Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected with Malware?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Butch Howard

Butch Howard

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:58 AM

Posted 14 March 2009 - 04:44 PM

Hi,
This is my first time posting so greetings to all. You have a very helpful website.
My problem started a few days ago when I rebooted my computer. When Googling using Internet Explorer I get redirected to all kinds of websites unrelated to what I was trying to look up. Also this started happening at the same time. When I reboot and open up Internet Explorer, I will get a dozen to 2 dozen svchost.exe error message's. I keep clicking on them and they eventually quit. I have tried downloading Spybot and MalwareBytes and saving them to my desktop, but when I hit run it fails to load. I use CA antivirus, firewall, and antiSpyware and I can no longer get updates. Any help would be greatly appreciated. I'm attaching a DDS.txt log, Attach.txt log and a startup log from HijackThis.

Thanks in advance,

Butch Howard
DDS (Ver_09-02-01.01) - NTFSx86
Run by Butch at 15:13:47.53 on Sat 03/14/2009
Internet Explorer: 7.0.5730.13
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/2/2008 3:14:04 PM
System Uptime: 3/14/2009 1:23:51 PM (2 hours ago)

Motherboard: Hewlett-Packard | | HP WMTA System Board
Processor: Intel® Pentium® 4 CPU 1300MHz | Processor 1 | 1296/mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 130.428 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (FAT32) - 57 GiB total, 18.416 GiB free.
G: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP56: 12/8/2008 5:17:19 PM - System Checkpoint
RP57: 12/9/2008 5:43:27 PM - System Checkpoint
RP58: 12/10/2008 6:16:13 PM - System Checkpoint
RP59: 12/11/2008 6:23:38 PM - System Checkpoint
RP60: 12/12/2008 3:00:18 AM - Software Distribution Service 3.0
RP61: 12/13/2008 3:29:42 AM - System Checkpoint
RP62: 12/14/2008 4:17:15 AM - System Checkpoint
RP63: 12/15/2008 5:17:14 AM - System Checkpoint
RP64: 12/16/2008 5:31:11 AM - System Checkpoint
RP65: 12/17/2008 6:07:14 AM - System Checkpoint
RP66: 12/18/2008 6:31:14 AM - System Checkpoint
RP67: 12/18/2008 3:20:57 PM - Software Distribution Service 3.0
RP68: 12/19/2008 5:46:07 PM - System Checkpoint
RP69: 12/20/2008 6:25:00 PM - System Checkpoint
RP70: 12/21/2008 7:02:53 PM - System Checkpoint
RP71: 12/22/2008 7:53:27 PM - System Checkpoint
RP72: 12/23/2008 7:54:07 PM - System Checkpoint
RP73: 12/24/2008 8:54:08 PM - System Checkpoint
RP74: 12/25/2008 9:54:08 PM - System Checkpoint
RP75: 12/26/2008 11:06:40 PM - System Checkpoint
RP76: 12/28/2008 12:00:55 AM - System Checkpoint
RP77: 12/29/2008 12:23:45 AM - System Checkpoint
RP78: 12/30/2008 1:23:46 AM - System Checkpoint
RP79: 12/31/2008 2:23:45 AM - System Checkpoint
RP80: 1/1/2009 3:23:49 AM - System Checkpoint
RP81: 1/2/2009 4:23:49 AM - System Checkpoint
RP82: 1/3/2009 5:23:48 AM - System Checkpoint
RP83: 1/4/2009 6:23:50 AM - System Checkpoint
RP84: 1/5/2009 7:23:48 AM - System Checkpoint
RP85: 1/6/2009 8:23:49 AM - System Checkpoint
RP86: 1/7/2009 9:22:01 AM - System Checkpoint
RP87: 1/8/2009 11:01:53 AM - System Checkpoint
RP88: 1/9/2009 11:21:33 AM - System Checkpoint
RP89: 1/10/2009 12:49:21 PM - System Checkpoint
RP90: 1/11/2009 2:38:19 PM - System Checkpoint
RP91: 1/12/2009 3:00:35 PM - System Checkpoint
RP92: 1/13/2009 3:59:30 PM - System Checkpoint
RP93: 1/14/2009 3:00:18 AM - Software Distribution Service 3.0
RP94: 1/15/2009 3:00:18 AM - Software Distribution Service 3.0
RP95: 1/16/2009 3:12:52 AM - System Checkpoint
RP96: 1/17/2009 4:12:51 AM - System Checkpoint
RP97: 1/18/2009 4:48:03 AM - System Checkpoint
RP98: 1/19/2009 5:24:02 AM - System Checkpoint
RP99: 1/20/2009 6:12:05 AM - System Checkpoint
RP100: 1/21/2009 6:24:03 AM - System Checkpoint
RP101: 1/22/2009 6:24:11 AM - System Checkpoint
RP102: 1/23/2009 7:24:13 AM - System Checkpoint
RP103: 1/24/2009 7:54:08 AM - System Checkpoint
RP104: 1/25/2009 8:31:18 AM - System Checkpoint
RP105: 1/26/2009 10:56:36 AM - System Checkpoint
RP106: 1/27/2009 10:21:21 AM - Installed Microsoft Office Word Viewer 2003
RP107: 1/27/2009 10:25:05 AM - Installed Compatibility Pack for the 2007 Office system
RP108: 1/28/2009 10:40:13 AM - System Checkpoint
RP109: 1/29/2009 11:09:11 AM - System Checkpoint
RP110: 1/30/2009 11:34:42 AM - System Checkpoint
RP111: 1/31/2009 11:44:34 AM - System Checkpoint
RP112: 2/1/2009 12:44:33 PM - System Checkpoint
RP113: 2/2/2009 2:21:51 PM - System Checkpoint
RP114: 2/3/2009 2:23:12 PM - System Checkpoint
RP115: 2/4/2009 3:41:25 PM - System Checkpoint
RP116: 2/5/2009 4:55:39 PM - System Checkpoint
RP117: 2/6/2009 5:29:37 PM - System Checkpoint
RP118: 2/7/2009 6:23:29 PM - System Checkpoint
RP119: 2/8/2009 7:04:48 PM - System Checkpoint
RP120: 2/9/2009 8:31:25 PM - System Checkpoint
RP121: 2/10/2009 9:15:47 PM - System Checkpoint
RP122: 2/11/2009 9:59:14 AM - Software Distribution Service 3.0
RP123: 2/12/2009 11:34:27 AM - System Checkpoint
RP124: 2/13/2009 12:04:45 PM - System Checkpoint
RP125: 2/14/2009 3:31:30 PM - System Checkpoint
RP126: 2/15/2009 4:23:17 PM - System Checkpoint
RP127: 2/16/2009 5:12:08 PM - System Checkpoint
RP128: 2/17/2009 6:12:07 PM - System Checkpoint
RP129: 2/18/2009 7:12:07 PM - System Checkpoint
RP130: 2/19/2009 7:20:02 PM - System Checkpoint
RP131: 2/20/2009 7:31:10 PM - System Checkpoint
RP132: 2/21/2009 8:30:04 PM - System Checkpoint
RP133: 2/22/2009 9:30:06 PM - System Checkpoint
RP134: 2/23/2009 10:09:49 PM - System Checkpoint
RP135: 2/24/2009 11:09:49 PM - System Checkpoint
RP136: 2/25/2009 3:00:17 AM - Software Distribution Service 3.0
RP137: 2/25/2009 10:42:42 AM - Software Distribution Service 3.0
RP138: 2/25/2009 10:51:33 AM - Software Distribution Service 3.0
RP139: 2/26/2009 11:28:17 AM - System Checkpoint
RP140: 2/27/2009 11:41:57 AM - System Checkpoint
RP141: 2/28/2009 12:10:28 PM - System Checkpoint
RP142: 3/1/2009 12:46:03 PM - System Checkpoint
RP143: 3/2/2009 12:55:35 PM - System Checkpoint
RP144: 3/3/2009 6:08:17 PM - System Checkpoint
RP145: 3/4/2009 7:02:42 PM - System Checkpoint
RP146: 3/5/2009 7:38:38 PM - System Checkpoint
RP147: 3/6/2009 7:41:39 PM - System Checkpoint
RP148: 3/7/2009 8:00:16 PM - System Checkpoint

