1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

HELP!! xp sp3 strange activity files moving, additional connections to internet

Discussion in 'Virus & Other Malware Removal' started by djinnmaster, May 23, 2015.

Thread Status:
Not open for further replies.
  1. djinnmaster

    djinnmaster Thread Starter

    Joined:
    Apr 24, 2015
    Messages:
    5
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: AMD Athlon(tm) XP 2000+, x86 Family 6 Model 6 Stepping 2
    Processor Count: 1
    RAM: 991 Mb
    Graphics Card: S3 Graphics ProSavageDDR, 32 Mb
    Hard Drives: C: Total - 53732 MB, Free - 15666 MB; D: Total - 3529 MB, Free - 705 MB;
    Motherboard: , KM266-8235
    Antivirus: avast! Antivirus, Updated: Yes, On-Demand Scanner: Enabled

    Recently have had strange things occurring such as desktop icons moving, multiple security and system events, and now today there is a new internet connection icon and lots of updates from microsoft. been trying to work things out but am at a loss now. Seems i do 1 thing and additional issues arise. Please help me Im ready to jump in front of a bus!

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
    Processor: AMD Athlon(tm) XP 2000+, x86 Family 6 Model 6 Stepping 2
    Processor Count: 1
    RAM: 991 Mb
    Graphics Card: S3 Graphics ProSavageDDR, 32 Mb
    Hard Drives: C: Total - 53732 MB, Free - 15666 MB; D: Total - 3529 MB, Free - 705 MB;
    Motherboard: , KM266-8235
    Antivirus: avast! Antivirus, Updated: Yes, On-Demand Scanner: Enabled
     
  2. djinnmaster

    djinnmaster Thread Starter

    Joined:
    Apr 24, 2015
    Messages:
    5
    Update:I think that there may be automated help or something online connected to my computer because of the activity in the event log by i am not educated enough about computers to really get it. here is a portion of it:

    5/23/2015 6:31:00 PM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 6:01:12 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Microsoft .NET Framework NGEN v4.0.30319_X86 service entered the stopped state.
    5/23/2015 5:31:00 PM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 5:08:00 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Google Update Service (gupdate) service entered the stopped state.
    5/23/2015 5:07:53 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Google Update Service (gupdate) service entered the running state.
    5/23/2015 5:07:53 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Google Update Service (gupdate) service was successfully sent a start control.
    5/23/2015 4:31:00 PM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 4:14:53 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Portable Media Serial Number Service service entered the stopped state.
    5/23/2015 4:11:27 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Layer Gateway Service service entered the running state.
    5/23/2015 4:11:27 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Application Layer Gateway Service service was successfully sent a start control.
    5/23/2015 4:11:26 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Microsoft .NET Framework NGEN v4.0.30319_X86 service entered the running state.
    5/23/2015 4:11:26 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Terminal Services service entered the running state.
    5/23/2015 4:11:26 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Eplpdx02 service was successfully sent a start control.
    5/23/2015 4:11:26 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Terminal Services service was successfully sent a start control.
    5/23/2015 4:11:26 PM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Network Location Awareness (NLA) service entered the running state.
    5/23/2015 4:11:26 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Network Location Awareness (NLA) service was successfully sent a start control.
    5/23/2015 4:11:25 PM Service Control Manager Error None 7026 N/A YOUR-KYBTG65GXE The following boot-start or system-start driver(s) failed to load:
    PenClass
    5/23/2015 4:09:57 PM SNMP Information None 1001 N/A YOUR-KYBTG65GXE The SNMP Service has started successfully.
    5/23/2015 4:09:56 PM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Fax service was successfully sent a stop control.
    5/23/2015 4:09:56 PM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Simple TCP/IP Services service terminated with the following error:
    The specified module could not be found.
    5/23/2015 4:09:56 PM Service Control Manager Error None 7000 N/A YOUR-KYBTG65GXE The MCSTRM service failed to start due to the following error:
    The system cannot find the file specified.
    5/23/2015 4:09:53 PM WMPNetworkSvc Information None 14204 N/A YOUR-KYBTG65GXE Service 'WMPNetworkSvc' started.
    5/23/2015 4:09:14 PM Application Popup Information None 26 N/A YOUR-KYBTG65GXE Application popup: : Machine Check: Regs
    5/23/2015 4:09:14 PM Application Popup Information None 26 N/A YOUR-KYBTG65GXE Application popup: : Machine Check:
    5/23/2015 4:09:14 PM Application Popup Information None 26 N/A YOUR-KYBTG65GXE Application popup: : Machine Check: Regs
    5/23/2015 4:09:14 PM Application Popup Information None 26 N/A YOUR-KYBTG65GXE Application popup: : Machine Check:
    5/23/2015 4:09:14 PM Application Popup Information None 26 N/A YOUR-KYBTG65GXE Application popup: : Machine Check: Regs
    5/23/2015 4:09:14 PM Application Popup Information None 26 N/A YOUR-KYBTG65GXE Application popup: : Machine Check:
    5/23/2015 4:09:09 PM Tcpip Information None 4201 N/A YOUR-KYBTG65GXE The system detected that network adapter \DEVICE\TCPIP_{8D347C8E-5C1F-46C6-92CF-D4FBDAC2228B} was connected to the network, and has initiated normal operation over the network adapter.
    5/23/2015 4:09:33 PM EventLog Information None 6005 N/A YOUR-KYBTG65GXE The Event log service was started.
    5/23/2015 4:09:33 PM EventLog Information None 6009 N/A YOUR-KYBTG65GXE Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Multiprocessor Free.
    5/23/2015 11:48:14 AM EventLog Information None 6006 N/A YOUR-KYBTG65GXE The Event log service was stopped.
    5/23/2015 11:31:00 AM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 11:07:50 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Google Update Service (gupdate) service entered the stopped state.
    5/23/2015 11:07:39 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Google Update Service (gupdate) service entered the running state.
    5/23/2015 11:07:39 AM Service Control Manager Information None 7035 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE The Google Update Service (gupdate) service was successfully sent a start control.
    5/23/2015 10:31:00 AM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 9:31:00 AM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 8:31:00 AM Schedule Error None 7901 N/A YOUR-KYBTG65GXE The At1.job command failed to start due to the following error:
    The system cannot find the path specified.
    5/23/2015 7:49:34 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Windows Installer service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:14 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:14 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:13 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
    5/23/2015 7:49:13 AM Service Control Manager Information None 7036 N/A YOUR-KYBTG65GXE The Application Management service entered the stopped state.
    5/23/2015 7:49:13 AM Service Control Manager Information None 7035 YOUR-KYBTG65GXE\Owner YOUR-KYBTG65GXE The Application Management service was successfully sent a start control.
    5/23/2015 7:49:13 AM Service Control Manager Error None 7023 N/A YOUR-KYBTG65GXE The Application Management service terminated with the following error:
    The specified module could not be found.
     
  3. djinnmaster

    djinnmaster Thread Starter

    Joined:
    Apr 24, 2015
    Messages:
    5
    And security log portion:

    5/23/2015 4:12:17 PM Security Success Audit Privilege Use 576 NT AUTHORITY\NETWORK SERVICE YOUR-KYBTG65GXE "Special privileges assigned to new logon:
    User Name: NETWORK SERVICE
    Domain: NT AUTHORITY
    Logon ID: (0x0,0x3E4)
    Privileges: SeAuditPrivilege
    SeAssignPrimaryTokenPrivilege
    SeChangeNotifyPrivilege"
    5/23/2015 4:12:17 PM Security Success Audit Logon/Logoff 528 NT AUTHORITY\NETWORK SERVICE YOUR-KYBTG65GXE "Successful Logon:
    User Name: NETWORK SERVICE
    Domain: NT AUTHORITY
    Logon ID: (0x0,0x3E4)
    Logon Type: 5
    Logon Process: Advapi
    Authentication Package: Negotiate
    Workstation Name:
    Logon GUID: -"
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: Remote Desktop
    Port number: 3389
    Protocol: TCP
    State: Disabled
    Scope: All subnets
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: UPnP Framework over TCP
    Port number: 2869
    Protocol: TCP
    State: Enabled
    Scope: Local subnet only
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: SSDP Component of UPnP Framework
    Port number: 1900
    Protocol: UDP
    State: Enabled
    Scope: Local subnet only
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: SMB over TCP
    Port number: 445
    Protocol: TCP
    State: Enabled
    Scope: Local subnet only
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: NetBIOS Session Service
    Port number: 139
    Protocol: TCP
    State: Enabled
    Scope: Local subnet only
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: NetBIOS Datagram Service
    Port number: 138
    Protocol: UDP
    State: Enabled
    Scope: Local subnet only
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 850 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE A port was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Interface: All interfaces
    Name: NetBIOS Name Service
    Port number: 137
    Protocol: UDP
    State: Enabled
    Scope: Local subnet only
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 849 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE An application was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Name: Nero ProductSetup
    Path: E:\Installation\Setupx.exe
    State: Enabled
    Scope: All subnets
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 849 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE An application was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Name: Remote Assistance
    Path: C:\WINDOWS\system32\sessmgr.exe
    State: Enabled
    Scope: All subnets
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 849 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE An application was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Name: Run a DLL as an App
    Path: C:\WINDOWS\system32\rundll32.exe
    State: Enabled
    Scope: All subnets
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 849 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE An application was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
    Profile used: Standard
    Name: Microsoft Management Console
    Path: C:\WINDOWS\system32\mmc.exe
    State: Enabled
    Scope: All subnets
    5/23/2015 4:11:28 PM Security Success Audit Policy Change 849 NT AUTHORITY\SYSTEM YOUR-KYBTG65GXE An application was listed as an exception when the Windows Firewall started.

    Policy origin: Local Policy
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1148711

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice