1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help! Computer Shuts Down Randomly, Trojans and Rootkits

Discussion in 'Virus & Other Malware Removal' started by TriosX, Nov 30, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. TriosX

    TriosX Thread Starter

    Joined:
    Nov 30, 2011
    Messages:
    5
    HiJackThisLog:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:00:35 PM, on 11/30/2011
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
    C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
    C:\WINDOWS\system32\atiptaxx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Sony\HotKey Utility\HKWnd.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\WINDOWS\system32\msiexec.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [WUSB54Gv2] C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
    O23 - Service: VAIO Media Music Server (Application) (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Photo Server (Application) (VAIOMediaPlatform-PhotoServer-AppServer) - Unknown owner - C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
    O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    O23 - Service: WUSB54Gv2SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

    --
    End of file - 3552 bytes

    [Adding More Logs] Please Help, its A Laptop VAIO by Sony

    DDS Log

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 6.0.2900.2180
    Run by Lyda at 19:11:40 on 2011-11-30
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.273 [GMT -8:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\atiptaxx.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
    C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
    C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
    C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv2.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\system32\wscntfy.exe
    G:\1lpfkxv9.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
    TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [ATIModeChange] Ati2mdxx.exe
    mRun: [AtiPTA] atiptaxx.exe
    mRun: [WUSB54Gv2] c:\program files\linksys wireless-g usb wireless network monitor\InvokeSvc3.exe
    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
    TCP: Interfaces\{10E80587-BAFC-43FA-BC81-816CFACBBAD5} : DhcpNameServer = 192.168.0.1 205.171.3.25
    TCP: Interfaces\{D7CA7B65-C10E-478D-AE84-95D6D408F485} : DhcpNameServer = 192.168.1.254
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\lyda\application data\mozilla\firefox\profiles\u675rs15.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:eek:fficial
    FF - prefs.js: network.proxy.type - 4
    FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll
    FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll
    FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\CCEVTMGR.EXE [2004-8-13 198304]
    R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-8-13 181920]
    R3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\drivers\SonyPI.sys [2002-12-5 71961]
    S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\owner\locals~1\temp\aticdsdr.sys --> c:\docume~1\owner\locals~1\temp\ATICDSDr.sys [?]
    S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2004-8-13 79520]
    S3 LEX_NIC_SERVICE;IEEE 802.11 Wireless NIC Win2000 Driver;c:\windows\system32\drivers\Express.sys [2002-12-5 57984]
    S4 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2004-10-6 817304]
    S4 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\viewpointservice.exe" --> c:\program files\viewpoint\common\ViewpointService.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-12-01 01:07:47 -------- d-sha-r- C:\cmdcons
    2011-12-01 01:02:24 -------- d-s---w- C:\ComboFix
    2011-11-30 23:34:35 388096 ----a-r- c:\documents and settings\lyda\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2011-11-30 23:34:32 -------- d-----w- c:\program files\Trend Micro
    2011-11-30 21:39:03 -------- d-----w- c:\program files\SymNetDrv
    2011-11-30 20:30:24 -------- d-----w- c:\program files\msn gaming zone
    2011-11-29 08:20:54 98816 ----a-w- c:\windows\sed.exe
    2011-11-29 08:20:54 518144 ----a-w- c:\windows\SWREG.exe
    2011-11-29 08:20:54 256000 ----a-w- c:\windows\PEV.exe
    2011-11-29 08:20:54 208896 ----a-w- c:\windows\MBR.exe
    2011-11-29 08:06:48 -------- d-----w- c:\program files\CCleaner
    2011-11-29 06:32:45 15781 ----a-w- c:\windows\system32\drivers\mdc8021x.sys
