Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"secure Pc Cleaner" And "pc Privacy Cleaner" Pop-ups And Browser Hijack


  • This topic is locked This topic is locked
2 replies to this topic

#1 alou

alou

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:25 AM

Posted 24 June 2008 - 01:56 AM

Every time I start my computer, Internet Explorer pops up with the "Secure PC Cleaner" website. Shortly thereafter, a "system message!" appears in my notifications toolbar (the bottom corner, by the clock? Did I get the name right?) which takes my browser to "PC Privacy Cleaner." This happens every time I start my computer, and sometimes randomly in the middle of the day. I don't know how to make it stop! I followed the instructions in the Preparation Guide, and my DSS reports are below. I didn't have time for a Kasperksy online scan, but if the DSS reports aren't enough, I can do the Kaspersky scan later. Thank you for any help you can give.



Deckard's System Scanner v20071014.68
Run by user on 2008-06-24 15:34:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; System Restore is disabled (service is not running).


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 479 MiB (512 MiB recommended).


-- HijackThis (run as user.exe) ------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at ?? 3:35:51, on 2008-06-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hauri\ViRobot Desktop 5.5\AccessControl\HFACSvc.exe
C:\Program Files\Hauri\ViRobot Desktop 5.5\hpcsvc.exe
C:\Program Files\Hauri\Common\hsvcmod.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hauri\ViRobot Desktop 5.5\PCFirewall\vrfwsvc.exe
C:\Program Files\Hauri\Common\Base\vrmonsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\PWC3800\PWCam.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hauri\Common\Base\VRMONNT.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Hauri\Common\Base\vrrepair.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hauri\ViRobot Desktop 5.5\PCFirewall\vrfwsock.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\hauri\virobot desktop 5.5\antivirus\vrrw32.exe
c:\program files\common files\mozilla shared\firefox.exe
C:\Documents and Settings\user\Desktop\dss.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\HIJACK~1\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nytimes.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {44EA1630-636F-4D7B-A9B7-32C2F31E7AB2} - c:\windows\system32\ihcagfx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: IEHelpObj Class - {EC45E3FE-C16D-4F24-9238-D1B49AD74815} - C:\Program Files\Hauri\ViRobot Desktop 5.5\Service\hWebMan.dll
O2 - BHO: (no name) - {F8417D71-21CA-4EA9-ACF0-16C4F7BA2C0C} - C:\WINDOWS\system32\adsmsextp.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PWCam] C:\Program Files\Common Files\PWC3800\PWCam.exe
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE PLEOMAX PWC-3800
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Vrmon] C:\Program Files\Hauri\Common\Base\VRMONNT.EXE
O4 - HKLM\..\Run: [HEProtect] C:\Program Files\Hauri\ViRobot Desktop 5.5\AntiSpam\HSockPE.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_12\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {057E566C-74EE-495E-81D9-7A17AA835070} (MMServer Control) - http://www.mnet.com/Ver2/App/totalApp/maxmemo/MaxMemo.cab
O16 - DPF: {27E4B2A9-D554-40DE-B6CD-F11E9B44FBD0} (SimFileControl Control) - http://simfile.chol.com/activex/SimFileControl.cab
O16 - DPF: {40A217E1-BDDA-44DE-9BBC-D678C7B48603} (EspressoAgent Control) - http://www.bluemountainsoft.com/Agent/EspressoAgent.ocx
O16 - DPF: {414D6B9A-5F95-45C9-933D-76867756ACA7} (KSEEK SEGIO WebHard Control) - http://file.segio.com/segion/segionfilex/segionfilex_kr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1187983955609
O16 - DPF: {646D956E-6E48-4F84-98F9-67627A4D222A} (DMWebAgent Control) - http://www.diskman.co.kr/cab/dmwebagent.cab
O16 - DPF: {882A7CC6-0163-4BC1-8BC1-505E36C9FFA2} (MaxHelper Control) - http://www.mnet.com/Ver2/App/totalApp/maxh...r/maxhelper.cab
O16 - DPF: {9CBC0296-6A35-470E-BA9A-F33A587AF7A7} (FileMgr Control) - http://www.xdisk.co.kr/app/bin/FileMgr.cab
O16 - DPF: {AAEF9ABF-7233-4AF8-B024-A4D24B7FA1D6} (Broadian Launcher with vista) - http://thumb.pandora.tv/pandora/_live_img/...VimLauncher.cab
O16 - DPF: {CB5C683C-416A-4701-B018-0F1B21D64D6B} (SKCInst1 Class) - http://cyimg7.cyworld.com/cymusic/package/skcinst.cab
O16 - DPF: {D912AABC-6CB0-416F-85B6-CABBB86FD558} (INIwallet60 Control) - http://plugin.inicis.com/wallet60/INIwallet60.cab
O16 - DPF: {E4812635-737D-443F-BEF4-02A4FF837D99} (UpdateCtrl Control) - http://imgcdn.pandora.tv/noraebang/UpdateC.../UpdateCtrl.cab
O16 - DPF: {EACD6BE5-C0EE-4909-9B71-B2807C8A245C} (JukeOn Login Control) - http://dl.jukeon.co.kr/jukeon/jukeon2/2007...01/jukeonax.cab
O16 - DPF: {F4BAF5BA-ED00-4EEE-8ED6-CA43CB30FE68} (SpeechFlashLite.SR_interface) - http://www.hiswill.co.kr/activex/speechflashlite.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{C13CBB53-5D56-4028-9324-ED2123844B59}: NameServer = 168.126.63.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WinCtrl32 - C:\WINDOWS\SYSTEM32\WinCtrl32.dll
O20 - Winlogon Notify: wzkjagvf - C:\WINDOWS\SYSTEM32\ihcagfx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ViRobot for WinNT™ Folder Protect (HFACSVC) - hauri - C:\Program Files\Hauri\ViRobot Desktop 5.5\AccessControl\HFACSvc.exe
O23 - Service: ViRobot Communication Service (hpcsvc) - HAURI - C:\Program Files\Hauri\ViRobot Desktop 5.5\hpcsvc.exe
O23 - Service: Hauri Common Service (hsvcmod) - HAURI Inc. - C:\Program Files\Hauri\Common\hsvcmod.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Hauri Firewall (vrfwsvc) - Hauri inc. - C:\Program Files\Hauri\ViRobot Desktop 5.5\PCFirewall\vrfwsvc.exe
O23 - Service: ViRobot Desktop Monitoring (vrmonsvc) - HAURI - C:\Program Files\Hauri\Common\Base\vrmonsvc.exe
O23 - Service: ViRobot Repairing Service (vrrepair) - HAURI - C:\Program Files\Hauri\Common\Base\vrrepair.exe

--
End of file - 8587 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 biO28 - c:\windows\system32\drivers\bio28.sys
R0 qlznaoma - c:\windows\system32\drivers\qlznaoma.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 DgiVecp (Team MFP Comm Driver) - c:\windows\system32\drivers\dgivecp.sys <Not Verified; Samsung Electronics Co., Ltd.; Samsung Electronics Co., Ltd. VECP for Windows 2000, XP>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>
R3 VrAcFil - c:\windows\system32\drivers\vracfil.sys <Not Verified; HAURI; VRAC Filter for Windows NT/2K/XP>
R3 VRFWNTD5 (VRFWNTD5 Hauri Network Driver) - c:\windows\system32\drivers\vrfwntd5.sys <Not Verified; Hauri Corporation; NDIS Hooking Driver for Windows 2000 above>
R3 VRsecos - c:\windows\system32\drivers\vrsecos.sys <Not Verified; HAURI; VRsecos for Windows NT/2K/XP>

S3 cfproctect - c:\windows\system32\drivers\cfprotect.sys
S3 scsk4 (SCSK4 Driver Service) - c:\windows\system32\drivers\scsk4.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 hpcsvc (ViRobot Communication Service) - "c:\program files\hauri\virobot desktop 5.5\hpcsvc.exe" <Not Verified; HAURI; HpcSvc>
R2 hsvcmod (Hauri Common Service) - c:\program files\hauri\common\hsvcmod.exe <Not Verified; HAURI Inc.; HAURI hsvcmod>
R2 vrfwsvc (Hauri Firewall) - c:\program files\hauri\virobot desktop 5.5\pcfirewall\vrfwsvc.exe <Not Verified; Hauri inc.; Hauri Firewall Service>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1002&DEV_4386&SUBSYS_B046144D&REV_00\3&2411E6FE&0&9D
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1002&DEV_4386&SUBSYS_B046144D&REV_00\3&2411E6FE&0&9D
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-06-24 08:01:13 434 --a------ C:\WINDOWS\Tasks\At1.job


-- Files created between 2008-05-24 and 2008-06-24 -----------------------------

2008-06-24 08:24:39 0 d-------- C:\Documents and Settings\LocalService\Application Data\HAURI
2008-06-23 18:36:21 0 d-------- C:\HijackThis
2008-06-23 09:29:23 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-23 09:26:32 0 d-------- C:\Program Files\Common Files\Download Manager
2008-06-23 08:02:58 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Macromedia
2008-06-23 08:02:57 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Adobe
2008-06-20 10:38:02 0 d-------- C:\Documents and Settings\user\Application Data\HAURI
2008-06-20 10:29:43 27260 -----n--- C:\WINDOWS\system32\drivers\vracfil.sys <Not Verified; HAURI; VRAC Filter for Windows NT/2K/XP>
2008-06-20 10:29:42 15644 -----n--- C:\WINDOWS\system32\drivers\VRsecos.sys <Not Verified; HAURI; VRsecos for Windows NT/2K/XP>
2008-06-20 10:29:41 81792 --a------ C:\WINDOWS\system32\drivers\VRFWNTD5.SYS <Not Verified; Hauri Corporation; NDIS Hooking Driver for Windows 2000 above>
2008-06-20 10:29:17 0 d-------- C:\Program Files\Hauri
2008-06-18 08:51:36 0 d-------- C:\Documents and Settings\user\Application Data\Mozilla
2008-06-18 08:42:24 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-17 09:43:06 0 d-------- C:\Documents and Settings\Guest\Application Data\Google
2008-06-17 09:41:32 0 d--h----- C:\Documents and Settings\Guest\Templates
2008-06-17 09:41:32 0 dr------- C:\Documents and Settings\Guest\Start Menu
2008-06-17 09:41:32 0 dr-h----- C:\Documents and Settings\Guest\SendTo
2008-06-17 09:41:32 0 dr-h----- C:\Documents and Settings\Guest\Recent
2008-06-17 09:41:32 0 d--h----- C:\Documents and Settings\Guest\PrintHood
2008-06-17 09:41:32 0 d--h----- C:\Documents and Settings\Guest\NetHood
2008-06-17 09:41:32 0 dr------- C:\Documents and Settings\Guest\My Documents
2008-06-17 09:41:32 0 d--h----- C:\Documents and Settings\Guest\Local Settings
2008-06-17 09:41:32 0 dr------- C:\Documents and Settings\Guest\Favorites
2008-06-17 09:41:32 0 d-------- C:\Documents and Settings\Guest\Desktop
2008-06-17 09:41:32 0 d---s---- C:\Documents and Settings\Guest\Cookies
2008-06-17 09:41:32 0 d---s---- C:\Documents and Settings\Guest\Application Data\Microsoft
2008-06-17 09:41:32 0 dr-h----- C:\Documents and Settings\Guest\Application Data
2008-06-17 09:41:31 786432 --ah----- C:\Documents and Settings\Guest\NTUSER.DAT
2008-06-17 09:40:29 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Mozilla
2008-06-17 09:40:29 0 d-------- C:\Documents and Settings\NetworkService\Application Data\bgstkhlg
2008-06-17 09:34:57 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-06-16 19:36:46 0 d-------- C:\Documents and Settings\user\Application Data\LocalLow
2008-06-16 19:36:39 0 d-------- C:\Program Files\Naver
2008-06-05 14:12:18 0 d-------- C:\Documents and Settings\user\Application Data\bgstkhlg
2008-06-04 08:13:26 0 d-------- C:\Program Files\Common Files\Mozilla Shared
2008-06-04 08:00:38 15360 -----n--- C:\WINDOWS\system32\WinCtrl32.dll
2008-06-04 08:00:38 30080 --a------ C:\WINDOWS\system32\drivers\biO28.sys
2008-06-04 08:00:34 12288 --a------ C:\WINDOWS\system32\magnifyh.exe
2008-06-04 08:00:08 0 d-------- C:\WINDOWS\system32\AppCert
2008-06-03 16:56:12 127488 --a------ C:\WINDOWS\system32\adptifm.dll <Not Verified; Xngexacxqz Corporation; Microsoft® Windows® Operating System>
2008-06-03 16:55:58 88064 --a------ C:\WINDOWS\system32\adsmsextp.dll
2008-05-29 08:01:36 0 d--hs---- C:\WINDOWS\CSC
2008-05-27 15:07:25 10240 --a------ C:\WINDOWS\system32\drivers\cfprotect.sys
2008-05-27 15:04:24 0 d-------- C:\Program Files\CFTeam
2008-05-27 14:58:11 0 d-------- C:\Documents and Settings\user\Application Data\GRETECH
2008-05-27 14:57:56 0 d-------- C:\Program Files\GRETECH
2008-05-27 14:56:32 1751 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache


-- Find3M Report ---------------------------------------------------------------

2008-06-24 14:59:10 0 d-------- C:\Documents and Settings\user\Application Data\U3
2008-06-24 08:33:36 137599 --a------ C:\logfile
2008-06-23 09:26:32 0 d-------- C:\Program Files\Common Files
2008-06-20 11:53:06 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2008-06-20 10:29:36 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-20 10:29:17 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-19 14:39:46 0 d-------- C:\Documents and Settings\user\Application Data\Skype
2008-06-19 09:40:59 0 d-------- C:\Documents and Settings\user\Application Data\skypePM
2008-03-28 13:41:45 390144 --a------ C:\WINDOWS\system32\BTNexgenIPL32.dll <Not Verified; Binary Technologies; NexgenIPL>
2008-03-28 13:41:37 147456 --a------ C:\WINDOWS\system32\proghelp.dll <Not Verified; Microsoft Corporation; Windows Media Device Manager>
2008-03-28 13:41:37 528384 --a------ C:\WINDOWS\system32\p3xv.dll <Not Verified; peeringportal; peeringportal p3xv>
2008-03-28 13:41:37 200704 --a------ C:\WINDOWS\system32\p3evwms.dll <Not Verified; Einsdigital; P3EINS VoD WMT Splitter>
2008-03-28 13:41:37 450560 --a------ C:\WINDOWS\system32\p3evweb.dll <Not Verified; ; p3evctrl Module>
2008-03-28 13:41:37 147456 --a------ C:\WINDOWS\system32\p3evf1.dll <Not Verified; Einsdigital; P3EINS VoD Sourcer>
2008-03-28 13:41:37 782336 --a------ C:\WINDOWS\system32\p3evctrl.dll <Not Verified; Einsdigital; P3EINS VoD Control>
2008-03-28 13:41:37 360448 --a------ C:\WINDOWS\system32\p3edweb.dll <Not Verified; ; P3EDCtrl Module>
2008-03-28 13:41:37 135168 --a------ C:\WINDOWS\system32\p3edf1.dll <Not Verified; Neowiz Corporation.; p3edf1>
2008-03-28 13:41:37 491520 --a------ C:\WINDOWS\system32\mp3lib.dll
2008-03-28 13:41:37 36864 --a------ C:\WINDOWS\system32\MAMACExtract.dll
2008-03-28 13:41:37 196608 --a------ C:\WINDOWS\system32\jukeon_v.exe <Not Verified; Einsdigital; P3EINS VoD Server>
2008-03-28 13:41:37 92216 --a------ C:\WINDOWS\system32\bass.dll <Not Verified; Un4seen Developments; >


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{44EA1630-636F-4D7B-A9B7-32C2F31E7AB2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EC45E3FE-C16D-4F24-9238-D1B49AD74815}]
2007-05-15 ?? 02:17 135168 --------- C:\Program Files\Hauri\ViRobot Desktop 5.5\Service\hWebMan.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F8417D71-21CA-4EA9-ACF0-16C4F7BA2C0C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 ?? 06:04 C:\WINDOWS\SkyTel.exe]
"PWCam"="C:\Program Files\Common Files\PWC3800\PWCam.exe" [2005-05-04 ?? 03:04]
"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [2006-08-09 ?? 02:25]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2003-01-21 ?? 03:19]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-14 ?? 03:15]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_12\bin\jusched.exe" [2007-05-02 ?? 04:15]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 ?? 11:12 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 ?? 06:43 C:\WINDOWS\Alcmtr.exe]
"Vrmon"="C:\Program Files\Hauri\Common\Base\VRMONNT.EXE" [2007-11-07 ?? 04:00]
"HEProtect"="C:\Program Files\Hauri\ViRobot Desktop 5.5\AntiSpam\HSockPE.exe" [2007-04-11 ?? 08:10]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 ?? 09:24]
"@"="" []
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 ?? 01:35]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-29 ?? 10:07]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 ?? 12:56]
"tava"="" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-06-21 ?? 10:56:14]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WinCtrl32]
WinCtrl32.dll 2008-06-24 ?? 08:25 15360 C:\WINDOWS\system32\WinCtrl32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wzkjagvf]
ihcagfx.dll 2001-08-23 ?? 05:00 84992 C:\WINDOWS\system32\ihcagfx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\biO28.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
npngqvxr


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
AutoRun\command- J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2818fcc4-f917-11dc-b2c7-00137752dbb9}]
AutoRun\command- E:\spq.bat
explore\Command- E:\spq.bat
open\Command- E:\spq.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{958ff93d-9f77-11dc-b2a3-00137752dbb9}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Open(&0)\command- E:\Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0cc184e-075e-11dd-b2d4-00137752dbb9}]
AutoRun\command- J:\i.bat
explore\Command- J:\i.bat
open\Command- J:\i.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6ac47d6-0c9c-11dd-b2dc-00137752dbb9}]
Auto\command- J:\fun.xls.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6ac47d7-0c9c-11dd-b2dc-00137752dbb9}]
Auto\command- J:\fun.xls.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL fun.xls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe23aacc-2c33-11dd-b301-00137752dbb9}]
AutoRun\command- J:\lp3c.bat
explore\Command- J:\lp3c.bat
open\Command- J:\lp3c.bat

*Newly Created Service* - VRADFIL



-- End of Deckard's System Scanner: finished at 2008-06-24 15:36:33 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel Pentium II processor
Percentage of Memory in Use: 80%
Physical Memory (total/avail): 478.04 MiB / 92.76 MiB
Pagefile Memory (total/avail): 1120.75 MiB / 432.05 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1935.86 MiB

C: is Fixed (NTFS) - 78.13 GiB total, 70.64 GiB free.
D: is Fixed (Unformatted) - 0 GiB total, 0 GiB free.
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD2500JS-55NCB1 - 232.88 GiB - 3 partitions
\PARTITION0 - Unknown - 5 GiB
\PARTITION1 (bootable) - Installable File System - 78.13 GiB - C:
\PARTITION2 - Extended w/Extended Int 13 - 44.86 GiB - D:

\\.\PHYSICALDRIVE1 - USB 2.0 READER -CF USB Device

\\.\PHYSICALDRIVE4 - USB 2.0 READER -MS USB Device

\\.\PHYSICALDRIVE3 - USB 2.0 READER -SD USB Device

\\.\PHYSICALDRIVE2 - USB 2.0 READER -SM/xD USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AntivirusOverride is set.

