1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Please Help!! HJT Log Posted. Runtime errors !!!

Discussion in 'Virus & Other Malware Removal' started by CRILEY70, Aug 6, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    I had previously cleared up some problems prior to this post with MFDnSC I believe his log on was. Now I am having the same problems all over again with the runtime errors. Everytime I go to a certain webpage I get a "Runtime Error Line 55" and ask me if I want to debug. Have any clue??

    Logfile of HijackThis v1.99.1
    Scan saved at 12:23:44 AM, on 8/6/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\DSentry.exe
    C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\PROGRA~1\COMMON~1\AOL\115483~1\EE\AOLHOS~1.EXE
    C:\PROGRA~1\COMMON~1\AOL\115483~1\EE\AOLServiceHost.exe
    C:\Program Files\Hijackthis\HijackThis.exe
    C:\Program Files\America Online 9.0\waol.exe
    C:\Program Files\America Online 9.0\shellmon.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe" -startup
    O4 - HKLM\..\Run: [LXBLKsk] C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1154837422\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\RunOnce: [AOL Deskbar Installation] regsvr32 /s "C:\Program Files\AOL Deskbar\deskbar.dll"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com/cp/install/AxCtp.cab
    O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://mail.blanchardmachinery.com/iNotes6.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} (AOL Newport Editor Ctrl) - http://pictures.aolcdn.com/ap/Resources/1.2.0.38/cab/aolpPlugins.10.1.0.0.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147189280734
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
    O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
    O16 - DPF: {BDD2F926-8158-4F62-9E0D-B3B75FD1F07F} (McObjectFactory Class) - http://download.mcafee.com/molbin/shared/McMySec/en-us/1,0,0,2/mcmysec.cab
    O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://aolsvc.aol.com/onlinegames/sonybewitched/main.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/iwincarambadeluxe/zylomgamesplayer.cab
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://aolsvc.aol.com/onlinegames/shapo/shapo.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v7.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4815/mcfscan.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
     
  2. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    I ran Ewido and had a couple of things show up. Worm.Randon and Hijacker.Agent.A. I fixed those and here is another HJT log and the Ewido Log.


    Logfile of HijackThis v1.99.1
    Scan saved at 3:27:08 PM, on 8/6/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\WINDOWS\system32\drivers\KodakCCS.exe
    C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Common Files\AOL\1154837422\ee\AOLSoftware.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\ScsiAccess.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Dell Support\DSAgnt.exe
    C:\Program Files\America Online 9.0\waol.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
    C:\Program Files\America Online 9.0\shellmon.exe
    C:\Program Files\Dell\Media Experience\PCMService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Lexmark\Lexmark Photo Center\MemoryCardManager.exe" -startup
    O4 - HKLM\..\Run: [LXBLKsk] C:\PROGRA~1\Lexmark\PHOTOC~1\LXBLKsk.exe
    O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1154837422\ee\AOLSoftware.exe"
    O4 - HKLM\..\Run: [AOLDialer] "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [RealTray] "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
    O4 - HKLM\..\Run: [IPHSend] "C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
    O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {38578BF0-0ABB-11D3-9330-0080C6F796A1} (Create & Print ActiveX Plug-in) - http://www.imgag.com/cp/install/AxCtp.cab
    O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://mail.blanchardmachinery.com/iNotes6.cab
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - https://objects.aol.com/mcafee/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} (AOL Newport Editor Ctrl) - http://pictures.aolcdn.com/ap/Resources/1.2.0.38/cab/aolpPlugins.10.1.0.0.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1147189280734
    O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
    O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://aolsvc.aol.com/onlinegames/ghtumblebugs/axhost.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://zone.msn.com/binGame/ZAxRcMgr.cab
    O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - https://objects.aol.com/mcafee/molbin/shared/mcgdmgr/en-us/1,0,0,20/McGDMgr.cab
    O16 - DPF: {BDD2F926-8158-4F62-9E0D-B3B75FD1F07F} (McObjectFactory Class) - http://download.mcafee.com/molbin/shared/McMySec/en-us/1,0,0,2/mcmysec.cab
    O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://aolsvc.aol.com/onlinegames/sonybewitched/main.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://aolsvc.aol.com/onlinegames/iwincarambadeluxe/zylomgamesplayer.cab
    O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://aolsvc.aol.com/onlinegames/shapo/shapo.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v7.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4815/mcfscan.cab
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
     
  3. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    ewido anti-spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 12:46:23 PM 8/6/2006

    + Scan result:



    HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject -> Adware.FizzleBar : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject.1 -> Adware.FizzleBar : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject\CLSID -> Adware.FizzleBar : Cleaned with backup (quarantined).
    HKLM\SOFTWARE\Classes\ToolbarBestToolbarsToolbar.BestToolbarsToolbarObject\CurVer -> Adware.FizzleBar : Cleaned with backup (quarantined).
    C:\Documents and Settings\Cindy\Local Settings\Temporary Internet Files\Content.IE5\03ARAXCJ\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
    C:\Documents and Settings\Cindy\Local Settings\Temporary Internet Files\Content.IE5\SNSHYRQN\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
    C:\I386\REG.EXE -> Worm.Randon : Cleaned with backup (quarantined).