    2011-11-29 06:32:43 374752 ----a-w- c:\windows\system32\WUSBGXP.sys
    2011-11-29 06:32:42 339488 ----a-w- c:\windows\system32\WUSB20XP.sys
    2011-11-29 06:32:42 31930 ----a-w- c:\windows\system32\GTNDIS3.VXD
    2011-11-29 06:32:41 94208 ----a-w- c:\windows\system32\GTW32N50.dll
    2011-11-29 06:32:41 374752 ----a-w- c:\windows\system32\drivers\WUSBGXP.sys
    2011-11-29 06:32:41 15872 ----a-w- c:\windows\system32\GTNDIS5.sys
    2011-11-29 06:32:16 929792 ----a-w- c:\windows\system32\AegisE5.dll
    2011-11-29 06:32:15 651264 ----a-w- c:\windows\system32\libeay32.dll
    2011-11-29 06:32:14 147456 ----a-w- c:\windows\system32\ssleay32.dll
    2011-11-29 06:26:49 -------- d-----w- C:\Linksys Driver2
    2011-11-29 05:05:39 -------- d-----w- c:\program files\Linksys Wireless-G USB Wireless Network Monitor
    2011-11-29 05:01:09 -------- d-----w- C:\Linksys Driver
    .
    ==================== Find3M ====================
    .
    .
    ============= FINISH: 19:14:22.78 ===============
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-11-30 20:16:38
    Windows 5.1.2600 Service Pack 2
    Running: 1lpfkxv9.exe; Driver: C:\DOCUME~1\Lyda\LOCALS~1\Temp\pxtdypow.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 15
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 10000
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] yes
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 90
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected] 10000
    Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\[email protected]_DLLs 1
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected]
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] 0
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\MiscStatus\1
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\MiscStatus\[email protected] 2229649
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] OWC10.DataSourceControl.10
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected]
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL, 1001
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] {0002E550-0000-0000-C000-000000000046}
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] 1.0
    Reg HKLM\SOFTWARE\Classes\CLSID\{1A67FD06-7264-0181-C3D4-FF11B7F305AB}\[email protected] OWC10.DataSourceControl
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\Implemented [email protected]
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\Implemented Categories\{000C0118-0000-0000-C000-000000000046}
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\Implemented Categories\{000C0118-0000-0000-C000-000000000046}@
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] ole32.dll
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE /automation
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] (f'^Vn-}f(YR]eAR6.jiEXCELFiles>EUFOC=M&g(pKeqFrsF*m /automation?
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE /automation
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] (f'^Vn-}f(YR]eAR6.jiEXCELFiles>EUFOC=M&g(pKeqFrsF*m /automation?
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] Excel.Application.10
    Reg HKLM\SOFTWARE\Classes\CLSID\{ABE3FDD0-A25C-1E63-6FE9-B705347DD117}\[email protected] Excel.Application
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{0DE86A52-2BAA-11CF-A229-00AA003D7352}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{0DE86A53-2BAA-11CF-A229-00AA003D7352}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{0DE86A57-2BAA-11CF-A229-00AA003D7352}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{40FC6ED4-2438-11CF-A3DB-080036F12502}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] D:\abu\Comct232.ocx
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] Apartment
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] 0
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\MiscStatus\1
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\MiscStatus\[email protected] 131473
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] ComCtl2.UpDown.1
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] D:\abu\Comct232.ocx, 1
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] {FE0065C0-1B7B-11CF-9D53-00AA003C9CB6}
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] 1.1
    Reg HKLM\SOFTWARE\Classes\CLSID\{F3EEEA3F-5039-EFEF-B924-F43F7A997A32}\[email protected] ComCtl2.UpDown


    ATTACH.zip - DDS
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 3/5/2004 10:06:12 AM
    System Uptime: 11/30/2011 7:08:18 PM (0 hours ago)
    Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz | N/A | 1479/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 14 GiB total, 4.418 GiB free.
    D: is FIXED (NTFS) - 23 GiB total, 23.159 GiB free.
    E: is CDROM ()
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP394: 11/27/2011 3:32:13 PM - System Checkpoint
    RP395: 11/28/2011 9:05:47 PM - Installed Linksys Wireless-G USB Network Adapter
    RP396: 11/28/2011 9:10:50 PM - Installed Linksys Wireless-G USB Network Adapter
    RP397: 11/28/2011 9:16:41 PM - Installed Linksys Wireless-G USB Network Adapter
    RP398: 11/28/2011 10:29:59 PM - Removed Linksys Wireless-G USB Network Adapter
    RP399: 11/28/2011 10:32:10 PM - Installed Linksys Wireless-G USB Network Adapter
    RP400: 11/29/2011 12:51:56 AM - Removed Microsoft Picture It! Express 7.0
    RP401: 11/29/2011 12:53:27 AM - Removed OmniPage SE
    RP402: 11/29/2011 12:56:03 AM - Removed Microsoft Office 2000 SR-1 Disc 2
    RP403: 11/30/2011 12:40:24 PM - Removed CanoScan LiDE20,30 Manual
    RP404: 11/30/2011 12:41:11 PM - Removed CoffeeCup Free FTP
    RP405: 11/30/2011 12:41:33 PM - Removed Drag'n Drop CD+DVD
    RP406: 11/30/2011 12:43:48 PM - Removed Java 2 Runtime Environment, SE v1.4.1_04
    RP407: 11/30/2011 12:45:33 PM - Removed Microsoft Works 7.0
    RP408: 11/30/2011 2:12:20 PM - Configured Quicken 2003 New User Edition
    RP409: 11/30/2011 3:34:28 PM - Installed HiJackThis
    .
    ==== Installed Programs ======================
    .
    Adobe Acrobat 5.0
    Adobe Download Manager 1.2 (Remove Only)
    Adobe Photoshop 6.0
    Adobe Photoshop Elements 2.0
    Adobe Premiere 6 LE
    Adobe Reader 7.0.5 Language Support
    Adobe Reader 7.0.8
    Adobe® Photoshop® Album Starter Edition 3.0
    AMBIT Wireless LAN
    ATI Display Driver
    BroadJump Client Foundation
    Canon CanoScan Toolbox 4.0
    ccCommon
    CCleaner
    EPSON Printer Software
    Google Toolbar for Internet Explorer
    Help and Support
    HighMAT Extension to Microsoft Windows XP CD Writing Wizard
    HiJackThis
    HotKey Utility
    ImageStation Tour
    Intel(R) PRO Ethernet Adapter and Software
    Linksys Wireless-G USB Network Adapter
    LiveReg (Symantec Corporation)
    Macromedia Flash Player 8
    Macromedia Shockwave Player
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Learning and Research Plus Support Files
    Microsoft Office XP Media Content
    Microsoft Office XP Professional
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    MoodLogic
    Mozilla Firefox 8.0.1 (x86 en-US)
    MSN Messenger 7.0
    MSN Music Assistant
    Music Visualizer Library 1.4.00
    Network Smart Capture
    Norton AntiVirus 2005 (Symantec Corporation)
    Norton AntiVirus Parent MSI
    Norton AntiVirus SYMLT MSI
    OpenMG Limited Patch 3.1-02-10-22-01
    OpenMG Limited Patch 3.1-02-10-23-01
    OpenMG Secure Module 3.1
    PowerPanel
    QuickTime
    RealPlayer
    Shockwave
    SonicStage 1.5.05
    Sony Certificate PCH
    Sony DV Shared Library
    Sony Notebook Setup
    Sony USB Mouse
    Sony Utilities DLL
    SPBBC
    Spybot - Search & Destroy 1.3
    Support Actions WinXP
    Symantec
    Symantec Network Drivers Update
    Synaptics Pointing Device Driver
    VAIO Edit Components LE
    VAIO Media 2.0
    VAIO Media Installer 2.0
    VAIO Media Music Server 2.0
    VAIO Media Photo Server 2.0
    VAIO Media Platform 2.0
    VAIO Registration
    VAIO Serenus Wallpaper
    VAIO Survey Standalone
    Visual IP InSight(SBC)
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 2
    WinZip
    Yahoo! Install Manager
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/30/2011 7:11:44 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    11/30/2011 7:11:21 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    11/30/2011 5:33:08 PM, error: Service Control Manager [7016] - The VAIO Media Photo Server (Application) service has reported an invalid current state 272.
    11/30/2011 3:31:06 PM, error: Service Control Manager [7034] - The VAIO Media Photo Server (Application) service terminated unexpectedly. It has done this 1 time(s).
