TechSpot

Applications crash randomly

By Bobobobobob
Jul 25, 2011
  1. Hi,

    On this computer, applications crash randomly. (Occasionally, I also get bluescreens; The errors/drivers named in the BSOD vary each time.) This has been happening for about 3 weeks. Due to the nature of the crashes, I had assumed faulty RAM; I ran memtest86 for a day without error, and became suspicious of a virus.

    Applications often run for hours before crashing, seemingly depending on type; games tend to crash often, while i've never seen a crash in (e.g.) explorer.exe.

    Many security/virus detection programs crash immediately when run (Including "Malwarebytes Anti-Malware" and "DDS").

    I ran GMER; Using it, I determined that "pci.sys" was infected with "Rootkit.Win32.TDSS", which I fixed using "TDSSKiller" from kaspersky.com
    NB: I didn't see any of the symptoms normally associated with that particular virus.

    I still get random crashes/BSODs.

    Since Malwarebytes Anti-Malware and DDS (still) don't run, here's just the log from GMER (this is from _after_ the pci.sys virus was removed)

    I've removed some irrelevant entries that pre-date the crashes. (related to sygate personal firewall)
    ====================================================

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-07-26 00:09:50
    Windows 5.1.2600 Service Pack 2
    Running: ezfudmbi.exe; Driver: z:\temp\pgtyqpow.sys


    ---- System - GMER 1.0.15 ----


    ---- Kernel code sections - GMER 1.0.15 ----

    ? 83246160.sys The system cannot find the file specified. !
    ? trnr.sys The system cannot find the file specified. !
    ? tsk4.tmp The system cannot find the file specified. !
    .text C:\WINDOWS.0\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9B63380, 0x346307, 0xE8000020]
    ? z:\temp\mbr.sys The system cannot find the file specified. !

    ---- Kernel IAT/EAT - GMER 1.0.15 ----


    ---- Devices - GMER 1.0.15 ----

    Device \Driver\PCI \Device\NTPNP_PCI0002 tsk4.tmp
    Device \Driver\PCI \Device\NTPNP_PCI0003 tsk4.tmp
    Device \Driver\PCI \Device\NTPNP_PCI0010 tsk4.tmp
    Device \Driver\PCI \Device\NTPNP_PCI0004 tsk4.tmp
    Device \Driver\PCI \Device\NTPNP_PCI0005 tsk4.tmp
    Device \Driver\PCI \Device\NTPNP_PCI0006 tsk4.tmp
    Device \Driver\PCI \Device\NTPNP_PCI0009 tsk4.tmp

    ---- Processes - GMER 1.0.15 ----

    Process hidden process (*** hidden *** ) 1310724
    Process hidden process (*** hidden *** ) 1638404
    Process hidden process (*** hidden *** ) 7733252
    Process hidden process (*** hidden *** ) 5439492
    Process hidden process (*** hidden *** ) 9371652
    Process hidden process (*** hidden *** ) 7536644
    Process hidden process (*** hidden *** ) 7798788
    Process hidden process (*** hidden *** ) 9437188
    Process hidden process (*** hidden *** ) 9699332
    Process hidden process (*** hidden *** ) 9764868

    ---- EOF - GMER 1.0.15 ----

    Not terribly useful. Now what?

    Thanks in advance,
    Bob.
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! I'll help check to see if malware is the problem.

    Please note: When you run a scan and leave the log for me to review, you do not remove entries that you think are irrelevant. Therefore, I will delete this GMER log as it has been tampered with. And since the scan is dated 2011-07-26 - a date which isn't for 4 more days, your computer date setting is incorrect.:
    Right click on the Clock in the Notification Area> Choose "Adjust date/time> Check both the date and time on the screen and change what is wrong> Make sure the boxes for 'adjust for daylight savings time' are checked> Click on the Time Zone tab and make sure you are in the correct zone> Click on the Internet Time tab> make sure there is a server set> then click on Check Now.

