Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With A Variety Of Adwares And Trojans


  • This topic is locked This topic is locked
2 replies to this topic

#1 CobWeb

CobWeb

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 24 May 2008 - 04:24 AM

Each time I use Firefox (ver. 2.0.0.14) I get a message stating that it has already been opened and I must end that session prior to beginning a new one, although I closed the browser in my previous session. This issue is resolved by rebooting. Then when I close the browser an error message appears. Several adwares and trojans are detected during virus scans but after cleaning/healing/deleting them they are again detected in repeat scans. I have never had problems with Firefox before.

MAIN.TXT
Deckard's System Scanner v20071014.68
Run by Admin on 2008-05-24 16:41:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
65: 2008-05-24 08:41:40 UTC - RP163 - Deckard's System Scanner Restore Point
64: 2008-05-23 05:51:41 UTC - RP162 - System Checkpoint
63: 2008-05-22 00:02:03 UTC - RP161 - Software Distribution Service 3.0
62: 2008-05-21 15:37:43 UTC - RP160 - System Checkpoint
61: 2008-05-20 11:28:57 UTC - RP159 - System Checkpoint


-- First Restore Point --
1: 2008-03-18 12:11:55 UTC - RP99 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Admin.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:43:16 PM, on 5/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Screen OCR\OCR.exe
C:\Program Files\RKLauncher\RKLauncher.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Installers\Utilities\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Admin.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: UserInit=userinit.exe,mma.bat
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Screen OCR] C:\Program Files\Screen OCR\OCR.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SpywareBlaster] C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - Startup: RK Launcher.lnk = ?
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3D3BF1F8-9696-4A5E-B4F1-49101C997B70} (VaxSIPUserAgentCAB Control) - http://www.earthcaller.com/VaxSIPUserAgentCAB.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209531846546
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe

--
End of file - 7860 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 mdmxsdk - c:\windows\system32\drivers\mdmxsdk.sys <Not Verified; Conexant; Diagnostic Interface x86 Driver>
R2 XAudio - c:\windows\system32\drivers\xaudio.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HSF_DPV - c:\windows\system32\drivers\hsx_dpv.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 HSXHWAZL - c:\windows\system32\drivers\hsxhwazl.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
R3 winachsf - c:\windows\system32\drivers\hsx_cnxt.sys <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>

S3 Bcfilter (Jetico Personal Firewall Network Monitor) - c:\windows\system32\drivers\bcfilter.sys (file missing)
S3 BcfilterMP - c:\windows\system32\drivers\bcfilter.sys (file missing)
S3 btaudio (Bluetooth Audio Device) - c:\windows\system32\drivers\btaudio.sys (file missing)
S3 BTDriver (Bluetooth Virtual Communications Driver) - c:\windows\system32\drivers\btport.sys (file missing)
S3 BTKRNL (Bluetooth Bus Enumerator) - c:\windows\system32\drivers\btkrnl.sys (file missing)
S3 BTWDNDIS (Bluetooth LAN Access Server) - c:\windows\system32\drivers\btwdndis.sys (file missing)
S3 vmfilter303 - c:\windows\system32\drivers\vmfilter303.sys (file missing)
S3 ZSMC303 (A4 TECH PC Camera H) - c:\windows\system32\drivers\usbvm303.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 o2flash (O2Micro Flash Memory Card Service) - "c:\program files\o2micro oz128 driver\o2flash.exe" <Not Verified; O2Micro International; O2 MS1/MP1 Service>
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>

S2 XAudioService - c:\windows\system32\drivers\xaudio.exe <Not Verified; Conexant Systems, Inc.; SoftK56 Modem Driver>
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/Wireless 3945ABG Network Connection
Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10018086&REV_02\4&20975680&0&00E1
Manufacturer: Intel Corporation
Name: Intel® PRO/Wireless 3945ABG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10018086&REV_02\4&20975680&0&00E1
Service: NETw4x32