    ::Report end
     
  4. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    And I did delete the files found in Ewido instead of leaving them in quarantine.
     
  5. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,017
    Please go HERE to run Panda's ActiveScan
    • Once you are on the Panda site click the Scan your PC button
    • A new window will open...click the Check Now button
    • Enter your Country
    • Enter your State/Province
    • Enter your e-mail address and click send
    • Select either Home User or Company
    • Click the big Scan Now button
    • If it wants to install an ActiveX component allow it
    • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
    • When download is complete, click on My Computer to start the scan
    • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report


    Download WinPFind
    • Right Click the Zip Folder and Select "Extract All"
    • Extract it somewhere you will remember like the Desktop
    • Don’t do anything with it yet!


    Click here for info on how to boot to safe mode if you don't already know how.


    Reboot into Safe Mode.


    Double click WinPFind.exe
    • Click "Start Scan"
    • It will scan the entire System, so please be patient and let it complete.


    Reboot back to Normal Mode!


    • Go to the WinPFind folder
    • Locate WinPFind.txt
    • Copy and paste WinPFind.txt in your next post here please.
     
  6. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    Here is the PANDA scan



    Incident Status Location

    Adware:adware/downloadware Not disinfected c:\windows\Digital Signature 20041018.html
    Adware:adware/dyfuca Not disinfected Windows Registry
    Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Cindy\Desktop\Unused Desktop Shortcuts\smitRem\Process.exe
    Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Cindy\Desktop\Unused Desktop Shortcuts\smitRem.exe[smitRem/Process.exe]
     
  7. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    WARNING: not all files found by this scanner are bad. Consult with a knowledgable person before proceeding.

    If you see a message in the titlebar saying "Not responding..." you can ignore it. Windows somethimes displays this message due to the high volume of disk I/O. As long as the hard disk light is flashing, the program is still working properly.

    »»»»»»»»»»»»»»»»» Windows OS and Versions »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Product Name: Microsoft Windows XP Current Build: Service Pack 2 Current Build Number: 2600
    Internet Explorer Version: 6.0.2900.2180

    »»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»

    Checking %SystemDrive% folder...

    Checking %ProgramFilesDir% folder...

    Checking %WinDir% folder...
    SAHAgent 6/10/2005 7:53:36 PM 31709 C:\WINDOWS\KB835732.log

    Checking %System% folder...
    aspack 3/18/2005 5:19:58 PM 2337488 C:\WINDOWS\SYSTEM32\d3dx9_25.dll
    aspack 5/26/2005 3:34:52 PM 2297552 C:\WINDOWS\SYSTEM32\d3dx9_26.dll
    aspack 7/22/2005 7:59:04 PM 2319568 C:\WINDOWS\SYSTEM32\d3dx9_27.dll
    aspack 12/5/2005 6:09:18 PM 2323664 C:\WINDOWS\SYSTEM32\d3dx9_28.dll
    aspack 2/3/2006 8:43:16 AM 2332368 C:\WINDOWS\SYSTEM32\d3dx9_29.dll
    aspack 3/31/2006 12:40:58 PM 2388176 C:\WINDOWS\SYSTEM32\d3dx9_30.dll
    PEC2 8/29/2002 7:00:00 AM 41397 C:\WINDOWS\SYSTEM32\DFRG.MSC
    UPX! 6/24/2005 5:04:36 PM 161280 C:\WINDOWS\SYSTEM32\fmod.dll
    PTech 6/19/2006 4:19:42 PM 571184 C:\WINDOWS\SYSTEM32\LegitCheckControl.dll
    aspack 7/6/2006 6:21:48 PM 6757792 C:\WINDOWS\SYSTEM32\MRT.exe
    aspack 8/4/2004 3:56:36 AM 708096 C:\WINDOWS\SYSTEM32\ntdll.dll
    Umonitor 8/4/2004 3:56:44 AM 657920 C:\WINDOWS\SYSTEM32\rasdlg.dll
    aspack 5/16/2002 6:12:30 PM 117248 C:\WINDOWS\SYSTEM32\SKCL.dll
    winsync 8/29/2002 7:00:00 AM 1309184 C:\WINDOWS\SYSTEM32\WBDBASE.DEU
    PTech 6/19/2006 4:19:26 PM 304944 C:\WINDOWS\SYSTEM32\WgaTray.exe

    Checking %System%\Drivers folder and sub-folders...
    UPX! 7/31/2006 9:17:10 PM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
    FSG! 7/31/2006 9:17:10 PM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
    PEC2 7/31/2006 9:17:10 PM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
    aspack 7/31/2006 9:17:10 PM 776096 C:\WINDOWS\SYSTEM32\drivers\avg7core.sys
    PTech 8/4/2004 1:41:38 AM 1309184 C:\WINDOWS\SYSTEM32\drivers\mtlstrm.sys