    11/30/2011 3:30:59 PM, error: Service Control Manager [7034] - The VAIO Media Photo Server (HTTP) service terminated unexpectedly. It has done this 1 time(s).
    11/30/2011 3:28:30 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    11/30/2011 3:13:32 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DMICall Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SYMTDI Tcpip
    11/30/2011 2:59:32 PM, error: Service Control Manager [7034] - The Symantec Settings Manager service terminated unexpectedly. It has done this 1 time(s).
    11/30/2011 2:59:26 PM, error: Service Control Manager [7034] - The Symantec Event Manager service terminated unexpectedly. It has done this 1 time(s).
    11/30/2011 12:46:23 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    11/30/2011 12:31:01 PM, error: Service Control Manager [7000] - The SAVRT service failed to start due to the following error: A device attached to the system is not functioning.
    11/30/2011 12:31:01 PM, error: SAVRT [6] -
    11/30/2011 12:30:52 PM, error: Service Control Manager [7000] - The Viewpoint Manager Service service failed to start due to the following error: The system cannot find the path specified.
    11/30/2011 12:30:52 PM, error: Service Control Manager [7000] - The Automatic LiveUpdate Scheduler service failed to start due to the following error: The system cannot find the path specified.
    11/29/2011 7:17:24 PM, error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
    11/29/2011 7:10:41 PM, error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{10E80587-BAFC-43FA-BC81-816CFACBBAD5} because another computer on the network has the same name. The server could not start.
    11/29/2011 6:58:29 PM, error: ipnathlp [31014] - The DNS proxy agent was unable to read the ICS Domain suffix string from the registry. The data is the error code.
    11/29/2011 6:58:29 PM, error: ipnathlp [31008] - The DNS proxy agent was unable to read the local list of name-resolution servers from the registry. The data is the error code.
    11/29/2011 6:55:30 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    11/29/2011 6:49:48 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: DMICall Fips intelppm SAVRTPEL SYMTDI
    11/29/2011 6:48:26 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
    11/29/2011 6:42:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    11/29/2011 6:08:54 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
    11/29/2011 5:58:53 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DMICall Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SAVRTPEL SYMTDI Tcpip
    11/29/2011 5:58:53 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
    11/29/2011 5:58:53 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/29/2011 5:58:53 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    11/29/2011 5:58:53 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
    11/29/2011 5:55:12 PM, error: Service Control Manager [7034] - The VAIO Media Music Server (Application) service terminated unexpectedly. It has done this 1 time(s).
    11/29/2011 5:55:08 PM, error: Service Control Manager [7034] - The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).
    11/29/2011 5:55:08 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
    11/29/2011 5:55:08 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
    11/29/2011 5:55:08 PM, error: DCOM [10005] - DCOM got error "%1055" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
    11/29/2011 11:41:43 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
    .
    ==== End Of File ===========================
     
  2. TriosX

    TriosX Thread Starter

    Joined:
    Nov 30, 2011
    Messages:
    5
    Bump, thank you
     
  3. TriosX

    TriosX Thread Starter

    Joined:
    Nov 30, 2011
    Messages:
    5
    Bump, thanks for any help I can get on removing this
     
  4. TriosX

    TriosX Thread Starter

    Joined:
    Nov 30, 2011
    Messages:
    5
    Second Bump, there are 3 because my computer acted up on one posting and double posted

    Again, thank you for any help you can offer
     
  5. TriosX

    TriosX Thread Starter

    Joined:
    Nov 30, 2011
    Messages:
    5
    Bump
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1029165

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice