police pro won't allow task manager to open

When I try to open task manager it tells me the task manager has been disabled by administrator. What else can I try?

Marisa

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

I never get the user agreement. The police pro comes up an says it is impossible to download this file because it is infected

Hello.
Lets try this.

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  
• Double click DDS.scr to run.
  
• When complete, two logs will open. Save both of the report to your Desktop.
  
• Copy and paste DDS.txt back here, I don't need to see attach.txt just yet.
  

When I clicked on link1 a black box opened momentarily and then the laptop shut itself down. Now the police pro box is the only thing on the screen. I am replying from my pc. The is also a warning box and a Windows police pro alert box.

DDS (Ver_09-10-13.01) - NTFSx86
Run by Risa at 18:34:17.92 on Sun 10/18/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.116 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\ACS.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k ".Net CLR"
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\svohost.exe
C:\Program Files\Windows Police Pro\Windows Police Pro.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Risa\Local Settings\Temporary Internet Files\Content.IE5\37TUSJGS\dds[1].pif

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.toshiba.com/search
uInternet Settings,ProxyOverride =
BHO: c:\windows\system32\nqpyt99fjs.dll: {a2234b15-23f2-42ad-f4e4-00aac39c0004} - c:\windows\system32\nqpyt99fjs.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [hivew] c:\windows\system32\rundll32.exe c:\docume~1\risa\locals~1\temp\229059371824999.dll,Set1
uRun: [calc] rundll32.exe c:\windows\system32\config\system~1\ntuser.dll,_IWMPEvents@0
uRun: [Login Software 2009] c:\docume~1\risa\locals~1\temp\bvoief4sye.exe
uRun: [Yjafosi8kdf98winmdkmnkmfnwe] c:\docume~1\risa\locals~1\temp\csrss.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [PINGER] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [TPSMain] TPSMain.exe
mRun: [TFncKy] TFncKy.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [calc] rundll32.exe c:\windows\system32\calc.dll,_IWMPEvents@0
mRun: [winupdate.exe] c:\windows\system32\winupdate.exe
mRun: [gomayabuk] Rundll32.exe "c:\windows\system32\fomegozu.dll",a
mRun: [98489341] c:\docume~1\alluse~1\applic~1\98489341\98489341.exe
mRun: [Fmawubalikoq] rundll32.exe "c:\windows\iwidoxiy.dll",Startup
StartupFolder: c:\documents and settings\risa\start menu\programs\startup\scandisk.dll
StartupFolder: c:\docume~1\risa\startm~1\programs\startup\scandisk.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
uPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
uPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: facebook.com\www
Trusted Zone: msn.com\www
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167508361312
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540010} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: gutakila.dll c:\docume~1\risa\locals~1\temp\405318usc.dll c:\docume~1\risa\locals~1\temp\415318333.dll c:\docume~1\risa\locals~1\temp\5340xxx.dll c:\docume~1\risa\locals~1\temp\531842eve.dll c:\windows\system32\fomegozu.dll
SSODL: bepakupiw - {351d05b5-8767-4820-a8e1-7825c8bc0e2f} - c:\windows\system32\fomegozu.dll
STS: c:\windows\system32\nqpyt99fjs.dll: {a2234b15-23f2-42ad-f4e4-00aac39c0004} - c:\windows\system32\nqpyt99fjs.dll
STS: mujuzedij: {351d05b5-8767-4820-a8e1-7825c8bc0e2f} - c:\windows\system32\fomegozu.dll
LSA: Notification Packages = scecli hoheyuli.dll PSWMSCf1.dll

============= SERVICES / DRIVERS ===============

R2 .Net CLR;Microsoft .Net Framework COM+ Support;c:\windows\system32\svchost.exe -k ".Net CLR" [2005-4-20 14336]
R2 Iprip;Network Security;c:\windows\system32\svchost.exe -k netsvcs [2005-4-20 14336]
R2 WDefend;WDefend;c:\windows\svohost.exe [2009-10-18 287232]
S3 isapeep;isapeep;c:\windows\system32\isapeep.sys [2005-4-20 2304]
S3 mndisk;mndisk;c:\windows\system32\mndisk.sys [2005-4-20 2304]

============== File Associations ===============

exefile=c:\windows\system32\pump.exe "%1" %*

=============== Created Last 30 ================

2009-10-18 12:51 540,389 a------- c:\windows\system32\246d60.dll
2009-10-18 12:51 807,140 a------- c:\windows\system32\mne.exe
2009-10-18 12:20 48,966 a------- c:\windows\system32\certstore.dat
2009-10-18 11:59 --d----- c:\windows\system32\schtml
2009-10-18 11:58 94,208 a------- c:\windows\system32\TOCRdll.dll
2009-10-18 11:58 95 a------- c:\windows\TOCR.ini
2009-10-18 11:58 3 a------- c:\windows\system32\bversion.dll
2009-10-18 11:58 --d----- c:\program files\LanqiEngine
2009-10-18 11:57 735,232 a------- c:\windows\system32\AdvOcr.dll
2009-10-18 11:57 94,208 a------- c:\windows\system32\TRSOCR.dll
2009-10-18 11:57 95 a------- c:\windows\system32\TRSOCR.ini
2009-10-18 11:56 120 a------- c:\windows\Rtijodet.dat

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-13.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/2/2006 6:56:08 AM
System Uptime: 10/18/2009 6:19:34 PM (0 hours ago)

Motherboard: ATI | | SB400
Processor: Intel(R) Celeron(R) M processor 1.60GHz | U23 | 1596/100mhz

==== Disk Partitions =========================

C: is fȋxed (NTFS) - 74 GiB total, 65.069 GiB free.
D: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.2
Adobe Shockwave Player 11
America Online (Choose which version to remove)
ArcSoft Software Suite
Atheros Client Utility
Atheros Wireless LAN MiniPCI card Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
CD/DVD Drive Acoustic Silencer
DVD-RAM Driver
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hoyle Casino 2003
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
Java(TM) 6 Update 15
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Learn2 Player (Uninstall Only)
McAfee Shredder
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft ActiveX Control Pad
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver
Reel Deal Slots - Nickels and More
sat_screensaver_30mb
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Sonic DLA
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
Toshiba Tbiosdrv Driver
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Touch and Launch
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

10/18/2009 6:07:54 PM, error: Service Control Manager [7016] - The WDefend service has reported an invalid current state 0.
10/18/2009 11:54:02 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file srsvc.dll. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.5512.
10/18/2009 11:53:29 AM, error: Service Control Manager [7023] - The Virtual Snapshot Provider service terminated with the following error: The system cannot find the file specified.
10/18/2009 11:53:29 AM, error: Service Control Manager [7023] - The System Restore Service service terminated with the following error: The specified module could not be found.

==== End Of File ===========================

These are the two notepad I finally got to open in link2

Hello.
This doesn't look good, I don't know where to start here.

Your system is severly infected. Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.
Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage. Solving these is not always possible since it will be searching for a needle in a haystack to find the right cause and solution.
So, we can try to clean this up and do what we can, but keep in mind that we can't solve ALL problems this malware already caused.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start. Reason I am telling this is because when a system is so terribly infected and we try to clean this up manually, the damage that is already present may interfere with our removal attempts.

Please download exeHelper

• Double-click on exeHelper.com to run the fix.
  
• A black window should pop up, press any key to close once the fix is completed.
  
• Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
  

Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

exeHelper by Raktor
Build 20091018
Run at 19:35:31 on 10/18/09
Now searching...
Checking for numerical processes...
Deleting file C:\Documents and Settings\All Users\Application Data\98489341\98489341.exe
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\98489341
Checking for bad processes...
Killed process Windows Police Pro.exe
Checking for bad files...
Deleting file C:\WINDOWS\system32\AVR09.exe
Deleting file C:\WINDOWS\system32\~.exe
Deleting file C:\WINDOWS\system32\winupdate.exe
Deleting file C:\WINDOWS\system32\winhelper.dll
Deleting file C:\WINDOWS\system32\critical_warning.html
Deleting file C:\WINDOWS\system32\pump.exe
Deleting file C:\WINDOWS\system32\calc.dll
Deleting file C:\Program Files\Windows Police Pro\Windows Police Pro.exe
Deleting file C:\Documents and Settings\Risa\ntuser.dll
Checking for bad registry entries...
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winupdate.exe
Removing HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\calc
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\calc
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

The pop ups are gone, but the icon is still on my taskbar

As I said, the malware has created a lot of problems for this system, and we've only just scratched the surface here, and at the very least, we've dented it and we can start making slicing away at this.

I notice that you never scanned with an Antivirus previously before starting this thread - because you don't even have an Antivirus installed!
This is somewhat suicidal in today's digital world.
That's why I want you to install one first!!

* Please install Avira Antivirus: http://www.free-av.com/
This is a free Antivirus.

Perform a full scan with Avira and let it delete everything it is finding.
Then reboot.
After reboot, open your Avira and select "reports".
There doubleclick the report from the Full scan you have done. Click the "Report File" button and copy and paste this report in your next reply.
Then we'll start from there, because it really makes no sense otherwise that we clean this up manually if an Antivirusscan is not present which should be able to deal with most and prevent further reinfection.

I got a pop up asking to install Chinese language pack. Is that

Select no. I doubt that is real.

I did that and when the anti virus ended I rebooted, but now I keep getting pop ups saying that Avira has detected a virus. It keeps naming back door and trojan associated with system32 dll files. But now it won't let me onto the internet or to copy the report. These virus detected messages keep popping up asking to deny access, but they just keep repeating.

antivir guard: attention, detection

c:\windows\system32\wmdmpmsp.dll
bds/backdoor.gen

c:\windoes\system32\246d60.dll
tr/spy.gen Trojan

all marked deny acess

they just keep repeating over and over

Did you run the Avira scan I asked for?
http://www.geekpolice.net/virus-spyware-malware-removal-f11/police-pro-won-t-allow-task-manager-to-open-t15266.htm#96222

You never said if you did or not, and I don't want to continue until we do.

Yes I did, but I could not copy the report. I tried it again and then I got another spyware called security pro popping up. I haven't been able to try again, but will do so later this evening when I get home from work.

Download OTL to your Desktop

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Under the Custom Scan box paste this in
  
  netsvcs
  msconfig
  safebootminimal
  safebootnetwork
  activex
  drivers32
  %SYSTEMDRIVE%\*.exe
  %systemroot%\system32\eventlog.dll
  %systemroot%\system32\scecli.dll
  %systemroot%\netlogon.dll
  %systemroot%\system32\cngaudit.dll
  %systemroot%\system32\sceclt.dll
  %systemroot%\ntelogon.dll
  %systemroot%\system32\logevent.dll
  %systemroot%\system32\drivers\iaStor.sys
  %systemroot%\System32\drivers\nvstor.sys
  %systemroot%\system32\drivers\atapi.sys
  
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time
    
  
  

I HAVE NOT BEEN ABLE TO GET BACK ON MY SYSTEM, BUT I DO THANK YOU FOR ALL YOUR HELP. SINCE I DON'T USE THIS LAPTOP FOR ANY IMPORTANT WORK I HAVE DECIDED TO JUST RESTORE IT TO THE ORIGINAL STATE FROM THE DISK AND START ALL OVER. THE FIRST THING I WILL DO IS INSTALL A GOOD ANTI VIRUS SOFTWARE. I HAD NOT USED IT IN SO LONG THAT I DID NOT KEEP UP WITH THE SUBSCIPTION, I WILL NOT MAKE THAT MISTAKE AGAIN. AGAIN THANKS FOR ALL YOUR HELP, IT'S GOOD TO KNOW THERE ARE SITES LIKE YOURS WHICH ARE SO KNOWLEDGABLE.

MARISA BROTHERS

Thanks for letting us know.