    Items found in C:\WINDOWS\SYSTEM32\drivers\ETC\hosts


    Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
    8/7/2006 9:06:30 PM S 2048 C:\WINDOWS\BOOTSTAT.DAT
    7/30/2006 2:14:42 PM S 64 C:\WINDOWS\CSC\00000001
    7/29/2006 11:53:40 PM S 64 C:\WINDOWS\CSC\00000002
    6/19/2006 4:20:58 PM S 7160 C:\WINDOWS\SYSTEM32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat
    8/7/2006 9:06:50 PM H 16384 C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG
    8/7/2006 9:06:54 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG
    8/7/2006 9:06:32 PM H 12288 C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG
    8/7/2006 9:07:04 PM H 86016 C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG
    8/7/2006 9:06:40 PM H 1355776 C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG
    7/30/2006 8:24:56 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\NTUSER.DAT.LOG
    8/6/2006 6:26:02 PM H 1024 C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
    7/30/2006 9:39:36 PM H 81 C:\WINDOWS\SYSTEM32\GroupPolicy\Adm\admfiles.ini
    7/20/2006 12:42:40 AM HS 388 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\cdc581c3-4e96-4984-9d21-42a9498c9770
    7/20/2006 12:42:40 AM HS 24 C:\WINDOWS\SYSTEM32\Microsoft\Protect\S-1-5-18\User\Preferred
    8/7/2006 9:09:58 PM H 330 C:\WINDOWS\Tasks\MP Scheduled Scan.job
    8/7/2006 9:05:30 PM H 6 C:\WINDOWS\Tasks\SA.DAT

    Checking for CPL files...
    Microsoft Corporation 8/4/2004 3:56:58 AM 68608 C:\WINDOWS\SYSTEM32\access.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 549888 C:\WINDOWS\SYSTEM32\appwiz.cpl
    Broadcom Corporation 6/3/2003 12:38:44 PM 94208 C:\WINDOWS\SYSTEM32\BCMSM.CPL
    Microsoft Corporation 8/4/2004 3:56:58 AM 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl
    Creative Technology Ltd. 3/30/2001 4:00:00 AM 230912 C:\WINDOWS\SYSTEM32\CTDetect.cpl
    Creative Technology Ltd. 2/21/2002 3:00:00 AM 212992 C:\WINDOWS\SYSTEM32\CTDevCtrl.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 135168 C:\WINDOWS\SYSTEM32\desk.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 80384 C:\WINDOWS\SYSTEM32\firewall.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 155136 C:\WINDOWS\SYSTEM32\hdwwiz.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 358400 C:\WINDOWS\SYSTEM32\inetcpl.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 129536 C:\WINDOWS\SYSTEM32\intl.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 380416 C:\WINDOWS\SYSTEM32\irprops.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 68608 C:\WINDOWS\SYSTEM32\joy.cpl
    Sun Microsystems, Inc. 5/3/2006 2:56:54 AM 49265 C:\WINDOWS\SYSTEM32\jpicpl32.cpl
    Microsoft Corporation 8/29/2002 7:00:00 AM 187904 C:\WINDOWS\SYSTEM32\MAIN.CPL
    Microsoft Corporation 8/4/2004 3:56:58 AM 618496 C:\WINDOWS\SYSTEM32\mmsys.cpl
    Microsoft Corporation 8/29/2002 7:00:00 AM 35840 C:\WINDOWS\SYSTEM32\NCPA.CPL
    Microsoft Corporation 8/4/2004 3:56:58 AM 25600 C:\WINDOWS\SYSTEM32\netsetup.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 257024 C:\WINDOWS\SYSTEM32\nusrmgr.cpl
    Microsoft Corporation 8/29/2002 7:00:00 AM 36864 C:\WINDOWS\SYSTEM32\NWC.CPL
    Microsoft Corporation 8/4/2004 3:56:58 AM 32768 C:\WINDOWS\SYSTEM32\odbccp32.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 114688 C:\WINDOWS\SYSTEM32\powercfg.cpl
    Intel(R) Corporation 3/11/2003 6:15:56 PM 77824 C:\WINDOWS\SYSTEM32\PRApplet.cpl
    RealNetworks, Inc. 8/6/2006 12:13:22 AM 24576 C:\WINDOWS\SYSTEM32\prefscpl.cpl
    Apple Computer, Inc. 4/8/2004 4:12:46 PM 323072 C:\WINDOWS\SYSTEM32\QuickTime.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 298496 C:\WINDOWS\SYSTEM32\sysdm.cpl
    Microsoft Corporation 8/29/2002 7:00:00 AM 28160 C:\WINDOWS\SYSTEM32\TELEPHON.CPL
    Microsoft Corporation 8/4/2004 3:56:58 AM 94208 C:\WINDOWS\SYSTEM32\timedate.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 148480 C:\WINDOWS\SYSTEM32\wscui.cpl
    Microsoft Corporation 5/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\wuaucpl.cpl
    Microsoft Corporation 8/29/2002 7:00:00 AM 35840 C:\WINDOWS\SYSTEM32\DLLCACHE\ncpa.cpl
    Microsoft Corporation 8/4/2004 3:56:58 AM 32768 C:\WINDOWS\SYSTEM32\DLLCACHE\odbccp32.cpl
    Microsoft Corporation 5/26/2005 4:16:30 AM 174360 C:\WINDOWS\SYSTEM32\DLLCACHE\wuaucpl.cpl

    »»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»

    Checking files in %ALLUSERSPROFILE%\Startup folder...
    9/3/2002 3:36:04 PM HS 84 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI

    Checking files in %ALLUSERSPROFILE%\Application Data folder...
    9/3/2002 3:26:20 PM HS 62 C:\Documents and Settings\All Users\Application Data\DESKTOP.INI

    Checking files in %USERPROFILE%\Startup folder...
    9/3/2002 3:36:04 PM HS 84 C:\Documents and Settings\Cindy\Start Menu\Programs\Startup\DESKTOP.INI

    Checking files in %USERPROFILE%\Application Data folder...
    9/3/2002 3:26:20 PM HS 62 C:\Documents and Settings\Cindy\Application Data\DESKTOP.INI

    »»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
    SV1 =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

    [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\AVG7 Shell Extension
    {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\BitDefender Antivirus v8
    {D653647D-D607-4DF6-A5B8-48D2BA195F7B} = C:\Program Files\Softwin\BitDefender8\bdshelxt.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido anti-spyware
    {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
    {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
    {09799AFB-AD67-11d1-ABCD-00C04FC30936} = %SystemRoot%\system32\SHELL32.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
    {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Yahoo! Mail
    {5464D816-CF16-4784-B9F3-75C0DB52B499} = C:\PROGRA~1\Yahoo!\Common\ymmapi.dll
    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
    Start Menu Pin = %SystemRoot%\system32\SHELL32.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG7 Shell Extension
    {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\Grisoft\AVG Free\avgse.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\BitDefender Antivirus v8
    {D653647D-D607-4DF6-A5B8-48D2BA195F7B} = C:\Program Files\Softwin\BitDefender8\bdshelxt.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\SpySweeper
    {7C9D5882-CB4A-4090-96C8-430BFE8B795B} = C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
    {A470F8CF-A1E8-4f65-8335-227475AA5C46} = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido anti-spyware
    {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\ewido anti-spyware 4.0\context.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
    {750fdf0e-2a26-11d1-a3ea-080036587f03} = %SystemRoot%\System32\cscui.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
    {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
    = %SystemRoot%\system32\SHELL32.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
    = %SystemRoot%\system32\SHELL32.dll

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}
    DriveLetterAccess = C:\WINDOWS\system32\dla\tfswshx.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    SSVHelper Class = C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
    =

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
    =
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
    &Tip of the Day = %SystemRoot%\System32\shdocvw.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
    Real.com = C:\WINDOWS\system32\Shdocvw.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} = :

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping
    MenuText = :
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
    MenuText = Sun Java Console : C:\Program Files\Java\jre1.5.0_07\bin\npjpi150_07.dll
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
    ButtonText = Messenger :
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4982D40A-C53B-4615-B15B-B5B5E98D167C}
    ButtonText = AOL Toolbar :
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
    ButtonText = Research :
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}
    ButtonText = AIM : C:\Program Files\AIM\aim.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    ButtonText = Real.com :
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}
    ButtonText = Yahoo! Messenger : C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
    ButtonText = Messenger : C:\Program Files\Messenger\msmsgs.exe

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}
    Search Band = %SystemRoot%\System32\browseui.dll
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}
    =
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}
    =
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
    File Search Explorer Band = %SystemRoot%\system32\SHELL32.dll
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}
    Favorites Band = %SystemRoot%\System32\shdocvw.dll
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
    Explorer Band = %SystemRoot%\System32\shdocvw.dll

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
    {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
    {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\System32\browseui.dll
    {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
    {4982D40A-C53B-4615-B15B-B5B5E98D167C} = AOL Toolbar : C:\Program Files\AOL Toolbar\toolbar.dll
    {71AAABE5-1F0F-11D7-BD6F-004854603DCE} = :
    {2318C2B1-4965-11D4-9B18-009027A5CD4F} = :

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    NvCplDaemon "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
    DVDSentry C:\WINDOWS\System32\DSentry.exe
    SpySweeper "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
    Windows Defender "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    AVG7_CC "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
    AOLDialer "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
    BDMCon "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
    BDNewsAgent "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
    IMAIL Installed = 1
    MAPI Installed = 1
    MSFS Installed = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
    Sonic RecordNow!
    DellSupport "C:\Program Files\Dell Support\DSAgnt.exe" /startup
    AOL Fast Start "C:\Program Files\America Online 9.0\AOL.EXE" -b

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services
    MpfService 2


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
    key SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    item
    hkey HKLM
    command
    inimapping 0


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state
    system.ini 0
    win.ini 0
    bootini 0
    services 0
    startup 0


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments
    ScanWithAntiVirus 2


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer

    NoDriveTypeAutoRun _
    NoCDBurning 0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID
    {17492023-C23A-453E-A040-C7C580BBF700} 1

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
    {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
    {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
    {0DF44EAA-FF21-4412-828E-260A8728E7F1} =


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    dontdisplaylastusername 0
    legalnoticecaption
    legalnoticetext
    shutdownwithoutlogon 1
    undockwithoutlogon 1
    DisableTaskMgr 0