    If you have any problem, let me know and I'll give you a different time server. This one setting could cause the crashes as many program/apps/updates are time and date sensitive.
    ==============================================
    If you get through that okay, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ==================================================
    Repeat GMER with a new download and scan.
    If there is still a problem with Malwarebytes, do the following:
    Please download randmbam.exe

    It will try to create random names and shortcuts for Malwarebytes Anti Malware(MBAM) if you have it installed already. Once done, try running a scan again
    ================================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.
    If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
    It's very important that you remove any of the scan download on the system now, then download from my links. Since your original scans were run with an incorrect date and possibly time, it will affect any udate for the scans.
     
  3. Bobobobobob

    Bobobobobob TS Rookie Topic Starter

    Renaming MalwareBytes and DDS helped, though Malwarebytes crashed the first 4 times i tried to run it.

    ======================================================================================

    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7275

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 6.0.2900.2180

    2011/07/25 5:45:23
    mbam-log-2011-07-25 (05-45-23).txt

    Scan type: Quick scan
    Objects scanned: 232038
    Time elapsed: 10 minute(s), 35 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    =======================================================================================

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2011-07-25 05:34:10
    Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST340810A rev.3.99
    Running: 38uthj94.exe; Driver: z:\temp\pgtyqpow.sys


    ---- Devices - GMER 1.0.15 ----

    Device \Driver\Tcpip \Device\Ip wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
    Device \Driver\Tcpip \Device\Tcp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
    Device \Driver\Tcpip \Device\Udp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)
    Device \Driver\Tcpip \Device\RawIp wpsdrvnt.sys (wpsdrvnt/Sygate Technologies, Inc.)

    ---- Processes - GMER 1.0.15 ----

    Process hidden process (*** hidden *** ) 1310724
    Process hidden process (*** hidden *** ) 1638404
    Process hidden process (*** hidden *** ) 7733252
    Process hidden process (*** hidden *** ) 5439492
    Process hidden process (*** hidden *** ) 9371652
    Process hidden process (*** hidden *** ) 7536644
    Process hidden process (*** hidden *** ) 7798788
    Process hidden process (*** hidden *** ) 9437188
    Process hidden process (*** hidden *** ) 9699332
    Process hidden process (*** hidden *** ) 9764868

