 AM

Hi there,

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/23/2012 08:54:09 PM in x86 mode.
Windows Version: Windows 7 Enterprise Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* System Policy Removed: DisableCMD [HKCU]
* Explorer Policy Removed: DisallowRun [HKCU]

Backup Registry file created at:
C:\Users\bart\Desktop\rkill\rkill-10-23-2012-08-54-12.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

Program finished at: 10/23/2012 08:54:47 PM
Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)

Does this mean the computer is clean after all?

Thanks for your help Broni.

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 23 October 2012 - 10:29 AM

Let's run couple more scans...

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next...

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.


=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 24 October 2012 - 06:17 AM

Hi Broni,

I ran TFC, and AdwCleaner. I didn't get a log from AdwCleaner. I did a search of the computer to find it but there wasn't one.

I haven't run Eset yet because I don't know how to turn off the Trend micro client. It asked for a password, which I will not be able to get.

Thank you for your help :)

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 24 October 2012 - 11:11 AM

You can find the logfile at C:\AdwCleaner[S1].txt as well.

If it's not there re-run the tool.

As for Eset scan go ahead with Trend on. It may be just little bit slower.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 27 October 2012 - 05:54 AM

Hi Broni,

I reinstalled Adwcleaner and ran it again, it did not produce a log after finishing again.

I ran Eset. It took nearly 12 hours, lol. No threats found.

Thanks :)

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 27 October 2012 - 04:49 PM

Update Adobe Flash Player
Download for Internet Explorer: http://www.filehippo.com/download_flashplayer_ie_64/
Download for [/b]Firefox, Opera and other Gecko-based browsers[/b]: http://www.filehippo.com/download_flashplayer_firefox_64/

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

===================================

Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

===================================

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.

=================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/

2. Make sure, Windows Updates are current.

3. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

12. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 27 October 2012 - 05:34 PM

Hi Broni,

Thanks for your help.
That's a relief the computer is clean because I was worried about the firewall being off and Defender and Trend running together, I didn't think that was normal.
If the computer is clean, that must mean there is something else wrong with the laptop.
Other children in my son's class have filesharing programs and other unspeakable stuff and are not having trouble with their exact same laptops.
I think I'll have to get one of the IT people to use it for a whole day so they can see what it's like.

Thank you :)

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 27 October 2012 - 05:54 PM

What are the current issues?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 29 October 2012 - 07:35 AM

It keeps getting "no service because the server sent no data" messages when trying to load a website.
Other programs are taking ages to load.
Still slow startup times and shut down times.
It's slower than my 512MB Ram Acer! And the Acer can actually successfully navigate to webpages :P

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,738 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:11:18 AM

Posted 29 October 2012 - 11:04 AM

Which browser is affected?
Did you try different browser(s)?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 metalmaiden

metalmaiden
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Australia
  • Local time:03:48 AM

Posted 30 October 2012 - 03:00 AM

He's tried Chrome and IE.
He has trouble sending email.
Programs, eg Powerpoint, Word, Photoshop are taking ages to start, if they start at all.
I think the computer is faulty




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users