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
    NoChangingWallPaper 0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    NoDriveTypeAutoRun 0
    NoActiveDesktop 0
    NoSaveSettings 0
    ClassicShell 0
    NoThemesTab 0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    DisableRegistryTools 0
    DisableTaskMgr 0
    NoColorChoice 0
    NoSizeChoice 0
    NoDispScrSavPage 0
    NoDispCPL 0
    NoVisualStyleChoice 0
    NoDispSettingsPage 0
    NoDispAppearancePage 0
    NoDispBackgroundPage 0


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    PostBootReminder {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
    CDBurn {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
    WebCheck {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\System32\webcheck.dll
    SysTray {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\Userinit.exe,
    Shell = explorer.exe
    System =

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
    = crypt32.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
    = cryptnet.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
    = cscdll.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
    = wlnotify.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
    = wlnotify.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
    = sclgntfy.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
    = WlNotify.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
    = wlnotify.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon
    = WgaLogon.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
    = wlnotify.dll

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier
    = WRLogonNTF.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
    Debugger = ntsd -d

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    AppInit_DLLs


    »»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
    Scan completed on 8/7/2006 9:15:23 PM
     
  8. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    And by the way I am still getting a whole mess of runtime errors.:(
     
  9. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    Now I am getting virtual memory low warnings and it sounds like my tower is running and running and processing something...but I only have IE running.

    HELP!!!
     
  10. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,017
    What webpage is it that generates that runtime error?
     
  11. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    Anything you do in AOL just about causes the error. And its not just the Line 55 I get others too. Last night my computer was running so slow I have never seen it do that before. The CPU usage was like 60% and PF Usage was like 1.60 kb (i think).

    Everytime I try to run a virus scan or spyware program everything starts freezing up and I cannot shut down anything without shutting down by pressing button. I have uninstalled AOL and reinstalled it thinking it might be glitch in that program, but it is still doing it.
     
  12. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,017
  13. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    Reinstalled aol....didnt make a difference. :(
     
  14. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,017
    Go to Start - Run - type in eventvwr.msc and click OK.

    Check under applications and system to see if there are any errors marked with a red X there. If so, double click on them and then click on the icon that looks like two pieces of paper to copy them to the clipboard and then paste them here.
     
  15. CRILEY70

    CRILEY70 It's My Birthday! Thread Starter

    Joined:
    Jul 31, 2006
    Messages:
    45
    THIS IS THE APPLICATION ERRORS


    Event Type: Error
    Event Source: Application Error
    Event Category: (100)
    Event ID: 1000
    Date: 8/9/2006
    Time: 5:26:54 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application svchost.exe, version 5.1.2600.2180, faulting module wbemcomn.dll, version 5.1.2600.2180, fault address 0x0000f82f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 73 76 63 ure svc
    0018: 68 6f 73 74 2e 65 78 65 host.exe
    0020: 20 35 2e 31 2e 32 36 30 5.1.260
    0028: 30 2e 32 31 38 30 20 69 0.2180 i
    0030: 6e 20 77 62 65 6d 63 6f n wbemco
    0038: 6d 6e 2e 64 6c 6c 20 35 mn.dll 5
    0040: 2e 31 2e 32 36 30 30 2e .1.2600.
    0048: 32 31 38 30 20 61 74 20 2180 at
    0050: 6f 66 66 73 65 74 20 30 offset 0
    0058: 30 30 30 66 38 32 66 000f82fEvent Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 8/8/2006
    Time: 7:58:43 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application waol.exe, version 9.2.0.0, faulting module unknown, version 0.0.0.0, fault address 0x69206e75.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 77 61 6f ure wao
    0018: 6c 2e 65 78 65 20 39 2e l.exe 9.
    0020: 32 2e 30 2e 30 20 69 6e 2.0.0 in
    0028: 20 75 6e 6b 6e 6f 77 6e unknown
    0030: 20 30 2e 30 2e 30 2e 30 0.0.0.0
    0038: 20 61 74 20 6f 66 66 73 at offs
    0040: 65 74 20 36 39 32 30 36 et 69206
    0048: 65 37 35 0d 0a e75.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 8/7/2006
    Time: 5:43:04 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application waol.exe, version 9.2.0.0, faulting module unknown, version 0.0.0.0, fault address 0x0ac4bc14.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 77 61 6f ure wao
    0018: 6c 2e 65 78 65 20 39 2e l.exe 9.
    0020: 32 2e 30 2e 30 20 69 6e 2.0.0 in
    0028: 20 75 6e 6b 6e 6f 77 6e unknown
    0030: 20 30 2e 30 2e 30 2e 30 0.0.0.0
    0038: 20 61 74 20 6f 66 66 73 at offs
    0040: 65 74 20 30 61 63 34 62 et 0ac4b
    0048: 63 31 34 0d 0a c14.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 8/6/2006
    Time: 5:15:03 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application iexplore.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x00000083.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 69 65 78 ure iex
    0018: 70 6c 6f 72 65 2e 65 78 plore.ex
    0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
    0028: 30 30 2e 32 31 38 30 20 00.2180
    0030: 69 6e 20 75 6e 6b 6e 6f in unkno
    0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
    0040: 2e 30 20 61 74 20 6f 66 .0 at of
    0048: 66 73 65 74 20 30 30 30 fset 000
    0050: 30 30 30 38 33 0d 0a 00083.. Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 8/5/2006
    Time: 11:13:39 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application Paint Shop Pro.exe, version 8.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 50 61 69 6e 74 20 Paint
    0018: 53 68 6f 70 20 50 72 6f Shop Pro
    0020: 2e 65 78 65 20 38 2e 30 .exe 8.0
    0028: 2e 30 2e 30 20 69 6e 20 .0.0 in
    0030: 68 75 6e 67 61 70 70 20 hungapp
    0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0
    0040: 61 74 20 6f 66 66 73 65 at offse
    0048: 74 20 30 30 30 30 30 30 t 000000
    0050: 30 30 00 Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 8/5/2006
    Time: 10:54:02 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application aim.exe, version 5.9.3861.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 61 69 6d ure aim
    0018: 2e 65 78 65 20 35 2e 39 .exe 5.9
    0020: 2e 33 38 36 31 2e 30 20 .3861.0
    0028: 69 6e 20 75 6e 6b 6e 6f in unkno
    0030: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
    0038: 2e 30 20 61 74 20 6f 66 .0 at of
    0040: 66 73 65 74 20 31 32 32 fset 122
    0048: 31 32 35 34 66 0d 0a 1254f.. Event Type: Error
    Event Source: ESENT
    Event Category: General
    Event ID: 485
    Date: 8/2/2006
    Time: 10:54:02 AM
    User: N/A
    Computer: BERTHA2004
    Description:
    wuauclt (2832) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: ESENT
    Event Category: General
    Event ID: 485
    Date: 8/2/2006
    Time: 10:54:01 AM
    User: N/A
    Computer: BERTHA2004
    Description:
    wuauclt (2832) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: ESENT
    Event Category: General
    Event ID: 485
    Date: 8/2/2006
    Time: 10:54:00 AM
    User: N/A
    Computer: BERTHA2004
    Description:
    wuauclt (2832) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: ESENT
    Event Category: General
    Event ID: 485
    Date: 8/2/2006
    Time: 10:53:59 AM
    User: N/A
    Computer: BERTHA2004
    Description:
    wuauclt (2832) An attempt to delete the file "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" failed with system error 5 (0x00000005): "Access is denied. ". The delete file operation will fail with error -1032 (0xfffffbf8).