AV: HAURI AntiVirus ViRobot vVersion 5 (HAURI)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MessagePopup\\MsgPopup.exe"="C:\\Program Files\\MessagePopup\\MsgPopup.exe:*:Enabled:MsgPopup"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\WINDOWS\\system32\\skcbgm.exe"="C:\\WINDOWS\\system32\\skcbgm.exe:*:Enabled:SK Communications Cyworld BGM Player"
"C:\\WINDOWS\\system32\\jukeon_e.exe"="C:\\WINDOWS\\system32\\jukeon_e.exe:*:Enabled:SayClub & JukeOn Music Control"
"C:\\WINDOWS\\system32\\jukeon_v.exe"="C:\\WINDOWS\\system32\\jukeon_v.exe:*:Enabled:P3EINS VoD Server"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\WINDOWS\\system32\\P3MxSvr.exe"="C:\\WINDOWS\\system32\\P3MxSvr.exe:*:Enabled:Maxmp3 AoD Control"
"C:\\WINDOWS\\system32\\p3mxvsvr.exe"="C:\\WINDOWS\\system32\\p3mxvsvr.exe:*:Enabled:MAXMP3 VOD Control"
"C:\\WINDOWS\\system32\\mnetasvr.exe"="C:\\WINDOWS\\system32\\mnetasvr.exe:*:Enabled:MNet AoD Server"
"C:\\WINDOWS\\system32\\mnetvsvr.exe"="C:\\WINDOWS\\system32\\mnetvsvr.exe:*:Enabled:MNet VoD Server"
"C:\\Program Files\\Naver\\NaverPhone\\NaverPhone.exe"="C:\\Program Files\\Naver\\NaverPhone\\NaverPhone.exe:*:Enabled:NaverPhone"
"C:\\Program Files\\Naver\\NaverPhone\\NpToSpBridge.exe"="C:\\Program Files\\Naver\\NaverPhone\\NpToSpBridge.exe:*:Enabled:Naver PCtoPhone Bridge"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\user\Application Data
CLASSPATH=C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=CON
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\user
LOGONSERVER=\\CON
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 22 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=1601
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\user\LOCALS~1\Temp
TMP=C:\DOCUME~1\user\LOCALS~1\Temp
USERDOMAIN=CON
USERNAME=user
USERPROFILE=C:\Documents and Settings\user
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

