My computer keeps shutting down, and I'm not sure why. Ok, I will admit I was watching some tv shows from a foreign site, but I don't know if that was the cause or not. I recently installed internet on this computer, so it could be just about anything at this point. Oh- and I've had this laptop since 2003, I believe, and nearly all the memory is used up except the last 5 gigs. And I did a defrag for the first time in like 2 years. Ok, that's all I have to confess. If there's anything anyone can do to help, I'd be grateful. I've got all my school stuff on here, and I need to save it somehow....

The computer keeps shutting down very quickly, but I've caught three of the thingies up on the screen as to why it's down:

1) kernal_stack_impage_error

2) kernal_data_impage_error

3) page_fault_nonpage_error

And here is the hijackthis.log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:52 PM, on 5/26/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\PROGRA~1\VISION~1\ONETOU~2.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Canon\BJPV\TVMon.exe
C:\Program Files\Picasa\PicasaMediaDetector.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
C:\PROGRA~1\AIM\aim.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Timex\Timex Trainer\TBEggLaunch.exe
C:\Program Files\ScanSoft\PaperPort\Config\Ereg\REMIND32.EXE
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.comcast.net/toolbar2.0/search/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.comcast.net/toolbar2.0/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: Comcast Toolbar - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~1\COMCAS~1.DLL
O4 - HKLM\..\Run: [OneTouch Monitor] C:\PROGRA~1\VISION~1\ONETOU~2.EXE
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [BJPD HID Control] C:\Program Files\Canon\BJPV\TVMon.exe
O4 - HKLM\..\Run: [LifeScape Media Detector] C:\Program Files\Picasa\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\WINDOWS\System32\PRISMSVR.EXE" /APPLY
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [ddoctorv2] "C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe" /P ddoctorv2
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\ScanSoft\PAPERP~1\PPWebCap.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - Startup: Check for OneTouch Updates.lnk = C:\Program Files\Visioneer OneTouch\WiseUpdt.exe
O4 - Startup: reminder-ScanSoft Product Registration.lnk = C:\Program Files\ScanSoft\PaperPort\Config\Ereg\REMIND32.EXE
O4 - Startup: VZAccess Manager.lnk = C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE
O4 - Global Startup: Timex Trainer Launcher.lnk = C:\Program Files\Timex\Timex Trainer\TBEggLaunch.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://it013bcclnm.notes.census.gov/iNotes6.cab
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk...ows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://ra.arlingtonva.us/vdesk/terminal/urxshost.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://ra.arlingtonva.us/vdesk/terminal/ur...=5500,0,50928,1
O17 - HKLM\System\CCS\Services\Tcpip\..\{255E13A7-8427-460F-9B62-0A8C16679768}: NameServer = 68.48.0.5,68.48.0.6
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (ddoctorv2) (sprtsvc_ddoctorv2) - SupportSoft, Inc. - C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 14081 bytes


Thank you.

Oh, there are a couple if other things I should mention:

First, my computer runs really slow now! It usually takes a few starts to get it running, and I have to hit the f8 function at the start up and try several options before I find one that works. It takes 40 minutes I'd so to get it up and running.

Also, even though I put it in standby mode, it'll still turn itself off at some unknown point. When I turn it back on, I have to go through the whole startup again. That is usually when I see the blue screen telling me there was some kind of fatal error or another, and that it's doing a physical dump of my memory.

I've been reporting the error to microsoft when I get my computer, but I NEP getting a report back from them saying they were unable to determine the cause of my computer error.

*sigh*

Thanks.

Hi lets clear some of the rubbish off and tidy up first then I will have a deeper look

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

THEN

Download and run Auslogics Disc Defragmenter

ON COMPLETION

To ensure that I get all the information this log will need to be attached (instructions at the end) if it is to large to attach then upload to Mediafire and post the sharing link.

Download OTS to your Desktop

• Close ALL OTHER PROGRAMS.
• Double-click on OTS.exe to start the program.
• Check the box that says Scan All Users
• Under Additional Scans check the following:
  • File - Lop Check
    
  • File - Purity Scan
    
  • Evnt - EvtViewer (last 10)
• Now click the Run Scan button on the toolbar.
• Let it run unhindered until it finishes.
• When the scan is complete Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Please attach the log in your next post.