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 8/1/2006
    Time: 8:59:48 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application javaw.exe, version 5.0.70.3, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 6a 61 76 61 77 2e javaw.
    0018: 65 78 65 20 35 2e 30 2e exe 5.0.
    0020: 37 30 2e 33 20 69 6e 20 70.3 in
    0028: 68 75 6e 67 61 70 70 20 hungapp
    0030: 30 2e 30 2e 30 2e 30 20 0.0.0.0
    0038: 61 74 20 6f 66 66 73 65 at offse
    0040: 74 20 30 30 30 30 30 30 t 000000
    0048: 30 30 00 Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 7/31/2006
    Time: 11:54:46 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application explorer.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 65 78 70 6c 6f 72 explor
    0018: 65 72 2e 65 78 65 20 36 er.exe 6
    0020: 2e 30 2e 32 39 30 30 2e .0.2900.
    0028: 32 31 38 30 20 69 6e 20 2180 in
    0030: 68 75 6e 67 61 70 70 20 hungapp
    0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0
    0040: 61 74 20 6f 66 66 73 65 at offse
    0048: 74 20 30 30 30 30 30 30 t 000000
    0050: 30 30 00 Event Type: Error
    Event Source: Application Hang
    Event Category: None
    Event ID: 1001
    Date: 7/30/2006
    Time: 2:25:54 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Fault bucket 126637809.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 42 75 63 6b 65 74 3a 20 Bucket:
    0008: 31 32 36 36 33 37 38 30 12663780
    0010: 39 0d 0a 9.. Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 7/30/2006
    Time: 2:25:47 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 69 65 78 70 6c 6f iexplo
    0018: 72 65 2e 65 78 65 20 36 re.exe 6
    0020: 2e 30 2e 32 39 30 30 2e .0.2900.
    0028: 32 31 38 30 20 69 6e 20 2180 in
    0030: 68 75 6e 67 61 70 70 20 hungapp
    0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0
    0040: 61 74 20 6f 66 66 73 65 at offse
    0048: 74 20 30 30 30 30 30 30 t 000000
    0050: 30 30 00 Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/30/2006
    Time: 2:14:09 AM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application iexplore.exe, version 6.0.2900.2180, faulting module mshtmled.dll, version 6.0.2900.2904, fault address 0x00030ca8.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 69 65 78 ure iex
    0018: 70 6c 6f 72 65 2e 65 78 plore.ex
    0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
    0028: 30 30 2e 32 31 38 30 20 00.2180
    0030: 69 6e 20 6d 73 68 74 6d in mshtm
    0038: 6c 65 64 2e 64 6c 6c 20 led.dll
    0040: 36 2e 30 2e 32 39 30 30 6.0.2900
    0048: 2e 32 39 30 34 20 61 74 .2904 at
    0050: 20 6f 66 66 73 65 74 20 offset
    0058: 30 30 30 33 30 63 61 38 00030ca8
    0060: 0d 0a .. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 1:00:35 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 1:00:15 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:59:58 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:59:42 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:59:26 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:59:10 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:58:54 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:58:37 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Event Type: Error
    Event Source: WmiAdapter
    Event Category: None
    Event ID: 4099
    Date: 7/30/2006
    Time: 12:58:21 AM
    User: BERTHA2004\Administrator
    Computer: BERTHA2004
    Description:
    Open of service failed.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