user (admin)
Guest (new local, guest)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
¾Ë¾÷µ¥ÀÌÆ® --> "C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ÇÑ±Û ºä¾î 2002 --> MsiExec.exe /I{64BA2986-C58A-44F1-A0C0-BFF47BE06DF6}
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\System32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
ArcSoft PhotoImpression 4 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A58D0D22-6CE2-44CE-B970-FC651E2CD56D}\Setup.exe" -l0x9
ArcSoft VideoImpression 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{351530FE-77E9-463A-AF90-F22854F26803}\Setup.exe" -l0x9
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock --> MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
GOM Player --> "C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\DOCUME~1\user\LOCALS~1\Temp\Temporary Directory 1 for HiJackThis.zip\HijackThis.exe" /uninstall
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
J2SE Runtime Environment 5.0 Update 12 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150120}
kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_145da36\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
PandoraTV VimViewer --> C:\Program Files\PandoraTVMini\addon\LIVE\VimViewer\VimUninstaller.exe PandoraTV VimViewer
PLEOMAX PWC-3800 --> C:\Program Files\InstallShield Installation Information\{264A8828-CFE6-4614-8284-3A94B4457A5D}\Setup.exe 1
QuickTime --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{929408E6-D265-4174-805F-81D1D914E2A4} /l1033
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
Samsung ML-3050 Series --> C:\Program Files\Samsung\Samsung ML-3050 Series\Install\Setup.exe /R
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001 --> MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Skype™ 3.6 --> MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
ViRobot Desktop 5.5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{08CC6CEF-3AF6-400C-BCF2-E7AB5E0AB649}\Setup.exe" -l0x9
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
xdisk 2.24 --> C:\Program Files\xdisk\uninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type566 / Error
Event Submitted/Written: 06/23/2008 09:42:08 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application swdsvc.exe, version 5.0.5.23, faulting module kernel32.dll, version 5.1.2600.3119, fault address 0x00012a5b.
Processing media-specific event for [swdsvc.exe!ws!]

Event Record #/Type565 / Error
Event Submitted/Written: 06/23/2008 09:30:42 AM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application is-0JPT1.tmp, version 51.47.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Event Record #/Type553 / Warning
Event Submitted/Written: 06/19/2008 10:18:06 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{90110409-6000-11D3-8CFE-0150048383C9}', feature 'SpellingAndGrammarFiles_1036' failed during request for component '{E938403A-9432-11D2-900A-00805F9B1201}'

Event Record #/Type551 / Error
Event Submitted/Written: 06/19/2008 07:57:19 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application BN2.tmp, version 0.0.0.0, faulting module BN2.tmp, version 0.0.0.0, fault address 0x0000108d.
Processing media-specific event for [BN2.tmp!ws!]

Event Record #/Type548 / Error
Event Submitted/Written: 06/18/2008 08:30:56 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application BN1.tmp, version 0.0.0.0, faulting module BN1.tmp, version 0.0.0.0, fault address 0x0000108d.
Processing media-specific event for [BN1.tmp!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type5587 / Error
Event Submitted/Written: 06/24/2008 11:45:00 AM
Event ID/Source: 34 / W32Time
Event Description:
The time service has detected that the system time needs to be
changed by -57434 seconds. The time service will not change the system
time by more than -54000 seconds. Verify that your time and time zone
are correct, and that the time source time.windows.com (ntp.m|0x1|10.10.11.251:123->207.46.232.182:123) is working properly.

Event Record #/Type5474 / Error
Event Submitted/Written: 06/23/2008 09:42:09 AM
Event ID/Source: 7034 / Service Control Manager
Event Description:
The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).

Event Record #/Type5418 / Error
Event Submitted/Written: 06/23/2008 08:14:13 AM
Event ID/Source: 8032 / BROWSER
Event Description:
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{C13CBB53-5D56-4028-9324-ED2123844B59}.
The backup browser is stopping.

Event Record #/Type5417 / Warning
Event Submitted/Written: 06/23/2008 08:10:13 AM
Event ID/Source: 8021 / BROWSER
Event Description:
The browser was unable to retrieve a list of servers from the browser master \\WONDER on the network \Device\NetBT_Tcpip_{C13CBB53-5D56-4028-9324-ED2123844B59}.
The data is the error code.

Event Record #/Type5415 / Error
Event Submitted/Written: 06/23/2008 08:00:15 AM
Event ID/Source: 16 / Windows Update Agent
Event Description:
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.



-- End of Deckard's System Scanner: finished at 2008-06-24 15:36:33 ------------

BC AdBot (Login to Remove)

 


m

#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:25 AM

Posted 29 June 2008 - 07:22 AM

Hello, my name is fenzodahl512 and welcome to BC.. Since its already 5 days since your last log, please post a fresh Deckard System Scanner log for further review...


Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:08:25 AM

Posted 06 July 2008 - 04:47 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users