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

Due to inactivity this topic will be closed.
If you need help please start a new thread and post a new HJT log

User returned

 OTS.Txt ( 176.23K ) Number of downloads: 28

Ok, I think I got over-eager. I did the OTS download and scan first, and when I went back and checked, I saw that I missed out on the defrag. Since I already did the scan, I figured I'd just go back and do the defrag anyway. Afterwards, I went back and did the OTS scan again. This OTS document is the second one, so if you want to see the first one, just let me know, and I'll post the first one also.

My computer definitely is running faster- it's like magic!

I keep getting another error message when I first turn on my computer. I'll mosey around the forum and see if anyone can help me in another forum.

Thanks!

Whilst I look at your log what is the error message ?

Well that was a quick and easy one. If you could let me know what the error is

Start OTS. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.



The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here.

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Hi- thanks for the response!

I opened up the OTS and put that into the box. I haven't gotten that popup box. What I did get was a popup box telling me it'll need to reboot my computer to fix the problem. It only took about a second once I hit the Run Fix to get this. Should I reboot, and then upload a new OTS scan .txt. for you?

Ok, I'm back to using my cell phone.

I decided to reboot my computer. I had a hard time shutting it down, but it did shut down. When I restarted it, the report came up, but it's totally frozen. I can't get the start menu, the desktop icons, or anything to respond. What should I do?

Truly this is frustrating. I did get the laptop up and running again finally, after several reboots and trying to get through copious amounts of error messages.

Here is what showed up on the report you wanted:

[Registry - Safe List]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1482476501-492894223-839522115-1004\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{A75C6120-9B36-11d4-A3F0-009027427750} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A75C6120-9B36-11d4-A3F0-009027427750}\ not found.
[Empty Temp Folders]

User: All Users

User: Bonnie
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: D Ross
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temp\Perflib_Perfdata_b8c.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temp\~DFDEEF.tmp scheduled to be deleted on reboot.
->Temp folder emptied: 888113 bytes
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\ZGSX2Q3R\favicon[3].ico scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\ZGSX2Q3R\iframe[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\ZGSX2Q3R\OTS[1].Txt scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\WWBJZNEM\mail[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\mail[2].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\mail[3].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\mail[4].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\My_computer_keeps_shutting_down_t103488[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\OTS[1].Txt scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\1H96QYW3\ck[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 8328532 bytes
->Java cache emptied: 0 bytes

User: Daisy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gail
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: James
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jerry
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Linda
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Mary Smollak
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Torrance
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Will
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
File delete failed. C:\WINDOWS\temp\JETD3FF.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_41c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 17048 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 9.03 mb

< End of fix log >
OTS by OldTimer - Version 3.0.4.0 fix logfile created on 06062009_190625

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\D Ross\Local Settings\Temp\Perflib_Perfdata_b8c.dat not found!
C:\Documents and Settings\D Ross\Local Settings\Temp\~DFDEEF.tmp moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\ZGSX2Q3R\favicon[3].ico moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\ZGSX2Q3R\iframe[1].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\ZGSX2Q3R\OTS[1].Txt moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\WWBJZNEM\mail[1].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\mail[2].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\mail[3].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\mail[4].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\My_computer_keeps_shutting_down_t103488[1].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\OU1407RC\OTS[1].Txt moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\Content.IE5\1H96QYW3\ck[1].htm moved successfully.
C:\Documents and Settings\D Ross\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully.
File\Folder C:\WINDOWS\temp\JETD3FF.tmp not found!
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_41c.dat not found!

Registry entries deleted on Reboot...

I am begining to think Hardware problems here - but to confirm that I would like to run a cleaner/scanner

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

You will need to download the two following programmes to another computer with a disc burning capability

FIRST

ISOBurner this will allow you to burn Knopixx ISO to a cd and make it bootable. Just install the programme, from there on in it is fairly automatic. Instructions

SECOND

Download the Knopixx ISO from here to your desktop The file to download is this one 01/04/2007 12:00AM 730,177,536 KNOPPIX_V5.1.1CD-2007-01-04-EN.iso

When complete then double click the ISO file and ISOburner will take over and burn the files to disk

Transfer the CD to the infected computer and set your first boot device in BIOS to CD. Then boot into Knopixx once there we can restore the missing files - when you let me know what they are

Due to inactivity this topic will be closed.
If you need help please start a new thread and post a new HJT log