3 replies to this topic

[1984]

Hello. I leave my internet on all the time. Came back after a few hours, and some of my desktop items had been moved around. I rearrainged them, and then ran the following: ewido, spybot, adaware, etrust antivirus. Everything came back clean. No problems.

I then downloaded Samurize. Rebooted. Computer didnt turn on. Played around, and finally unplugged the power and voila! everything came back up. But now for whatever reason etrust wont updated itself-manually or automatically-it keeps saying i have no internet connection-which i obviously do. also, firefox periodically times it self out, and sometimes shuts itself down. hmmmm.

Heres my log, and (in advance) thanks so much for helping!


Logfile of HijackThis v1.99.1
Scan saved at 7:52:58 AM, on 6/25/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Samurize\Client.exe
C:\WINDOWS\hh.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAV.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\tv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1141265351607
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.c...tacceptlang.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1AE27AD2-9CE7-486E-867B-E29FF3E603E2}: NameServer = 142.161.130.155 142.161.2.155
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - C:\PROGRA~1\ATIMUL~1\RemCtrl\x10nets.exe (file missing)

[AndyManchesta]

Hi LOTW

The log looks fine, Ive noticed Desktop items moving after a reboot but not when the system is left running so thats abit strange, you have dumprep showing in the 04 area of the log so there has recently been an error on your system which maybe related,

Goto Start Menu > Run > type eventvwr and press OK to open the Event Viewer screen, check the Apllication and system tabs for errors (red circles with white X's) if you find any that maybe related to this double click them to open the properties pane (or right click and choose properties) and copy and paste the error reports back on here (you will have to press Control & C together after highlighting the text to copy it to clipboard, then right click and choose Paste either into a notepad file or back on here) if you do post any errors back also include the Event ID's for each which can be found on the properties pane.

Is your firewall configured correctly, Ive never used Kerio so Im not sure if its mostly automated and doesnt require setting up but if you do have a program control try allowing access to eTrust's components as explained Here and also Firefox to see if it helps, alternatively shut the firewall protection down and see if eTrust can then update

Let us know how it goes

Andy

[1984]

ok, im a dummy. disabled firewall, and etrust updated. hmmm. been using kerio for a couple of weeks, first time this happened.

now when i hit error log, it wont let me cut and paste. it just keeps coming up "whats this?"

i dont know what it is. and dont care. i just want to fix it. arrrrrrghghghgh!

now there is a button that says it sends to my clipboard, but i dont know where to find my clipboard. hmmm



oh, every error in my report (and there are a bunch) say event system (50) 4609, whatever that means.

and then there is a bunch that say perfnet 2004 whatever that means.

The COM+ Event System detected a bad return code during its internal processing. HRESULT was C0000005 from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.


haha, i should have read your instructions better. you couldnt have dumbed it down any better, and i still screwed up! arrrrhgghgh!

[AndyManchesta]

Hey LOTW,

Sorry about that, I could of explained it abit better , Im not sure what happened to the CA link I gave as I just tried it again and its now saying I should log in

You can get to the same page here if you didnt get a chance to see it

http://www.my-etrust...echSupport.aspx


Click Top 10 Questions then eTrust EZ Antivirus and finally AutoDownload - Common Problems

Im not that sure about your error events, you can read a description on them Here and Here but it seems to be a different process that caused it on each comment which doesnt help much

The 4609 error is also mentioned in support documents from MS Here and Here but I dont think they will help.

It might be easier to clear all the events and then see if it continues, goto Start > Run > Type eventvwr again and press OK, then right click the system and application tabs and choose Clear All Events (no need to save them when prompted) then after you reboot the PC, check it after an hour or two to see if its still recording the same errors.

Andy