    Event Type: Error
    Event Source: MsiInstaller
    Event Category: None
    Event ID: 10005
    Date: 7/29/2006
    Time: 11:29:30 PM
    User: BERTHA2004\Cindy
    Computer: BERTHA2004
    Description:
    Product: J2SE Runtime Environment 5.0 Update 7 -- You already have this version of the JRE installed. Please uninstall the product through your add/remove programs utility before reinstalling.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 7b 33 32 34 38 46 30 41 {3248F0A
    0008: 38 2d 36 38 31 33 2d 31 8-6813-1
    0010: 31 44 36 2d 41 37 37 42 1D6-A77B
    0018: 2d 30 30 42 30 44 30 31 -00B0D01
    0020: 35 30 30 37 30 7d 50070} Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/29/2006
    Time: 10:59:11 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application aim.exe, version 5.9.3861.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 61 69 6d ure aim
    0018: 2e 65 78 65 20 35 2e 39 .exe 5.9
    0020: 2e 33 38 36 31 2e 30 20 .3861.0
    0028: 69 6e 20 75 6e 6b 6e 6f in unkno
    0030: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
    0038: 2e 30 20 61 74 20 6f 66 .0 at of
    0040: 66 73 65 74 20 31 32 32 fset 122
    0048: 31 32 35 34 66 0d 0a 1254f.. Event Type: Error
    Event Source: Application Hang
    Event Category: None
    Event ID: 1001
    Date: 7/27/2006
    Time: 10:19:58 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Fault bucket 251908972.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 42 75 63 6b 65 74 3a 20 Bucket:
    0008: 32 35 31 39 30 38 39 37 25190897
    0010: 32 0d 0a 2.. Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 7/27/2006
    Time: 10:18:32 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application ComputerCheckup.exe, version 1.4.12.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 43 6f 6d 70 75 74 Comput
    0018: 65 72 43 68 65 63 6b 75 erChecku
    0020: 70 2e 65 78 65 20 31 2e p.exe 1.
    0028: 34 2e 31 32 2e 31 20 69 4.12.1 i
    0030: 6e 20 68 75 6e 67 61 70 n hungap
    0038: 70 20 30 2e 30 2e 30 2e p 0.0.0.
    0040: 30 20 61 74 20 6f 66 66 0 at off
    0048: 73 65 74 20 30 30 30 30 set 0000
    0050: 30 30 30 30 0000 Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/23/2006
    Time: 10:19:16 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application aim.exe, version 5.9.3861.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 61 69 6d ure aim
    0018: 2e 65 78 65 20 35 2e 39 .exe 5.9
    0020: 2e 33 38 36 31 2e 30 20 .3861.0
    0028: 69 6e 20 75 6e 6b 6e 6f in unkno
    0030: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
    0038: 2e 30 20 61 74 20 6f 66 .0 at of
    0040: 66 73 65 74 20 31 32 32 fset 122
    0048: 31 32 35 34 66 0d 0a 1254f.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/22/2006
    Time: 12:45:51 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application mim.exe, version 10.0.4.33, faulting module unknown, version 0.0.0.0, fault address 0x07fe1d39.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 6d 69 6d ure mim
    0018: 2e 65 78 65 20 31 30 2e .exe 10.
    0020: 30 2e 34 2e 33 33 20 69 0.4.33 i
    0028: 6e 20 75 6e 6b 6e 6f 77 n unknow
    0030: 6e 20 30 2e 30 2e 30 2e n 0.0.0.
    0038: 30 20 61 74 20 6f 66 66 0 at off
    0040: 73 65 74 20 30 37 66 65 set 07fe
    0048: 31 64 33 39 0d 0a 1d39.. Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 7/20/2006
    Time: 10:18:21 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application mmjb.exe, version 10.0.4.33, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 6d 6d 6a 62 2e 65 mmjb.e
    0018: 78 65 20 31 30 2e 30 2e xe 10.0.
    0020: 34 2e 33 33 20 69 6e 20 4.33 in
    0028: 68 75 6e 67 61 70 70 20 hungapp
    0030: 30 2e 30 2e 30 2e 30 20 0.0.0.0
    0038: 61 74 20 6f 66 66 73 65 at offse
    0040: 74 20 30 30 30 30 30 30 t 000000
    0048: 30 30 00 Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/17/2006
    Time: 11:45:39 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application aim.exe, version 5.9.3861.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 61 69 6d ure aim
    0018: 2e 65 78 65 20 35 2e 39 .exe 5.9
    0020: 2e 33 38 36 31 2e 30 20 .3861.0
    0028: 69 6e 20 75 6e 6b 6e 6f in unkno
    0030: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
    0038: 2e 30 20 61 74 20 6f 66 .0 at of
    0040: 66 73 65 74 20 31 32 32 fset 122
    0048: 31 32 35 34 66 0d 0a 1254f.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/17/2006