    ---- EOF - GMER 1.0.15 ----


    =======================================================================================
    .
    DDS (Ver_2011-06-23.01) - NTFSx86
    Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_24
    Run by Bob at 5:28:05 on 2011-07-25
    Microsoft Windows XP Professional 5.1.2600.2.932.81.1033.18.1535.792 [GMT 12:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS.0\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS.0\System32\svchost.exe -k netsvcs
    C:\Program Files\SPF\smc.exe
    svchost.exe
    C:\WINDOWS.0\Explorer.EXE
    Z:\from-y\stuff\WinKeyKiller\WKeyKill.exe
    svchost.exe
    Z:\Program Files\Firefox\firefox.exe
    C:\WINDOWS.0\system32\taskmgr.exe
    C:\WINDOWS.0\system32\conime.exe
    C:\WINDOWS.0\system32\ctfmon.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = about:blank
    mWinlogon: SfcDisable=-99 (0xffffff9d)
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [Google Update] "c:\documents and settings\bob\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [ctfmon.exe] c:\windows.0\system32\ctfmon.exe
    mRun: [SmcService] c:\progra~1\spf\smc.exe -startgui
    StartupFolder: c:\docume~1\bob\startm~1\programs\startup\no-ipd~1.lnk - c:\program files\no-ip\DUC20.exe
    StartupFolder: c:\docume~1\bob\startm~1\programs\startup\shortc~2.lnk - z:\pie\pcap.exe
    StartupFolder: c:\docume~1\bob\startm~1\programs\startup\shortc~1.lnk - z:\from-y\stuff\winkeykiller\WKeyKill.exe
    uPolicies-explorer: NoActiveDesktop = 01000000
    dPolicies-explorer: NoSMHelp = 1 (0x1)
    dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
    DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{24A8741D-DD56-4ECC-B705-B4D84A84EEB7} : DhcpNameServer = 192.168.1.254
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\mi1933~1\office12\GR99D3~1.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL
    .
    ============= SERVICES / DRIVERS ===============
    .
    R2 postgresql-9.0;postgresql-9.0 - PostgreSQL Server 9.0;Z:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-9.0" -D "Z:/Program Files/PostgreSQL/9.0/data" -w --> Z:/Program Files/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N postgresql-9.0 [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows.0\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 NPF;NetGroup Packet Filter Driver;c:\windows.0\system32\drivers\npf.sys --> c:\windows.0\system32\drivers\npf.sys [?]
    S3 AMPCORE;AMPCORE;z:\programming\amd\codeanalyst\bin\ampcore.sys [2010-6-18 44488]
    S3 CAPROF;CAPROF;z:\programming\amd\codeanalyst\bin\caprof.sys [2010-6-18 49360]
    S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows.0\system32\drivers\ftd2xx.sys --> c:\windows.0\system32\drivers\FTD2XX.sys [?]
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows.0\system32\drivers\vboxnetadp.sys --> c:\windows.0\system32\drivers\VBoxNetAdp.sys [?]
    S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows.0\system32\drivers\vboxnetflt.sys --> c:\windows.0\system32\drivers\VBoxNetFlt.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows.0\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    S4 CALoadService;CALoadService;z:\programming\amd\codeanalyst\bin\CALoadService.exe [2010-6-18 69632]
    S4 vsdatant;vsdatant; [x]
    .
    =============== Created Last 30 ================
    .
    2011-07-25 09:49:47 -------- d-----w- c:\documents and settings\bob\application data\Malwarebytes
    2011-07-25 09:49:41 -------- d-----w- c:\documents and settings\all users.windows.0\application data\Malwarebytes
    2011-07-24 16:31:28 41272 ----a-w- c:\windows.0\system32\drivers\mbamswissarmy.sys
    2011-07-24 16:31:25 22712 ----a-w- c:\windows.0\system32\drivers\mbam.sys
    2011-07-07 06:22:49 -------- d-----w- c:\documents and settings\bob\local settings\application data\Oblivion
    2011-07-04 02:44:11 404640 ----a-w- c:\windows.0\system32\FlashPlayerCPLApp.cpl
    .
    ==================== Find3M ====================
    .
    2011-07-25 09:59:50 68224 ----a-w- c:\windows.0\system32\drivers\pci.sys
    2011-07-13 08:25:47 6154 ----a-w- c:\windows.0\system32\PerfStringBackup.TMP
    2011-06-20 10:00:59 25992 ----a-w- c:\windows.0\system32\pgdfgsvc.exe
    .
    ============= FINISH: 5:28:34.25 ===============

    =================================================================================================
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-06-23.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume2
    Install Date: 2008/03/10 22:46:57
    System Uptime: 2011/07/25 4:48:09 (1 hours ago)
    .
    Motherboard: | | K7VM4
    Processor: AMD Athlon(tm) XP 2500+ | Socket-A | 1831/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 8 GiB total, 0.628 GiB free.
    E: is FIXED (NTFS) - 29 GiB total, 5.765 GiB free.
    Z: is FIXED (NTFS) - 233 GiB total, 5.174 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    .
    7-Zip 9.20
    Ace of Spades
    Adobe AIR
    Adobe Digital Editions
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    AI War
    AnalogX HyperTrace
    Anathema 1.3
    Apple Software Update
    Application Verifier
    ATLAS Translation Standard V14.0 Trial Version
    Audiosurf
    Autodesk 3ds Max 8
    Avencast?
    AviSynth 2.5
    Battle for Wesnoth 1.6.5
    C-Media WDM Audio Driver
    Call of Duty(R) 2 Patch 1.3
    Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
    Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
    Castle Vox 1.13
    Chocolate Castle
    CodeAnalyst Performance Analyzer
    Command & Conquer The First Decade
    Coq Version 8.3
    Counter-Strike: Source
    Creeper World
    Debugging Tools for Windows
    DesertCombat 0.7
    Diablo II
    Dig-N-Rig version 1.0
    Din's Curse 1.001
    DROD: Journey to Rooted Hold 2.0.12
    Dune 2000
    Every Day Genius Square Logic
    ffdshow v1.1.3507 [2010-07-07]
    GHC 6.12.3
    GIMP 2.6.11
    GOM Player
    GOMTV Streamer
    Google Chrome
    Google Talk (remove only)
    GraphicsGale FreeEdition version 1.93.16
    GTK+ Runtime 2.14.7 rev a (remove only)
    Gtk2Hs 0.10.0
    Haali Media Splitter
    Harvest Massive Encounter
    HDM
    Hero Editor V0.96
    Heroes of Might and Magic V - Tribes of the East
    Heroes of Might and Magic V Collector Edition
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB945282)
    Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946040)
    Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946308)
    Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947540)
    Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947789)
    Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB945282)
    Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946040)
    Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946308)
    Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947540)
    Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947789)
    Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB948127)
    Hotfix for Windows XP (KB942288-v3)
    Hotfix for Windows XP (KB954550-v5)
    IrfanView (remove only)
    Java Auto Updater
    Java(TM) 6 Update 24
    Java(TM) SE Development Kit 6 Update 24
    JISHOP 5.3
    Malwarebytes' Anti-Malware version 1.51.1.1800
    Matroska (remove only)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Application Compatibility Toolkit 5.0
    Microsoft AppLocale
    Microsoft Document Explorer 2008 (6001.18000.367)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Visio Professional 2003
    Microsoft Office Word MUI (English) 2007
    Microsoft Platform SDK (3790.1830)
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft SQL Server 2008 Management Objects
    Microsoft SQL Server Compact 3.5 SP1 Design Tools English
    Microsoft SQL Server Compact 3.5 SP1 English
    Microsoft Text-to-Speech Engine 4.0 (English)
    Microsoft VC Redist 2008 (6001.18000.367)
    Microsoft Visual C# 2008 Express Edition with SP1 - ENU
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
    Microsoft Windows Application Compatibility Database
    Microsoft Windows Driver Development Kit Uninstall - 3790.1830
    Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
    Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
    Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
    Microsoft Windows SDK for Windows 7 (7.1)
    Microsoft Windows SDK for Windows Server 2008 (6001.18000.367)
    Microsoft Windows SDK for Windows Server 2008 .NET Documentation (6001.18000.367)
    Microsoft Windows SDK for Windows Server 2008 Common Utilities (6001.18000.367)
    Microsoft Windows SDK for Windows Server 2008 Headers and Libraries (6001.18000.367)
    Microsoft Windows SDK for Windows Server 2008 Utilities for Win32 Development (6001.18000.367)
    Microsoft Windows SDK for Windows Server 2008 Win32 Documentation (6001.18000.367)
    Microsoft Windows SDK MDAC Headers and Libraries (6001.18000.367)
    Microsoft XNA Framework Redistributable 3.0
    Microsoft XNA Framework Redistributable 3.1
    MinGW 5.1.6
    mIRC
    Mobipocket Reader 6.2
    Mozilla Firefox (3.6.18)
    Mozilla Firefox (3.6.3)
    Mozilla Firefox 5.0 (x86 en-GB)
    MSXML 6.0 Parser (KB933579)
    Mumble and Murmur
    Neverwinter Nights
    NifSkope (remove only)
    No-IP.com DUC (remove only)
    NUnit 2.4.8
    NVIDIA Cg Toolkit 3.0 July 2010
    NVIDIA Drivers
    Oblivion
    Oblivion - Construction Set
    Oblivion mod manager 1.1.12
    OpenAL
    Osmos v1.5.6
    Pidgin
    Planescape - Torment
    Populous: The Beginning
    Populous: Undiscovered Worlds - Patch
    Poser 8 (8.0.0.10157)
    Poser Pro 2010 Content
    PostgreSQL 9.0
    Python 2.5 numpy-1.1.0
    Python 2.5 pygame-1.8.0
    Python 2.6 SCons - a software construction tool
    Python 2.6.4
    Python 3.1.3
    Reactive Extensions (Rx) for .NET Framework 3.5 SP1
    Real Alternative 1.9.0 Lite
    RGSS-RTP Standard
    RPG Maker 2000 1.05
    RPG Maker 2003 v1.08
    RPG Maker VX
    RPG Maker VX RTP
    RPGXP
    Security Update for Windows XP (KB958644)
    SlimDX Redistributable (March 2009)
    SlimDX SDK (June 2010)
    SpeechRedist
    Spybot - Search & Destroy
    SQL Server System CLR Types
    Standard ML of New Jersey
    Starcraft
    Steam
    SumatraPDF
    Sygate Personal Firewall
    TaoFramework 2.1.0
    Team Fortress 2
    TES Construction Set
    TmNationsForever
    TortoiseGit 1.4.4.0 (32 bit)
    Total Annihilation
    Tweak UI
    Unity Web Player
    VLC media player 1.1.9
    Warcraft III: All Products
    Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
    Windows Imaging Component
    Windows Installer 3.1 (KB893803)
    Windows Live installer
    Windows Live Messenger
    Windows Live Sign-in Assistant
    WinPcap 4.1.2
    WinRAR archiver
    Wireshark 1.4.4
    XCC Utilities 1.46
    XML Paper Specification Shared Components Pack 1.0
    XPS Essentials Pack
    XPS Essentials Pack 1.0
    ╬╝Torrent
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2011/07/25 23:23:52, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    2011/07/25 22:54:21, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    2011/07/25 21:38:39, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd
    2011/07/25 21:38:39, error: Service Control Manager [7000] - The NetGroup Packet Filter Driver service failed to start due to the following error: The system cannot find the file specified.
    2011/07/25 21:14:03, error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    2011/07/25 21:10:02, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    2011/07/25 21:05:25, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    2011/07/25 21:05:08, error: sptd [4] - Driver detected an internal error in its data structures for .
    2011/07/25 20:59:35, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: This operation returned because the timeout period expired.
    2011/07/25 20:45:28, error: Service Control Manager [7034] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
    2011/07/25 20:45:23, error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    2011/07/21 18:54:14, error: DCOM [10000] - Unable to start a DCOM Server: {1F69F884-285E-418E-9715-B9EEE402DD5F}. The error: "%5" Happened while starting this command: "C:\Program Files\Common Files\Microsoft Shared\Help 9\dexplore.exe" -Embedding
    .
    ==== End Of File ===========================
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    How to remove a second installation of a Windows operating system from a partition> See
    http://support.microsoft.com/kb/888023

    =========================================
    There are 3 fixed drive with almost no space left on any. There are no System, Restore Points.
    =========================================
    How much RAM do you have? I am hardpressed to know how you can have so muc installed on a Win XP system.
    ========================================
    Please run the following:

    Download CKScanner and save to your desktop.
    • Doubleclick CKScanner.exe and click Search For Files.
    • When the cursor hourglass disappears, click Save List To File.
    • A message box will verify that the file is saved.
    • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents
      in your next reply.
    ==============================================
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESETOnlineScan
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      [o] Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
      [o] Double click on the [​IMG]on your desktop.
    • Check 'Yes I accept terms of use.'
    • Click Start button
    • Accept any security warnings from your browser.
      [​IMG]
    • Uncheck 'Remove found threats'
    • Check 'Scan archives/
    • Leave remaining settings as is.
    • Press the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please wait for the scan to finish.
    • When the scan completes, press List of found threats
    • Push Export of text file and save the file to your desktop using a unique name, such as ESETScan. Paste this log in your next reply.
    • Push the Back button
    • Push Finish

    NOTE: If no malware is found then no log will be produced. Let me know if this is the case.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...