-- Scheduled Tasks -------------------------------------------------------------

2008-05-24 08:01:16 390 --a------ C:\WINDOWS\Tasks\1-Click Maintenance.job


-- Files created between 2008-04-24 and 2008-05-24 -----------------------------

2008-05-23 09:54:59 0 d-------- C:\Program Files\Pocket CHM
2008-05-22 11:39:13 0 d-------- C:\Program Files\FreeRIP3.08
2008-05-21 17:40:06 102160 --a------ C:\WINDOWS\system32\VB6CHS.DLL <Not Verified; Microsoft Corporation; Visual Basic Environment>
2008-05-21 17:40:06 18944 --a------ C:\WINDOWS\system32\TabCtCHS.dll <Not Verified; Microsoft Corporation; TabCtl32 Object Library>
2008-05-21 17:40:06 89600 --a------ C:\WINDOWS\system32\CMCTLCHS.DLL <Not Verified; Microsoft Corporation; COMCTL>
2008-05-21 14:19:25 837904 --a------ C:\WINDOWS\system32\Hha.dll <Not Verified; Microsoft Corporation; HTML Help>
2008-05-21 14:19:25 0 d-------- C:\Program Files\Common Files\WinCHM
2008-05-21 13:30:52 86016 --a------ C:\WINDOWS\system32\MSFilter.dll
2008-05-21 13:30:51 154352 --a------ C:\WINDOWS\system32\Itcc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows NT® Operating System>
2008-05-21 13:30:49 0 d-------- C:\Program Files\PowerCHM
2008-05-21 13:07:15 0 d-------- C:\tmppath
2008-05-21 09:43:29 0 d-------- C:\Program Files\WinHTTrack
2008-05-15 16:51:13 0 d-------- C:\Documents and Settings\Admin\Application Data\MozillaControl
2008-05-15 16:49:59 0 d-------- C:\WINDOWS\'Full Speed' Internet Booster + Performance Tests
2008-05-15 16:49:59 0 d-------- C:\Program Files\'Full Speed' Internet Booster + Performance Tests
2008-05-15 16:49:05 0 d-------- C:\aidualc3
2008-05-13 10:38:57 0 d-------- C:\Program Files\WinDjView
2008-05-09 17:33:37 0 d-------- C:\Program Files\Quick Screen Capture
2008-05-09 15:10:46 256951933 --a------ C:\HitmanCodename47Setup.exe
2008-05-08 14:22:40 724992 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2008-05-08 14:22:36 0 d-------- C:\WINDOWS\Skyscape
2008-05-08 14:22:36 0 d-------- C:\Program Files\Common Files\Skyscape
2008-05-04 14:53:29 0 d-------- C:\Program Files\SpywareBlaster
2008-05-04 14:49:21 0 d--h----- C:\$AVG8.VAULT$
2008-05-04 13:42:08 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-04 13:42:08 0 d-------- C:\Documents and Settings\Admin\Application Data\AVGTOOLBAR
2008-05-04 13:41:58 0 d-------- C:\Program Files\AVG
2008-05-04 13:41:58 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-04 09:43:11 0 d-------- C:\Program Files\Enigma Software Group
2008-05-03 19:50:34 0 d-------- C:\Program Files\Screen OCR
2008-05-03 17:34:57 0 d-------- C:\Program Files\PDF Password Remover v3.0
2008-05-03 17:32:18 0 d-------- C:\Program Files\FreeOCR24
2008-05-03 14:47:56 0 d-------- C:\Program Files\PDF Toolbox
2008-05-02 00:33:56 0 d-------- C:\download
2008-05-02 00:00:01 0 d-------- C:\Documents and Settings\Admin\Application Data\Offline Explorer
2008-05-01 23:49:57 0 d-------- C:\Program Files\Offline Explorer Enterprise
2008-05-01 23:42:19 0 d-------- C:\Program Files\OEE
2008-05-01 13:42:32 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-04-30 13:54:25 0 d-------- C:\Program Files\EsetOnlineScanner
2008-04-30 11:16:54 0 d-------- C:\Program Files\Panda Security
2008-04-30 11:16:53 1841 --a------ C:\WINDOWS\mozver.dat
2008-04-30 01:20:28 0 d-------- C:\Documents and Settings\Admin\Application Data\Gamelab
2008-04-28 18:36:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Escape From Paradise
2008-04-24 08:38:58 0 d-------- C:\Program Files\capturedit
2008-04-24 08:09:45 0 d-------- C:\Documents and Settings\Admin\Application Data\FastStone


-- Find3M Report ---------------------------------------------------------------

2008-05-24 16:41:40 0 d-------- C:\Documents and Settings\Admin\Application Data\Free Download Manager
2008-05-24 16:22:30 0 d-------- C:\Program Files\RKLauncher
2008-05-22 20:51:40 0 d-------- C:\Documents and Settings\Admin\Application Data\LimeWire
2008-05-21 14:19:25 0 d-------- C:\Program Files\Common Files
2008-05-15 20:02:00 0 --a------ C:\WINDOWS\system32\MAGIK
2008-05-11 10:27:53 0 d-------- C:\Documents and Settings\Admin\Application Data\Skype
2008-05-11 10:27:44 0 d-------- C:\Documents and Settings\Admin\Application Data\skypePM
2008-05-04 10:26:49 0 d-------- C:\Documents and Settings\Admin\Application Data\Uniblue
2008-05-03 12:59:21 0 d-------- C:\Program Files\LimeWire
2008-04-27 23:42:38 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-22 12:37:06 0 d-------- C:\Documents and Settings\Admin\Application Data\GameHouse
2008-04-21 12:32:10 4096 --a------ C:\WINDOWS\d3dx.dat
2008-04-20 06:01:09 0 d-------- C:\Program Files\Exact Audio Copy
2008-04-13 18:57:34 0 d-------- C:\Program Files\iWin.com
2008-04-10 16:00:44 0 d-------- C:\Program Files\PurgeIE
2008-04-08 11:46:06 0 d-------- C:\Program Files\bfgclient
2008-04-07 11:45:07 0 d-------- C:\Program Files\ReflexiveArcade
2008-04-06 23:22:13 0 d-------- C:\Program Files\MagicPDF
2008-04-06 23:20:41 0 d-------- C:\Documents and Settings\Admin\Application Data\OpenOffice.org2
2008-04-05 00:56:30 0 d-------- C:\Program Files\FreeRIP3
2008-04-04 23:05:19 0 d-------- C:\Program Files\LameFE
2008-04-04 18:46:12 0 d-------- C:\Program Files\Lame
2008-04-02 12:07:01 0 d-------- C:\Documents and Settings\Admin\Application Data\Grisoft
2008-03-30 00:50:42 0 d-------- C:\Documents and Settings\Admin\Application Data\DelinvFile
2008-03-29 14:45:59 2275840 --a------ C:\WINDOWS\system32\TUKernel.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-29 14:43:28 0 d-------- C:\Program Files\TuneUp Utilities 2007
2008-03-29 11:35:16 0 d-------- C:\Documents and Settings\Admin\Application Data\Songbird1
2008-03-29 10:36:10 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-29 10:36:10 45066 --a------ C:\WINDOWS\BricoPackUninst.cmd
2008-03-29 10:36:10 2433 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-03-28 15:06:02 0 d-------- C:\Documents and Settings\Admin\Application Data\Mozilla
2008-03-28 15:06:01 0 d-------- C:\Documents and Settings\Admin\Application Data\Thunderbird
2008-03-26 15:49:38 0 d-------- C:\Program Files\Password Protect
2008-03-26 15:48:00 0 d-------- C:\Documents and Settings\Admin\Application Data\PDM
2008-03-26 15:42:33 0 d-------- C:\Program Files\Audacity
2008-02-27 10:50:56 30 --a------ C:\WINDOWS\system32\symbios.sys
2008-02-26 12:08:47 66 --a------ C:\WINDOWS\system32\SQSDRVRM.SYS
2008-02-26 11:57:16 36 --a------ C:\WINDOWS\system32\drvlock.sys


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
05/04/2008 01:42 PM 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [05/16/2008 07:19 AM]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [05/04/2008 01:41 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Screen OCR"="C:\Program Files\Screen OCR\OCR.exe" [03/28/2008 07:33 PM]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
"SpywareBlaster"="C:\Program Files\SpywareBlaster\spywareblaster.exe" [02/28/2008 12:26 AM]

C:\Documents and Settings\Admin\Start Menu\Programs\Startup\
RK Launcher.lnk - C:\Program Files\RKLauncher\RKLauncher.exe [4/10/2008 11:55:59 AM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NofolderOptions"=0 (0x0)
"NoInternetIcon"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe,mma.bat"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83130273-9427-11dc-b05d-001b77e76f65}]
AutoRun\command- F:\ntde1ect.com
explore\Command- F:\ntde1ect.com
open\Command- F:\ntde1ect.com




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8543 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-05-24 16:44:01 ------------


EXTRA.TXT
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Core™ Duo CPU T2350 @ 1.86GHz
CPU 1: Intel® Core™ Duo CPU T2350 @ 1.86GHz
Percentage of Memory in Use: 40%
Physical Memory (total/avail): 1014.11 MiB / 604.66 MiB
Pagefile Memory (total/avail): 2443.21 MiB / 2140.33 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1933.66 MiB

C: is Fixed (NTFS) - 37.21 GiB total, 14.17 GiB free.
D: is Fixed (NTFS) - 37.31 GiB total, 4.19 GiB free.
E: is CDROM (No Media)
F: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST980811AS - 74.53 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 37.21 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 37.31 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
AV: avast! antivirus 4.8.1201 [VPS 080523-0] v4.8.1201 (ALWIL Software) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\\Program Files\\Halite\\Halite.exe"="C:\\Program Files\\Halite\\Halite.exe:*:Enabled:Halite BitTorrent Client"
"C:\\Program Files\\Free Download Manager\\fdm.exe"="C:\\Program Files\\Free Download Manager\\fdm.exe:*:Disabled:Free Download Manager"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"="C:\\Program Files\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\WinHTTrack\\WinHTTrack.exe"="C:\\Program Files\\WinHTTrack\\WinHTTrack.exe:*:Enabled:WinHTTrack Website Copier, Web Site mirroring for professional and private purposes"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Admin\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=XXX-81E0BB1B94D
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Admin
LOGONSERVER=\\XXX-81E0BB1B94D
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\PROGRA~1\MOZILL~1;C:\PROGRA~1\MOZILL~1;C:\Program Files\Mozilla Firefox;C:\Program Files\Trend Micro\HijackThis;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e0c
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Admin\LOCALS~1\Temp
TMP=C:\DOCUME~1\Admin\LOCALS~1\Temp
USERDOMAIN=XXX-81E0BB1B94D
USERNAME=Admin
USERPROFILE=C:\Documents and Settings\Admin
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Admin (admin)
A S H


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\NuNInst.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AnalogX Vocal Remover (WinAmp) --> C:\Program Files\Plugins\wavremu.exe
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Broadcom Gigabit Integrated Controller --> MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
DelinvFile - 3.03 --> "C:\Program Files\PurgeIE\unins000.exe"
DVD Suite --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
FLV Player --> "C:\WINDOWS\FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Free Download Manager 2.5 --> "C:\Program Files\Free Download Manager\unins000.exe"
FreeOCR.net --> "C:\WINDOWS\FreeOCR.net Uninstaller.exe"
FreeRIP v3.08 --> "C:\Program Files\FreeRIP3.08\unins000.exe"
Halite 0.3.0.2 --> "C:\Program Files\Halite\unins000.exe"
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
HP Photo and Imaging 2.0 - All-in-One --> MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
HP Photo and Imaging 2.0 - All-in-One Drivers --> MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
HP Photo and Imaging 2.0 - hp psc 1200 series --> C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
hp psc 1200 series --> MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
Intel® Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
iSilo --> C:\Program Files\iSilo\iSilo\ISWSetup.exe /u
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
MagicPDF 2.0 --> "C:\Program Files\MagicPDF\unins000.exe"
Microsoft Encarta Premium 2006 DVD --> MsiExec.exe /I{06040081-3E21-46D6-9A91-D927BA08F41D}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Text-to-Speech Engine 4.0 (English) --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msTTSf22.inf, Uninstall
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Essentials --> MsiExec.exe /X{8DA83EA6-E731-4722-958D-613399AE1033}
O2Micro Flash Memory Card Reader Driver Installer(x86) --> MsiExec.exe /X{78764173-3805-4916-B3CE-B433702B8870}
OpenOffice.org 2.3 --> MsiExec.exe /I{CA8C4435-4DF7-4FEB-9C87-4AB93DE8FD7B}
Opera 9.25 --> MsiExec.exe /X{C619B312-19F3-460A-9F7B-443248379F18}
Password Protect 3.2 --> "C:\Program Files\Password Protect\unins000.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Quick Screen Capture 3.0 --> "C:\Program Files\Quick Screen Capture\unins000.exe"
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Return of the Incredible Machine - Contraptions --> D:\Games\CONTRA~1\UNWISE.EXE D:\Games\CONTRA~1\INSTALL.LOG
Screen OCR 5.5 --> C:\Program Files\Screen OCR\OCR.exe /u
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
SierraHome Print Artist 8.0 --> C:\WINDOWS\IsUninst.exe -f"C:\Sierra\Print Artist 8.0\Uninst.isu" -c"C:\Sierra\Print Artist 8.0\Uninstpa.DLL"
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The Sims 2 --> D:\Games\EA GAMES\The Sims 2\EAUninstall.exe
TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E}
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinHTTrack Website Copier 3.42-2 --> "C:\Program Files\WinHTTrack\unins000.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG


-- Application Event Log -------------------------------------------------------

Event Record #/Type2691 / Error
Event Submitted/Written: 05/24/2008 11:11:41 AM
Event ID/Source: 1001 / Application Error
Event Description:
Fault bucket 716700207.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication. The current setting has been marked as failed and the Wireless connection will be disconnected.

Event Record #/Type2690 / Error
Event Submitted/Written: 05/24/2008 11:11:35 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.40413, faulting module nss3.dll, version 3.11.5.0, fault address 0x000306df.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type2689 / Error
Event Submitted/Written: 05/24/2008 10:55:00 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application ICEReaderRetail.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type2688 / Error
Event Submitted/Written: 05/24/2008 10:51:17 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application ICEReaderRetail.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type2687 / Error
Event Submitted/Written: 05/24/2008 10:51:17 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application ICEReaderRetail.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type202 / Error
Event Submitted/Written: 05/24/2008 04:24:20 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The XAudioService service failed to start due to the following error:
%%193

Event Record #/Type195 / Warning
Event Submitted/Written: 05/24/2008 02:15:04 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type189 / Warning
Event Submitted/Written: 05/24/2008 00:25:45 PM
Event ID/Source: 4 / b57w2k
Event Description:
Broadcom NetLink ™ Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Event Record #/Type173 / Warning
Event Submitted/Written: 05/23/2008 10:00:28 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type152 / Error
Event Submitted/Written: 05/23/2008 07:46:02 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The XAudioService service failed to start due to the following error:
%%193



-- End of Deckard's System Scanner: finished at 2008-05-24 16:44:01 ------------

BC AdBot (Login to Remove)

 


#2 drex23

drex23

    Bleeping Existence


  • Members
  • 456 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:19 PM

Posted 21 June 2008 - 10:24 AM

Hi, sorry for the delay. If you would still like assistance, please run Deckard's System Scanner again and post the new log here.

#3 drex23

drex23

    Bleeping Existence


  • Members
  • 456 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:19 PM

Posted 27 June 2008 - 11:02 AM

Due to the lack of feedback, this topic is closed.

If you need this topic reopened due to continuation of your original problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin your own topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users