==== Installed Programs ======================

1600
1600_Help
1600Trb
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9
AiO_Scan
AiOSoftware
BufferChm
CA Anti-Spyware
CA Anti-Virus
CA Internet Security Suite
CA Personal Firewall
CA Pest Patrol Realtime Protection
CCScore
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
Director
DocProc
DocumentViewer
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
Fax
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HP Extended Capabilities 4.7StartupList report, 3/14/2009, 4:13:45 PM
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP3 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16791)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

nwiz = nwiz.exe /install
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
CAVRID = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
cctray = C:\Program Files\CA\CA Internet Security Suite\casc.exe
CAPPActiveProtection = "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe"
capfupgrade = C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
capfasem = C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
cafw = C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes' Anti-Malware = C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

RegGenie v2.0 - Trial Expired = "C:\Program Files\RegGenie\RegGenieOnRebootExpired.exe"
RegGenie v2.0 = "C:\Program Files\RegGenie\RegGenieOnReboot.exe"

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

AcroIEHelperStub - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
(no name) - C:\Program Files\Java\jre6\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}

--------------------------------------------------

Enumerating Task Scheduler jobs:

EasyShare Registration Task.job

--------------------------------------------------

Enumerating Download Program Files:

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://download.microsoft.com/download/C/0...heckControl.cab

[WUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\wuweb.dll
CODEBASE = http://www.update.microsoft.com/windowsupd...b?1225657414047

[Java Plug-in 1.6.0_11]
InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab

--------------------------------------------------

Enumerating Winsock LSP files:

Protocol #1: C:\WINDOWS\system32\VetRedir.dll
Protocol #19: C:\WINDOWS\system32\VetRedir.dll

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll

--------------------------------------------------
End of report, 6,701 bytes
Report generated in 0.050 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

HP Image Zone 4.7
HP Image Zone Express
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HP Update
HPSystemDiagnostics
InstantShare
Java™ 6 Update 11
kgcbase
Kodak EasyShare software
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
netbrdg
NVIDIA Windows 2000/XP Display Drivers
OfotoXMI
PanoStandAlone
PhotoGallery
Picasa 3
ProductContext
QFolder
Readme
RegGenie v2.0
Scan
ScannerCopy
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SFR
SHASTA
skin0001
SkinsHP1
SKINXSDK
staticcr
The Print Shop Business Card Creator
tooltips
TrayApp
Unload
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VPRINTOL
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
WIRELESS

==== Event Viewer Messages From Past Week ========

3/9/2009 1:33:50 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 20 time(s).
3/9/2009 1:33:50 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 11 time(s).
3/9/2009 1:33:49 PM, error: DCOM [10005] - DCOM got error "%109" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
3/9/2009 1:33:46 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 18 time(s).
3/9/2009 1:33:46 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 10 time(s).
3/9/2009 1:33:41 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 16 time(s).
3/9/2009 1:33:41 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 9 time(s).
3/9/2009 1:33:37 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 14 time(s).
3/9/2009 1:33:37 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 8 time(s).
3/9/2009 1:33:33 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 12 time(s).
3/9/2009 1:33:33 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 7 time(s).
3/9/2009 1:33:28 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 10 time(s).
3/9/2009 1:33:28 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 6 time(s).
3/9/2009 1:33:24 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 8 time(s).
3/9/2009 1:33:24 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 1:33:19 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 1:33:19 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 4 time(s).
3/9/2009 1:27:34 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service PPCtlPriv with arguments "" in order to run the server: {F974178A-A284-440A-BEFC-5B0D11BCDB68}
3/9/2009 1:13:41 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/9/2009 12:51:40 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/9/2009 12:19:48 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 44 time(s).
3/9/2009 12:19:48 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 16 time(s).
3/9/2009 12:19:44 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 42 time(s).
3/9/2009 12:19:44 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 15 time(s).
3/9/2009 12:19:35 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 38 time(s).
3/9/2009 12:19:35 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 13 time(s).
3/9/2009 12:19:30 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 35 time(s).
3/9/2009 12:19:25 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 32 time(s).
3/9/2009 12:19:19 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 29 time(s).
3/9/2009 12:19:14 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 26 time(s).
3/9/2009 12:18:58 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 21 time(s).
3/9/2009 12:18:58 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s).
3/9/2009 12:02:01 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/8/2009 4:00:10 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
3/8/2009 2:31:47 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
3/8/2009 2:24:32 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 2 time(s).
3/8/2009 2:24:32 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
3/8/2009 2:17:17 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service UmxPol with arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}
3/7/2009 11:45:50 AM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/7/2009 11:44:19 AM, error: Dhcp [1002] - The IP address lease 192.168.1.104 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/9/2009 5:37:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service UmxPol with arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}
3/9/2009 5:38:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/9/2009 5:38:31 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips KmxAgent KmxFile KmxFw KmxStart Processor VET-FILT VET-REC VETEFILE VETMONNT
3/11/2009 1:20:19 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The Help and Support service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:45 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 7 time(s).
3/14/2009 11:50:26 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
3/14/2009 12:05:28 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 9 time(s).
3/14/2009 12:37:50 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/14/2009 12:42:56 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 34 time(s).
3/14/2009 12:43:01 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 59 time(s).
3/14/2009 12:56:50 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 15 time(s).

==== End Of File ===========================

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.639.232 [GMT -5:00]

AV: CA Anti-Virus *On-access scanning enabled* (Updated)
FW: CA Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Butch\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [RegGenie v2.0 - Trial Expired] "c:\program files\reggenie\RegGenieOnRebootExpired.exe"
uRun: [RegGenie v2.0] "c:\program files\reggenie\RegGenieOnReboot.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"
mRun: [cctray] c:\program files\ca\ca internet security suite\casc.exe
mRun: [CAPPActiveProtection] "c:\program files\ca\ca internet security suite\ca anti-spyware\CAPPActiveProtection.exe"
mRun: [capfupgrade] c:\program files\ca\ca internet security suite\ca personal firewall\capfupgrade.exe
mRun: [capfasem] c:\program files\ca\ca internet security suite\ca personal firewall\capfasem.exe
mRun: [cafw] c:\program files\ca\ca internet security suite\ca personal firewall\cafw.exe -cl
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\windows\system32\VetRedir.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225657414047
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1228332106806&h=0a6a4b253c502a19183a709b1b30d19a/&filename=jinstall-6u11-windows-i586-jc.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: NameServer = 85.255.112.148,85.255.112.108
TCP: {1ACCE21B-FE50-49B5-BCEE-799B946D4F53} = 85.255.112.148,85.255.112.108
Notify: PFW - UmxWnp.Dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [2009-1-9 107512]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2009-1-9 72696]
R1 KmxFile;KmxFile;c:\windows\system32\drivers\KmxFile.sys [2008-8-25 52728]
R1 KmxFw;KmxFw;c:\windows\system32\drivers\KmxFw.sys [2009-1-9 115704]
R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-11-15 26352]
R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-11-15 21104]
R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2008-11-15 880560]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2008-11-15 21488]
R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-11-15 161008]
R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-11-3 144696]
R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\ca\ca internet security suite\ccschedulersvc.exe [2008-11-15 128240]
R2 KmxCF;KmxCF;c:\windows\system32\drivers\KmxCF.sys [2009-1-9 144376]
R2 KmxSbx;KmxSbx;c:\windows\system32\drivers\KmxSbx.sys [2008-7-30 58872]
R2 UmxAgent;HIPS Event Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2009-1-9 1153528]
R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2009-1-9 797176]
R2 UmxPol;HIPS Policy Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-9-2 289272]
R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-11-3 292080]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2009-1-9 205304]
R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2008-11-15 108368]
S4 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2008-11-6 222448]

=============== Created Last 30 ================

2009-03-14 13:57 <DIR> --d----- c:\program files\Trend Micro
2009-03-14 13:48 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-14 13:48 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-14 13:48 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-14 13:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-14 13:19 616 a------- c:\windows\RegGenie.ini
2009-03-14 13:03 159,744 a------- c:\windows\RegGenieOnUninstall.exe
2009-03-14 13:02 <DIR> --d----- c:\program files\RegGenie
2009-03-08 15:44 7,680 ac-sh--- c:\windows\system32\dllcache\Thumbs.db
2009-03-08 15:39 5,120 a--sh--- c:\windows\system32\Thumbs.db
2009-02-25 11:17 8,704 ac------ c:\windows\system32\dllcache\kbdjpn.dll
2009-02-25 11:17 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-02-25 11:17 6,144 ac------ c:\windows\system32\dllcache\kbd101c.dll
2009-02-25 11:17 5,632 ac------ c:\windows\system32\dllcache\kbd103.dll
2009-02-25 11:17 8,704 a------- c:\windows\system32\kbdjpn.dll
2009-02-25 11:17 8,192 a------- c:\windows\system32\kbdkor.dll
2009-02-25 11:17 6,144 a------- c:\windows\system32\kbd101c.dll
2009-02-25 11:17 5,632 a------- c:\windows\system32\kbd103.dll
2009-02-25 11:17 6,144 ac------ c:\windows\system32\dllcache\kbd101b.dll
2009-02-25 11:17 6,144 a------- c:\windows\system32\kbd101b.dll
2009-02-25 11:17 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll
2009-02-25 11:17 6,144 a------- c:\windows\system32\kbd106.dll
2009-02-25 10:57 <DIR> --d----- c:\docume~1\butch\applic~1\Windows Search
2009-02-25 10:52 <DIR> --d----- c:\windows\nview
2009-02-25 10:47 221,184 a------- c:\windows\system32\wmpns.dll
2009-02-25 10:45 <DIR> --d----- c:\docume~1\butch\applic~1\Windows Desktop Search
2009-02-25 10:44 <DIR> --d----- c:\program files\Windows Desktop Search
2009-02-25 10:44 <DIR> --d----- c:\windows\system32\GroupPolicy
2009-02-25 10:43 29,696 -c------ c:\windows\system32\dllcache\mimefilt.dll
2009-02-25 10:43 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll
2009-02-25 10:43 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2009-02-25 01:12 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat

==================== Find3M ====================

2009-03-14 13:34 1,744 a------- c:\windows\system32\d3d9caps.dat
2009-02-27 11:14 161,008 a------- c:\windows\system32\drivers\vetmonnt.sys
2009-02-27 11:14 26,352 a------- c:\windows\system32\drivers\vet-filt.sys
2009-02-27 11:14 21,488 a------- c:\windows\system32\drivers\vetfddnt.sys
2009-02-27 11:14 21,104 a------- c:\windows\system32\drivers\vet-rec.sys
2009-02-27 11:14 111,856 a------- c:\windows\system32\isafprod.dll
2009-01-21 07:49 118,656 a------- c:\windows\system32\drivers\Rtnicxp.sys
2009-01-16 14:45 73,728 a------- c:\windows\system32\RtNicProp32.dll
2009-01-05 17:33 3,751,995 a------- c:\windows\system32\GPhotos.scr
2008-12-20 18:15 826,368 a------- c:\windows\system32\wininet.dll
2008-11-03 02:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008102720081103\index.dat
2008-11-03 02:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110320081104\index.dat

============= FINISH: 15:14:12.94 ===============

DDS (Ver_09-02-01.01) - NTFSx86
Run by Butch at 15:13:47.53 on Sat 03/14/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.639.232 [GMT -5:00]

AV: CA Anti-Virus *On-access scanning enabled* (Updated)
FW: CA Personal Firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Butch\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [RegGenie v2.0 - Trial Expired] "c:\program files\reggenie\RegGenieOnRebootExpired.exe"
uRun: [RegGenie v2.0] "c:\program files\reggenie\RegGenieOnReboot.exe"
mRun: [nwiz] nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe"
mRun: [cctray] c:\program files\ca\ca internet security suite\casc.exe
mRun: [CAPPActiveProtection] "c:\program files\ca\ca internet security suite\ca anti-spyware\CAPPActiveProtection.exe"
mRun: [capfupgrade] c:\program files\ca\ca internet security suite\ca personal firewall\capfupgrade.exe
mRun: [capfasem] c:\program files\ca\ca internet security suite\ca personal firewall\capfasem.exe
mRun: [cafw] c:\program files\ca\ca internet security suite\ca personal firewall\cafw.exe -cl
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: c:\windows\system32\VetRedir.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225657414047
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1228332106806&h=0a6a4b253c502a19183a709b1b30d19a/&filename=jinstall-6u11-windows-i586-jc.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
TCP: NameServer = 85.255.112.148,85.255.112.108
TCP: {1ACCE21B-FE50-49B5-BCEE-799B946D4F53} = 85.255.112.148,85.255.112.108
Notify: PFW - UmxWnp.Dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

============= SERVICES / DRIVERS ===============

R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [2009-1-9 107512]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2009-1-9 72696]
R1 KmxFile;KmxFile;c:\windows\system32\drivers\KmxFile.sys [2008-8-25 52728]
R1 KmxFw;KmxFw;c:\windows\system32\drivers\KmxFw.sys [2009-1-9 115704]
R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-11-15 26352]
R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-11-15 21104]
R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2008-11-15 880560]
R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2008-11-15 21488]
R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-11-15 161008]
R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-11-3 144696]
R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\ca\ca internet security suite\ccschedulersvc.exe [2008-11-15 128240]
R2 KmxCF;KmxCF;c:\windows\system32\drivers\KmxCF.sys [2009-1-9 144376]
R2 KmxSbx;KmxSbx;c:\windows\system32\drivers\KmxSbx.sys [2008-7-30 58872]
R2 UmxAgent;HIPS Event Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxAgent.exe [2009-1-9 1153528]
R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\ca\sharedcomponents\hipsengine\UmxCfg.exe [2009-1-9 797176]
R2 UmxPol;HIPS Policy Manager;c:\program files\ca\sharedcomponents\hipsengine\UmxPol.exe [2008-9-2 289272]
R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-11-3 292080]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2009-1-9 205304]
R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2008-11-15 108368]
S4 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2008-11-6 222448]

=============== Created Last 30 ================

2009-03-14 13:57 <DIR> --d----- c:\program files\Trend Micro
2009-03-14 13:48 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-14 13:48 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-14 13:48 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-14 13:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-14 13:19 616 a------- c:\windows\RegGenie.ini
2009-03-14 13:03 159,744 a------- c:\windows\RegGenieOnUninstall.exe
2009-03-14 13:02 <DIR> --d----- c:\program files\RegGenie
2009-03-08 15:44 7,680 ac-sh--- c:\windows\system32\dllcache\Thumbs.db
2009-03-08 15:39 5,120 a--sh--- c:\windows\system32\Thumbs.db
2009-02-25 11:17 8,704 ac------ c:\windows\system32\dllcache\kbdjpn.dll
2009-02-25 11:17 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll
2009-02-25 11:17 6,144 ac------ c:\windows\system32\dllcache\kbd101c.dll
2009-02-25 11:17 5,632 ac------ c:\windows\system32\dllcache\kbd103.dll
2009-02-25 11:17 8,704 a------- c:\windows\system32\kbdjpn.dll
2009-02-25 11:17 8,192 a------- c:\windows\system32\kbdkor.dll
2009-02-25 11:17 6,144 a------- c:\windows\system32\kbd101c.dll
2009-02-25 11:17 5,632 a------- c:\windows\system32\kbd103.dll
2009-02-25 11:17 6,144 ac------ c:\windows\system32\dllcache\kbd101b.dll
2009-02-25 11:17 6,144 a------- c:\windows\system32\kbd101b.dll
2009-02-25 11:17 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll
2009-02-25 11:17 6,144 a------- c:\windows\system32\kbd106.dll
2009-02-25 10:57 <DIR> --d----- c:\docume~1\butch\applic~1\Windows Search
2009-02-25 10:52 <DIR> --d----- c:\windows\nview
2009-02-25 10:47 221,184 a------- c:\windows\system32\wmpns.dll
2009-02-25 10:45 <DIR> --d----- c:\docume~1\butch\applic~1\Windows Desktop Search
2009-02-25 10:44 <DIR> --d----- c:\program files\Windows Desktop Search
2009-02-25 10:44 <DIR> --d----- c:\windows\system32\GroupPolicy
2009-02-25 10:43 29,696 -c------ c:\windows\system32\dllcache\mimefilt.dll
2009-02-25 10:43 192,000 -c------ c:\windows\system32\dllcache\offfilt.dll
2009-02-25 10:43 98,304 -c------ c:\windows\system32\dllcache\nlhtml.dll
2009-02-25 01:12 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat

==================== Find3M ====================

2009-03-14 13:34 1,744 a------- c:\windows\system32\d3d9caps.dat
2009-02-27 11:14 161,008 a------- c:\windows\system32\drivers\vetmonnt.sys
2009-02-27 11:14 26,352 a------- c:\windows\system32\drivers\vet-filt.sys
2009-02-27 11:14 21,488 a------- c:\windows\system32\drivers\vetfddnt.sys
2009-02-27 11:14 21,104 a------- c:\windows\system32\drivers\vet-rec.sys
2009-02-27 11:14 111,856 a------- c:\windows\system32\isafprod.dll
2009-01-21 07:49 118,656 a------- c:\windows\system32\drivers\Rtnicxp.sys
2009-01-16 14:45 73,728 a------- c:\windows\system32\RtNicProp32.dll
2009-01-05 17:33 3,751,995 a------- c:\windows\system32\GPhotos.scr
2008-12-20 18:15 826,368 a------- c:\windows\system32\wininet.dll
2008-11-03 02:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008102720081103\index.dat
2008-11-03 02:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008110320081104\index.dat

============= FINISH: 15:14:12.94 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/2/2008 3:14:04 PM
System Uptime: 3/14/2009 1:23:51 PM (2 hours ago)

Motherboard: Hewlett-Packard | | HP WMTA System Board
Processor: Intel® Pentium® 4 CPU 1300MHz | Processor 1 | 1296/mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 130.428 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (FAT32) - 57 GiB total, 18.416 GiB free.
G: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP56: 12/8/2008 5:17:19 PM - System Checkpoint
RP57: 12/9/2008 5:43:27 PM - System Checkpoint
RP58: 12/10/2008 6:16:13 PM - System Checkpoint
RP59: 12/11/2008 6:23:38 PM - System Checkpoint
RP60: 12/12/2008 3:00:18 AM - Software Distribution Service 3.0
RP61: 12/13/2008 3:29:42 AM - System Checkpoint
RP62: 12/14/2008 4:17:15 AM - System Checkpoint
RP63: 12/15/2008 5:17:14 AM - System Checkpoint
RP64: 12/16/2008 5:31:11 AM - System Checkpoint
RP65: 12/17/2008 6:07:14 AM - System Checkpoint
RP66: 12/18/2008 6:31:14 AM - System Checkpoint
RP67: 12/18/2008 3:20:57 PM - Software Distribution Service 3.0
RP68: 12/19/2008 5:46:07 PM - System Checkpoint
RP69: 12/20/2008 6:25:00 PM - System Checkpoint
RP70: 12/21/2008 7:02:53 PM - System Checkpoint
RP71: 12/22/2008 7:53:27 PM - System Checkpoint
RP72: 12/23/2008 7:54:07 PM - System Checkpoint
RP73: 12/24/2008 8:54:08 PM - System Checkpoint
RP74: 12/25/2008 9:54:08 PM - System Checkpoint
RP75: 12/26/2008 11:06:40 PM - System Checkpoint
RP76: 12/28/2008 12:00:55 AM - System Checkpoint
RP77: 12/29/2008 12:23:45 AM - System Checkpoint
RP78: 12/30/2008 1:23:46 AM - System Checkpoint
RP79: 12/31/2008 2:23:45 AM - System Checkpoint
RP80: 1/1/2009 3:23:49 AM - System Checkpoint
RP81: 1/2/2009 4:23:49 AM - System Checkpoint
RP82: 1/3/2009 5:23:48 AM - System Checkpoint
RP83: 1/4/2009 6:23:50 AM - System Checkpoint
RP84: 1/5/2009 7:23:48 AM - System Checkpoint
RP85: 1/6/2009 8:23:49 AM - System Checkpoint
RP86: 1/7/2009 9:22:01 AM - System Checkpoint
RP87: 1/8/2009 11:01:53 AM - System Checkpoint
RP88: 1/9/2009 11:21:33 AM - System Checkpoint
RP89: 1/10/2009 12:49:21 PM - System Checkpoint
RP90: 1/11/2009 2:38:19 PM - System Checkpoint
RP91: 1/12/2009 3:00:35 PM - System Checkpoint
RP92: 1/13/2009 3:59:30 PM - System Checkpoint
RP93: 1/14/2009 3:00:18 AM - Software Distribution Service 3.0
RP94: 1/15/2009 3:00:18 AM - Software Distribution Service 3.0
RP95: 1/16/2009 3:12:52 AM - System Checkpoint
RP96: 1/17/2009 4:12:51 AM - System Checkpoint
RP97: 1/18/2009 4:48:03 AM - System Checkpoint
RP98: 1/19/2009 5:24:02 AM - System Checkpoint
RP99: 1/20/2009 6:12:05 AM - System Checkpoint
RP100: 1/21/2009 6:24:03 AM - System Checkpoint
RP101: 1/22/2009 6:24:11 AM - System Checkpoint
RP102: 1/23/2009 7:24:13 AM - System Checkpoint
RP103: 1/24/2009 7:54:08 AM - System Checkpoint
RP104: 1/25/2009 8:31:18 AM - System Checkpoint
RP105: 1/26/2009 10:56:36 AM - System Checkpoint
RP106: 1/27/2009 10:21:21 AM - Installed Microsoft Office Word Viewer 2003
RP107: 1/27/2009 10:25:05 AM - Installed Compatibility Pack for the 2007 Office system
RP108: 1/28/2009 10:40:13 AM - System Checkpoint
RP109: 1/29/2009 11:09:11 AM - System Checkpoint
RP110: 1/30/2009 11:34:42 AM - System Checkpoint
RP111: 1/31/2009 11:44:34 AM - System Checkpoint
RP112: 2/1/2009 12:44:33 PM - System Checkpoint
RP113: 2/2/2009 2:21:51 PM - System Checkpoint
RP114: 2/3/2009 2:23:12 PM - System Checkpoint
RP115: 2/4/2009 3:41:25 PM - System Checkpoint
RP116: 2/5/2009 4:55:39 PM - System Checkpoint
RP117: 2/6/2009 5:29:37 PM - System Checkpoint
RP118: 2/7/2009 6:23:29 PM - System Checkpoint
RP119: 2/8/2009 7:04:48 PM - System Checkpoint
RP120: 2/9/2009 8:31:25 PM - System Checkpoint
RP121: 2/10/2009 9:15:47 PM - System Checkpoint
RP122: 2/11/2009 9:59:14 AM - Software Distribution Service 3.0
RP123: 2/12/2009 11:34:27 AM - System Checkpoint
RP124: 2/13/2009 12:04:45 PM - System Checkpoint
RP125: 2/14/2009 3:31:30 PM - System Checkpoint
RP126: 2/15/2009 4:23:17 PM - System Checkpoint
RP127: 2/16/2009 5:12:08 PM - System Checkpoint
RP128: 2/17/2009 6:12:07 PM - System Checkpoint
RP129: 2/18/2009 7:12:07 PM - System Checkpoint
RP130: 2/19/2009 7:20:02 PM - System Checkpoint
RP131: 2/20/2009 7:31:10 PM - System Checkpoint
RP132: 2/21/2009 8:30:04 PM - System Checkpoint
RP133: 2/22/2009 9:30:06 PM - System Checkpoint
RP134: 2/23/2009 10:09:49 PM - System Checkpoint
RP135: 2/24/2009 11:09:49 PM - System Checkpoint
RP136: 2/25/2009 3:00:17 AM - Software Distribution Service 3.0
RP137: 2/25/2009 10:42:42 AM - Software Distribution Service 3.0
RP138: 2/25/2009 10:51:33 AM - Software Distribution Service 3.0
RP139: 2/26/2009 11:28:17 AM - System Checkpoint
RP140: 2/27/2009 11:41:57 AM - System Checkpoint
RP141: 2/28/2009 12:10:28 PM - System Checkpoint
RP142: 3/1/2009 12:46:03 PM - System Checkpoint
RP143: 3/2/2009 12:55:35 PM - System Checkpoint
RP144: 3/3/2009 6:08:17 PM - System Checkpoint
RP145: 3/4/2009 7:02:42 PM - System Checkpoint
RP146: 3/5/2009 7:38:38 PM - System Checkpoint
RP147: 3/6/2009 7:41:39 PM - System Checkpoint
RP148: 3/7/2009 8:00:16 PM - System Checkpoint

==== Installed Programs ======================

1600
1600_Help
1600Trb
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9
AiO_Scan
AiOSoftware
BufferChm
CA Anti-Spyware
CA Anti-Virus
CA Internet Security Suite
CA Personal Firewall
CA Pest Patrol Realtime Protection
CCScore
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
Director
DocProc
DocumentViewer
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
Fax
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP Image Zone Express
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HP Update
HPSystemDiagnostics
InstantShare
Java™ 6 Update 11
kgcbase
Kodak EasyShare software
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
netbrdg
NVIDIA Windows 2000/XP Display Drivers
OfotoXMI
PanoStandAlone
PhotoGallery
Picasa 3
ProductContext
QFolder
Readme
RegGenie v2.0
Scan
ScannerCopy
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SFR
SHASTA
skin0001
SkinsHP1
SKINXSDK
staticcr
The Print Shop Business Card Creator
tooltips
TrayApp
Unload
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VPRINTOL
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
WIRELESS

==== Event Viewer Messages From Past Week ========

3/9/2009 1:33:50 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 20 time(s).
3/9/2009 1:33:50 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 11 time(s).
3/9/2009 1:33:49 PM, error: DCOM [10005] - DCOM got error "%109" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
3/9/2009 1:33:46 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 18 time(s).
3/9/2009 1:33:46 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 10 time(s).
3/9/2009 1:33:41 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 16 time(s).
3/9/2009 1:33:41 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 9 time(s).
3/9/2009 1:33:37 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 14 time(s).
3/9/2009 1:33:37 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 8 time(s).
3/9/2009 1:33:33 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 12 time(s).
3/9/2009 1:33:33 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 7 time(s).
3/9/2009 1:33:28 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 10 time(s).
3/9/2009 1:33:28 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 6 time(s).
3/9/2009 1:33:24 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 8 time(s).
3/9/2009 1:33:24 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 1:33:19 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 1:33:19 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 4 time(s).
3/9/2009 1:27:34 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service PPCtlPriv with arguments "" in order to run the server: {F974178A-A284-440A-BEFC-5B0D11BCDB68}
3/9/2009 1:13:41 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/9/2009 12:51:40 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/9/2009 12:19:48 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 44 time(s).
3/9/2009 12:19:48 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 16 time(s).
3/9/2009 12:19:44 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 42 time(s).
3/9/2009 12:19:44 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 15 time(s).
3/9/2009 12:19:35 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 38 time(s).
3/9/2009 12:19:35 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 13 time(s).
3/9/2009 12:19:30 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 35 time(s).
3/9/2009 12:19:25 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 32 time(s).
3/9/2009 12:19:19 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 29 time(s).
3/9/2009 12:19:14 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 26 time(s).
3/9/2009 12:18:58 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 21 time(s).
3/9/2009 12:18:58 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s).
3/9/2009 12:02:01 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/8/2009 4:00:10 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
3/8/2009 2:31:47 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
3/8/2009 2:24:32 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 2 time(s).
3/8/2009 2:24:32 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
3/8/2009 2:17:17 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service UmxPol with arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}
3/7/2009 11:45:50 AM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/7/2009 11:44:19 AM, error: Dhcp [1002] - The IP address lease 192.168.1.104 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/9/2009 5:37:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service UmxPol with arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}
3/9/2009 5:38:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/9/2009 5:38:31 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips KmxAgent KmxFile KmxFw KmxStart Processor VET-FILT VET-REC VETEFILE VETMONNT
3/11/2009 1:20:19 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The Help and Support service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:45 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 7 time(s).
3/14/2009 11:50:26 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
3/14/2009 12:05:28 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 9 time(s).
3/14/2009 12:37:50 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/14/2009 12:42:56 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 34 time(s).
3/14/2009 12:43:01 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/2/2008 3:14:04 PM
System Uptime: 3/14/2009 1:23:51 PM (2 hours ago)

Motherboard: Hewlett-Packard | | HP WMTA System Board
Processor: Intel® Pentium® 4 CPU 1300MHz | Processor 1 | 1296/mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 149 GiB total, 130.428 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (FAT32) - 57 GiB total, 18.416 GiB free.
G: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP56: 12/8/2008 5:17:19 PM - System Checkpoint
RP57: 12/9/2008 5:43:27 PM - System Checkpoint
RP58: 12/10/2008 6:16:13 PM - System Checkpoint
RP59: 12/11/2008 6:23:38 PM - System Checkpoint
RP60: 12/12/2008 3:00:18 AM - Software Distribution Service 3.0
RP61: 12/13/2008 3:29:42 AM - System Checkpoint
RP62: 12/14/2008 4:17:15 AM - System Checkpoint
RP63: 12/15/2008 5:17:14 AM - System Checkpoint
RP64: 12/16/2008 5:31:11 AM - System Checkpoint
RP65: 12/17/2008 6:07:14 AM - System Checkpoint
RP66: 12/18/2008 6:31:14 AM - System Checkpoint
RP67: 12/18/2008 3:20:57 PM - Software Distribution Service 3.0
RP68: 12/19/2008 5:46:07 PM - System Checkpoint
RP69: 12/20/2008 6:25:00 PM - System Checkpoint
RP70: 12/21/2008 7:02:53 PM - System Checkpoint
RP71: 12/22/2008 7:53:27 PM - System Checkpoint
RP72: 12/23/2008 7:54:07 PM - System Checkpoint
RP73: 12/24/2008 8:54:08 PM - System Checkpoint
RP74: 12/25/2008 9:54:08 PM - System Checkpoint
RP75: 12/26/2008 11:06:40 PM - System Checkpoint
RP76: 12/28/2008 12:00:55 AM - System Checkpoint
RP77: 12/29/2008 12:23:45 AM - System Checkpoint
RP78: 12/30/2008 1:23:46 AM - System Checkpoint
RP79: 12/31/2008 2:23:45 AM - System Checkpoint
RP80: 1/1/2009 3:23:49 AM - System Checkpoint
RP81: 1/2/2009 4:23:49 AM - System Checkpoint
RP82: 1/3/2009 5:23:48 AM - System Checkpoint
RP83: 1/4/2009 6:23:50 AM - System Checkpoint
RP84: 1/5/2009 7:23:48 AM - System Checkpoint
RP85: 1/6/2009 8:23:49 AM - System Checkpoint
RP86: 1/7/2009 9:22:01 AM - System Checkpoint
RP87: 1/8/2009 11:01:53 AM - System Checkpoint
RP88: 1/9/2009 11:21:33 AM - System Checkpoint
RP89: 1/10/2009 12:49:21 PM - System Checkpoint
RP90: 1/11/2009 2:38:19 PM - System Checkpoint
RP91: 1/12/2009 3:00:35 PM - System Checkpoint
RP92: 1/13/2009 3:59:30 PM - System Checkpoint
RP93: 1/14/2009 3:00:18 AM - Software Distribution Service 3.0
RP94: 1/15/2009 3:00:18 AM - Software Distribution Service 3.0
RP95: 1/16/2009 3:12:52 AM - System Checkpoint
RP96: 1/17/2009 4:12:51 AM - System Checkpoint
RP97: 1/18/2009 4:48:03 AM - System Checkpoint
RP98: 1/19/2009 5:24:02 AM - System Checkpoint
RP99: 1/20/2009 6:12:05 AM - System Checkpoint
RP100: 1/21/2009 6:24:03 AM - System Checkpoint
RP101: 1/22/2009 6:24:11 AM - System Checkpoint
RP102: 1/23/2009 7:24:13 AM - System Checkpoint
RP103: 1/24/2009 7:54:08 AM - System Checkpoint
RP104: 1/25/2009 8:31:18 AM - System Checkpoint
RP105: 1/26/2009 10:56:36 AM - System Checkpoint
RP106: 1/27/2009 10:21:21 AM - Installed Microsoft Office Word Viewer 2003
RP107: 1/27/2009 10:25:05 AM - Installed Compatibility Pack for the 2007 Office system
RP108: 1/28/2009 10:40:13 AM - System Checkpoint
RP109: 1/29/2009 11:09:11 AM - System Checkpoint
RP110: 1/30/2009 11:34:42 AM - System Checkpoint
RP111: 1/31/2009 11:44:34 AM - System Checkpoint
RP112: 2/1/2009 12:44:33 PM - System Checkpoint
RP113: 2/2/2009 2:21:51 PM - System Checkpoint
RP114: 2/3/2009 2:23:12 PM - System Checkpoint
RP115: 2/4/2009 3:41:25 PM - System Checkpoint
RP116: 2/5/2009 4:55:39 PM - System Checkpoint
RP117: 2/6/2009 5:29:37 PM - System Checkpoint
RP118: 2/7/2009 6:23:29 PM - System Checkpoint
RP119: 2/8/2009 7:04:48 PM - System Checkpoint
RP120: 2/9/2009 8:31:25 PM - System Checkpoint
RP121: 2/10/2009 9:15:47 PM - System Checkpoint
RP122: 2/11/2009 9:59:14 AM - Software Distribution Service 3.0
RP123: 2/12/2009 11:34:27 AM - System Checkpoint
RP124: 2/13/2009 12:04:45 PM - System Checkpoint
RP125: 2/14/2009 3:31:30 PM - System Checkpoint
RP126: 2/15/2009 4:23:17 PM - System Checkpoint
RP127: 2/16/2009 5:12:08 PM - System Checkpoint
RP128: 2/17/2009 6:12:07 PM - System Checkpoint
RP129: 2/18/2009 7:12:07 PM - System Checkpoint
RP130: 2/19/2009 7:20:02 PM - System Checkpoint
RP131: 2/20/2009 7:31:10 PM - System Checkpoint
RP132: 2/21/2009 8:30:04 PM - System Checkpoint
RP133: 2/22/2009 9:30:06 PM - System Checkpoint
RP134: 2/23/2009 10:09:49 PM - System Checkpoint
RP135: 2/24/2009 11:09:49 PM - System Checkpoint
RP136: 2/25/2009 3:00:17 AM - Software Distribution Service 3.0
RP137: 2/25/2009 10:42:42 AM - Software Distribution Service 3.0
RP138: 2/25/2009 10:51:33 AM - Software Distribution Service 3.0
RP139: 2/26/2009 11:28:17 AM - System Checkpoint
RP140: 2/27/2009 11:41:57 AM - System Checkpoint
RP141: 2/28/2009 12:10:28 PM - System Checkpoint
RP142: 3/1/2009 12:46:03 PM - System Checkpoint
RP143: 3/2/2009 12:55:35 PM - System Checkpoint
RP144: 3/3/2009 6:08:17 PM - System Checkpoint
RP145: 3/4/2009 7:02:42 PM - System Checkpoint
RP146: 3/5/2009 7:38:38 PM - System Checkpoint
RP147: 3/6/2009 7:41:39 PM - System Checkpoint
RP148: 3/7/2009 8:00:16 PM - System Checkpoint

==== Installed Programs ======================

1600
1600_Help
1600Trb
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9
AiO_Scan
AiOSoftware
BufferChm
CA Anti-Spyware
CA Anti-Virus
CA Internet Security Suite
CA Personal Firewall
CA Pest Patrol Realtime Protection
CCScore
Compatibility Pack for the 2007 Office system
Copy
CP_AtenaShokunin1Config
cp_dwShrek2Albums1
cp_dwShrek2Cards1
CreativeProjects
CreativeProjectsTemplates
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
Director
DocProc
DocumentViewer
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
Fax
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
HP Extended Capabilities 4.7
HP Image Zone 4.7
HP Image Zone Express
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
HP Update
HPSystemDiagnostics
InstantShare
Java™ 6 Update 11
kgcbase
Kodak EasyShare software
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Word Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
netbrdg
NVIDIA Windows 2000/XP Display Drivers
OfotoXMI
PanoStandAlone
PhotoGallery
Picasa 3
ProductContext
QFolder
Readme
RegGenie v2.0
Scan
ScannerCopy
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SFR
SHASTA
skin0001
SkinsHP1
SKINXSDK
staticcr
The Print Shop Business Card Creator
tooltips
TrayApp
Unload
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
VPRINTOL
WebFldrs XP
WebReg
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
WinRAR archiver
WIRELESS

==== Event Viewer Messages From Past Week ========

3/9/2009 1:33:50 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 20 time(s).
3/9/2009 1:33:50 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 11 time(s).
3/9/2009 1:33:49 PM, error: DCOM [10005] - DCOM got error "%109" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
3/9/2009 1:33:46 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 18 time(s).
3/9/2009 1:33:46 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 10 time(s).
3/9/2009 1:33:41 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 16 time(s).
3/9/2009 1:33:41 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 9 time(s).
3/9/2009 1:33:37 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 14 time(s).
3/9/2009 1:33:37 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 8 time(s).
3/9/2009 1:33:33 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 12 time(s).
3/9/2009 1:33:33 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 7 time(s).
3/9/2009 1:33:28 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 10 time(s).
3/9/2009 1:33:28 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 6 time(s).
3/9/2009 1:33:24 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 8 time(s).
3/9/2009 1:33:24 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 1:33:19 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 5 time(s).
3/9/2009 1:33:19 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 4 time(s).
3/9/2009 1:27:34 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service PPCtlPriv with arguments "" in order to run the server: {F974178A-A284-440A-BEFC-5B0D11BCDB68}
3/9/2009 1:13:41 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/9/2009 12:51:40 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/9/2009 12:19:48 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 44 time(s).
3/9/2009 12:19:48 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 16 time(s).
3/9/2009 12:19:44 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 42 time(s).
3/9/2009 12:19:44 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 15 time(s).
3/9/2009 12:19:35 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 38 time(s).
3/9/2009 12:19:35 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 13 time(s).
3/9/2009 12:19:30 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 35 time(s).
3/9/2009 12:19:25 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 32 time(s).
3/9/2009 12:19:19 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 29 time(s).
3/9/2009 12:19:14 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 26 time(s).
3/9/2009 12:18:58 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 21 time(s).
3/9/2009 12:18:58 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 2 time(s).
3/9/2009 12:02:01 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/8/2009 4:00:10 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
3/8/2009 2:31:47 PM, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
3/8/2009 2:24:32 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 2 time(s).
3/8/2009 2:24:32 PM, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
3/8/2009 2:17:17 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service UmxPol with arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}
3/7/2009 11:45:50 AM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/7/2009 11:44:19 AM, error: Dhcp [1002] - The IP address lease 192.168.1.104 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/9/2009 5:37:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service UmxPol with arguments "-Service" in order to run the server: {4C89C3FD-5F94-4678-BBB5-F64759C3C54A}
3/9/2009 5:38:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/9/2009 5:38:31 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips KmxAgent KmxFile KmxFw KmxStart Processor VET-FILT VET-REC VETEFILE VETMONNT
3/11/2009 1:20:19 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 0010B58C1FD7 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The Help and Support service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:36 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 3 time(s).
3/11/2009 1:26:45 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 7 time(s).
3/14/2009 11:50:26 AM, error: Service Control Manager [7023] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: Access is denied.
3/14/2009 12:05:28 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 9 time(s).
3/14/2009 12:37:50 PM, error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/14/2009 12:42:56 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 34 time(s).
3/14/2009 12:43:01 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 59 time(s).
3/14/2009 12:56:50 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 15 time(s).

==== End Of File ===========================
terminated unexpectedly. It has done this 59 time(s).
3/14/2009 12:56:50 PM, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 15 time(s).

==== End Of File ===========================

Attached Files



BC AdBot (Login to Remove)

 


#2 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:01:58 AM

Posted 26 March 2009 - 02:16 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:01:58 AM

Posted 30 March 2009 - 11:55 PM

Due to the lack of feedback This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users