    Time: 9:26:29 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application explorer.exe, version 6.0.2900.2180, faulting module deskbar.dll, version 2.0.0.12, fault address 0x0000608f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 65 78 70 ure exp
    0018: 6c 6f 72 65 72 2e 65 78 lorer.ex
    0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
    0028: 30 30 2e 32 31 38 30 20 00.2180
    0030: 69 6e 20 64 65 73 6b 62 in deskb
    0038: 61 72 2e 64 6c 6c 20 32 ar.dll 2
    0040: 2e 30 2e 30 2e 31 32 20 .0.0.12
    0048: 61 74 20 6f 66 66 73 65 at offse
    0050: 74 20 30 30 30 30 36 30 t 000060
    0058: 38 66 0d 0a 8f.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/17/2006
    Time: 9:18:49 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application explorer.exe, version 6.0.2900.2180, faulting module deskbar.dll, version 2.0.0.12, fault address 0x0000608f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 65 78 70 ure exp
    0018: 6c 6f 72 65 72 2e 65 78 lorer.ex
    0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
    0028: 30 30 2e 32 31 38 30 20 00.2180
    0030: 69 6e 20 64 65 73 6b 62 in deskb
    0038: 61 72 2e 64 6c 6c 20 32 ar.dll 2
    0040: 2e 30 2e 30 2e 31 32 20 .0.0.12
    0048: 61 74 20 6f 66 66 73 65 at offse
    0050: 74 20 30 30 30 30 36 30 t 000060
    0058: 38 66 0d 0a 8f.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1001
    Date: 7/17/2006
    Time: 9:12:58 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Fault bucket 170248470.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 42 75 63 6b 65 74 3a 20 Bucket:
    0008: 31 37 30 32 34 38 34 37 17024847
    0010: 30 0d 0a 0.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/17/2006
    Time: 9:12:10 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application explorer.exe, version 6.0.2900.2180, faulting module deskbar.dll, version 2.0.0.12, fault address 0x0000608f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 65 78 70 ure exp
    0018: 6c 6f 72 65 72 2e 65 78 lorer.ex
    0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
    0028: 30 30 2e 32 31 38 30 20 00.2180
    0030: 69 6e 20 64 65 73 6b 62 in deskb
    0038: 61 72 2e 64 6c 6c 20 32 ar.dll 2
    0040: 2e 30 2e 30 2e 31 32 20 .0.0.12
    0048: 61 74 20 6f 66 66 73 65 at offse
    0050: 74 20 30 30 30 30 36 30 t 000060
    0058: 38 66 0d 0a 8f.. Event Type: Error
    Event Source: Application Error
    Event Category: None
    Event ID: 1000
    Date: 7/17/2006
    Time: 9:09:52 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application explorer.exe, version 6.0.2900.2180, faulting module deskbar.dll, version 2.0.0.12, fault address 0x0000608f.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 65 78 70 ure exp
    0018: 6c 6f 72 65 72 2e 65 78 lorer.ex
    0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
    0028: 30 30 2e 32 31 38 30 20 00.2180
    0030: 69 6e 20 64 65 73 6b 62 in deskb
    0038: 61 72 2e 64 6c 6c 20 32 ar.dll 2
    0040: 2e 30 2e 30 2e 31 32 20 .0.0.12
    0048: 61 74 20 6f 66 66 73 65 at offse
    0050: 74 20 30 30 30 30 36 30 t 000060
    0058: 38 66 0d 0a 8f.. Event Type: Error
    Event Source: Application Error
    Event Category: (100)
    Event ID: 1000
    Date: 7/17/2006
    Time: 8:23:31 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Faulting application AOLacsd.exe, version 3.0.0.1, faulting module unknown, version 0.0.0.0, fault address 0x2820746e.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 46 61 69 6c ion Fail
    0010: 75 72 65 20 20 41 4f 4c ure AOL
    0018: 61 63 73 64 2e 65 78 65 acsd.exe
    0020: 20 33 2e 30 2e 30 2e 31 3.0.0.1
    0028: 20 69 6e 20 75 6e 6b 6e in unkn
    0030: 6f 77 6e 20 30 2e 30 2e own 0.0.
    0038: 30 2e 30 20 61 74 20 6f 0.0 at o
    0040: 66 66 73 65 74 20 32 38 ffset 28
    0048: 32 30 37 34 36 65 20746e Event Type: Error
    Event Source: Application Hang
    Event Category: (101)
    Event ID: 1002
    Date: 7/16/2006
    Time: 11:06:46 PM
    User: N/A
    Computer: BERTHA2004
    Description:
    Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 41 70 70 6c 69 63 61 74 Applicat
    0008: 69 6f 6e 20 48 61 6e 67 ion Hang
    0010: 20 20 69 65 78 70 6c 6f iexplo
    0018: 72 65 2e 65 78 65 20 36 re.exe 6
    0020: 2e 30 2e 32 39 30 30 2e .0.2900.
    0028: 32 31 38 30 20 69 6e 20 2180 in
    0030: 68 75 6e 67 61 70 70 20 hungapp
    0038: 30 2e 30 2e 30 2e 30 20 0.0.0.0
    0040: 61 74 20 6f 66 66 73 65 at offse
    0048: 74 20 30 30 30 30 30 30 t 000000
    0050: 30 30 00
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/489809

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice