Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware.starware And Blue Screens


  • This topic is locked This topic is locked
12 replies to this topic

#1 damselindistress

damselindistress

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 19 February 2007 - 11:37 AM

Hi all,

We've been getting blue screens on the home computer (Dell Dimension 2400). We did the extended testing, and everything looks fine from a hardware point of view. Can a virus cause bluescreens? We use Avast along with Lavasoft, spyware blaster and spybot search and destroy. These have not given us any warnings or errors. We also run bitdefender periodically. Lately it has been finding one file and deleting it. However, when we moved to Norton antivirus it caught adware.starware. After fixing the adware, wildtangent has been spotted on the spybot search and destroy.

With all this, is there anything I can do to overcome these bluescreens? (which happen when the kids are on video games in general, but not always).

Here is the log:

Logfile of HijackThis v1.99.1
Scan saved at 12:24:53 AM, on 2/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Content Filter\SafeEyes.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Symantec AntiVirus\DoScan.exe
C:\Documents and Settings\Aishah\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Safe &Eyes Toolbar - {430DDB4F-38CC-4E91-AF33-4157334EC937} - C:\Program Files\Internet Content Filter\setoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ICF] "C:\Program Files\Internet Content Filter\SafeEyes.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

Thanks in advance for any help you can give me, or at least point me in the right direction.

BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:17 PM

Posted 20 February 2007 - 05:03 PM

Hello damselindistress,

I am SifuMike and I will be helping you. :thumbsup:

We did the extended testing, and everything looks fine from a hardware point of view. Can a virus cause bluescreens?


is there anything I can do to overcome these bluescreens? (which happen when the kids are on video games in general, but not always).


I don't think this is a malware probem, but we will run some malware scans and see what they find.

It sounds like eiter a software or hardware problem.
What game is causing they blue screen problem? Any error messages?

How much memory (RAM) is on this computer? Anything less than 512 MB will cause the computer to be slow.




Disable your antivirus program and go here http://www.bitdefender.com/scan8/ie.html and run an online scan with BitDefender (you will need to use Internet Explorer for this scan). When the ActiveX Control has loaded, click on "Click here to scan". This scan may take a few hours. It all depends on the number of files on your computer.

When BitDefender completes the scan, select the "Detected Problems" tab.
Click on "Click here to export scan".
Save the file as an HTML to your Desktop.
Then click on the saved file and allow it to open with your browser.
Go to Edit - Select All then copy/paste that log back here.
Post the BitDefender log.

**********************

Ewido is now AVG AntiSpyware, so I want you to upgrade to the new version.

Download ATF (Atribune Temp File) Cleaner© by Atribune DO NOT run it yet.

Download and install AVG Anti-Spyware 7.5 (formerly Ewido)
This is a 30 day trial of the program

AVG Anti-Spyware is designed to be used to both scan for and remove malicious files and also to run in real-time alongside, but not replace, your existing anti-virus program to give an added layer of protection.
Both the Resident Shield and Automatic Updates will only be available for the thirty day trial period, after that AVG Anti-Spyware will revert to a stand-alone scanner which you can keep and manually update for free and use in a similar way to Ad-Aware SE Personal, Spybot S&D etc.


1. After download, double click on the file to launch the install process.
2. Choose a language, click "OK" and then click "Next".
3. Read the "License Agreement" and click "I Agree".
4. Accept the default installation path: C:\Program Files\AVG Anti-Spyware 7.5 and click "Next", then click "Install".
5. After setup completes, click "Finish" to start the program automatically or launch ewido by double-clicking its icon on your desktop or in the system tray.
6. The main "Status" menu will appear. You can select "Change state" to inactivate 'Resident Sheild' and 'Automatic Updates'. If you choose to do this, then right click on ewdio in the system tray and uncheck "Start with Windows".
7. Select the "Update" button and click "Start update". If you are having problems with the updater, manually update with the Ewido Full database installer from here.
8. Exit AVG Anti-Spyware 7.5 when done - DO NOT perform a scan yet.

Reboot your computer in "SAFE MODE" using the F8 method so Windows will start with minimal drivers and running processes.
To do this restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press the F8 key repeatedly.
A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

1.) Double-click the small BLUE Garbage Can ATF-Cleaner.exe file to run the program.
2.) At the top, under Main choose: Select All
3.) Click the Empty Selected button.

If you use the Firefox browser:
1.) At the top, click Firefox and choose: Select All
2.) Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use the Opera browser:
1.) At the top, click Opera and choose: Select All
2.) Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.


Scan with AVG Anti-Spyware 7.5 as follows:

1. Launch AVG Anti-Spyware 7.5, click on the "Scanner" button and choose the "Settings" tab.

Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.

Under "How to Scan?" check all (default).

Under "Possibly unwanted software" check all (default).

Under "What to Scan?" make sure "Scan every file" is selected (default).

Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

2. Click the "Scan" tab to return to scanning options.
3. Click "Complete System Scan" to start.

4. IMPORTANT : Don't click on the "Save Scan Report" button before you did hit the "Apply all Actions" button.

Make sure that Set all elements to: shows Quarantine
(1)
, if not click on the link and choose Quarantine from the popup menu.
(2) At the bottom of the window click on the Apply all Actions button.
(3) When done, click the Save Scan Report button.
(4) Click the Save Report as button.
Click on the most recent scan you just performed and select "Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt.
Save to your desktop.
A copy of each report will also be saved in C:\Program Files\AVG Anti-Spyware 7.5\Reports\
Right-click the AVG Anti-Spyware Tray Icon and select Exit. Confirm by clicking Yes.

Reboot to Normal Mode.

It looks like you only posted the top part of your Hijackthis log, as it is missing many items. Please make sure you post the entire log.


When done, submit the BitDefender log, the [b]AVG Anti-Spyware 7.5
log and a fresh Hijackthis log.

Edited by SifuMike, 20 February 2007 - 05:14 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 damselindistress

damselindistress
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 23 February 2007 - 01:07 PM

Thank You for the reply. I honestly appreciate it. I have 512mb of memory, and the blue screen appears after various games. It can't ceem to clear a cache. In terms of these tests, bitdefender didnt find anything, but here are the other two:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 1:12:11 AM 2/24/2007

+ Scan result:



C:\WINDOWS\Downloaded Program Files\minicliptoolbar.dll -> Adware.MegaSearch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\70tovmto.ini -> Adware.Sahat : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\BrowserSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\BrowserSearch\BrowserSearch.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ErrorSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Games -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Games\GamesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Games\GamesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Layouts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Layouts\PreferencesLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Layouts\PreferencesLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Layouts\ToolbarLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Layouts\ToolbarLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Manager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Manager\ManagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Manager\ManagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\PopupBlocker -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Reference -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Reference\ReferenceOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Reference\ReferenceOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\RelatedSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ScreenSavers -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ScreenSavers\ScreenSaversOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ScreenSavers\ScreenSaversOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\SearchMatch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\SearchMatch\SearchMatchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\SmileyTown -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\SmileyTown\SmileyTownOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\SmileyTown\SmileyTownOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Toolbar -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ToolbarLogo -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ToolbarSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Toolbar\TBProductsOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\TravelSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\TravelSearch\TravelSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Aishah\Application Data\Starware\TravelSearch\TravelSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\BrowserSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\BrowserSearch\BrowserSearch.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\BrowserSearch\BrowserSearch.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ErrorSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ErrorSearch\ErrorSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Games -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Games\GamesOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Games\GamesOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Layouts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Layouts\PreferencesLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Layouts\PreferencesLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Layouts\ToolbarLayout.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Layouts\ToolbarLayout.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Manager -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Manager\ManagerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Manager\ManagerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\PopupBlocker -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\PopupBlocker\PopupBlockerOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Reference -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Reference\ReferenceOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Reference\ReferenceOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\RelatedSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\RelatedSearch\RelatedSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ScreenSavers -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ScreenSavers\ScreenSaversOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ScreenSavers\ScreenSaversOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\SearchMatch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\SearchMatch\SearchMatchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\SearchMatch\SearchMatchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\SmileyTown -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\SmileyTown\SmileyTownOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\SmileyTown\SmileyTownOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Toolbar -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ToolbarLogo -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ToolbarLogo\ToolbarLogoOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ToolbarSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\ToolbarSearch\ToolbarSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Toolbar\TBProductsOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\Toolbar\TBProductsOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\TravelSearch -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\TravelSearch\TravelSearchOptions.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\test\Application Data\Starware\TravelSearch\TravelSearchOptions.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
:mozilla.170:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.171:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.405:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.406:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.407:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.408:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.409:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.635:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.636:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.634:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.605:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.100:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.116:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.96:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.97:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.98:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.99:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.246:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.247:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.155:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.156:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.75:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.76:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.77:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.90:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.96:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.608:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.609:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.45:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.46:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.47:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.48:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.49:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.538:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.134:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.135:C:\Documents and Settings\Ayah\Application Data\Mozilla\Firefox\Profiles\rl3ccwcm.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
HKU\S-1-5-21-1293181223-229118169-3377049838-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8B55274-0F9A-41E5-9067-A3539BD9E860} -> Trojan.Agent.dj : Cleaned with backup (quarantined).
HKU\S-1-5-21-1293181223-229118169-3377049838-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C044AAD-7955-4CBD-8175-501A165C4E5D} -> Trojan.Conhook.b : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP511\A0256045.dll -> Trojan.Susear.a : Cleaned with backup (quarantined).


::Report end

Logfile of HijackThis v1.99.1
Scan saved at 1:33:00 AM, on 2/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Content Filter\SafeEyes.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Aishah\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Safe &Eyes Toolbar - {430DDB4F-38CC-4E91-AF33-4157334EC937} - C:\Program Files\Internet Content Filter\setoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ICF] "C:\Program Files\Internet Content Filter\SafeEyes.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'icf.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/puzzlepirates/miniclipGameLoader.dll
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/activex...wareControl.cab
O16 - DPF: {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - http://www.miniclip.com/toolbar/minicliptoolbar.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163297997171
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX28.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.28/ttinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74D6C29B-4F14-4C38-8D63-C422C69A0360}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{74D6C29B-4F14-4C38-8D63-C422C69A0360}: NameServer = 202.188.0.133,202.188.1.5
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe


What do you think?

#4 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:17 PM

Posted 23 February 2007 - 06:19 PM

Hi damselindistress,

It can't ceem to clear a cache

.
Try running CCleaner after you run the game.

Download CCleaner and install it. (default location is best). Do not run it yet!

CCleaner Tutorial

*NOTE* CCleaner deletes EVERYTHING out of temp/temporary folders and does not make backups.

Let's empty the temp files:

Run CCleaner.

1. Starting with v1.27.260, CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbarfree Basic version instead of the Standard Build.


2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"

3. Then select the items you wish to clean up.

In the Windows Tab:
• Clean all entries in the "Internet Explorer" section except Cookies.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.

In the Applications Tab:
• Clean all except cookies in the Firefox/Mozilla section if you use it.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

If it asks you to reboot at the end, click NO.

CCleaner should be run with the above settings for each User Account!


I am not seeing any malware in your log :thumbsup: , but I see that your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation, Multi-language jre-6-windows-i586.exe and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.
Reboot, post a fresh Hijackthis log and tell me how your computer is running.

Edited by SifuMike, 23 February 2007 - 06:24 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 damselindistress

damselindistress
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 25 February 2007 - 12:17 AM

Thanks for your reply. A bit more details on the errors we have been getting is:

1. when starting we get the error: error caused by this file ialmnrt5 (the kids were playing a game the day before)

2. when starting we also have gotten is: BIOS is not fully ACPI compliant suggest to update bios at www.hardware-update.com

3. when playing toontown.com: caused by ialmdd5.dll page_fault_in_nonpaged_area

4. when playing cartoon network.com: pfn_list_corrupt

When running the cc cleaner there was a ton of stuff in the cache for java. We also updated the java. Here is the new log:

Logfile of HijackThis v1.99.1
Scan saved at 1:00:29 PM, on 2/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Internet Content Filter\SafeEyes.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Aishah\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Safe &Eyes Toolbar - {430DDB4F-38CC-4E91-AF33-4157334EC937} - C:\Program Files\Internet Content Filter\setoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ICF] "C:\Program Files\Internet Content Filter\SafeEyes.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'icf.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/puzzlepirates/miniclipGameLoader.dll
O16 - DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} (Walt Disney Internet Group Hardware Control) - https://disneyblast.go.com/v3/setup/activex...wareControl.cab
O16 - DPF: {4E7BD74F-2B8D-469E-89B3-BE29F5D3E32D} - http://www.miniclip.com/toolbar/minicliptoolbar.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163297997171
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX28.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toontown.com/sv1.0.15.28/ttinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{74D6C29B-4F14-4C38-8D63-C422C69A0360}: NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{74D6C29B-4F14-4C38-8D63-C422C69A0360}: NameServer = 202.188.0.133,202.188.1.5
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

We have noticed that although some of the errors have been while the game was being played, a lot of the time the blue screeens are after rebooting.

Regards,

#6 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:17 PM

Posted 25 February 2007 - 02:12 PM

Hi damselindistress,

After you get the Blue Screen of Death (BSOD), what is the complete error message?
Does the error specify the parameters like this:

BugCheck 1000008E, c0000005, bfa37193, f7a3eb78, 0 Probably caused by : ialmdd5.DLL ( ialmdd5+12193 )




I dont think this is a malware problem, as your Hijackthis log is clean. It is probably a driver or hardware problem.

Lets start with an easy way to find out your programs are out-of-date without running the updaters.

This free online service that will check a range of different software for vulnerabilities. It's quick and simple to use too.
http://secunia.com/software_inspector/


Update any items it finds out of date and let me know if anything improves.

Edited by SifuMike, 25 February 2007 - 02:33 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 damselindistress

damselindistress
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 26 February 2007 - 12:19 PM

thanks. When running secunia we needed to update macromedia flash player, real player, mozilla, and acrobat. Interestingly when we were running AVG just now (right before reading your post) it caught trojan.conhook.b and trojan.agent.dj, and right after catching them went to blue screen. tomorrow i'll run it again to see if we get the same error screen and write the message down, and will run some games to see if the problem appears.

#8 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:17 PM

Posted 26 February 2007 - 01:44 PM

we were running AVG just now (right before reading your post) it caught trojan.conhook.b and trojan.agent.dj, and right after catching them went to blue screen.


Please post the AVG antispyware log so I can see what it found. :thumbsup:

Edited by SifuMike, 26 February 2007 - 01:45 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 damselindistress

damselindistress
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 27 February 2007 - 10:29 AM

HI,

I bumped into this error log when doing the Dell diagnostic tests. Doesn't mean much to me, but perhaps it might tell you something? Below that I put the AVG report for both yesterday and today.


Advanced System Information - Error Log

Please wait while information is being collected...




100% (collecting Error Log information)

Refresh screen


Error Log
Date - Time Source Description
Monday, January 08, 2007 Dhcp Your computer has lost the lease to its IP address 192.168.0.141 on the Network Card with network address 000F1F54086A.
Tuesday, January 09, 2007 System Error Error code 10000050, parameter1 efca0e20, parameter2 00000000, parameter3 804d9a69, parameter4 00000000.
Tuesday, January 09, 2007 System Error Error code 000000ea, parameter1 82857a38, parameter2 82b9a800, parameter3 82bf2898, parameter4 00000001.
Tuesday, January 09, 2007 System Error Error code 100000ea, parameter1 82bd6da8, parameter2 82bbcec0, parameter3 f8af3cb4, parameter4 00000001.
Tuesday, January 09, 2007 System Error Error code 100000ea, parameter1 82bd5da8, parameter2 82cfe1e0, parameter3 f8ae7cb4, parameter4 00000001.
Tuesday, January 09, 2007 System Error Error code 10000050, parameter1 efca0e20, parameter2 00000000, parameter3 804d9a69, parameter4 00000000.
Tuesday, January 09, 2007 System Error Error code 000000ea, parameter1 82857a38, parameter2 82b9a800, parameter3 82bf2898, parameter4 00000001.
Tuesday, January 09, 2007 System Error Error code 100000ea, parameter1 82bd6da8, parameter2 82bbcec0, parameter3 f8af3cb4, parameter4 00000001.
Tuesday, January 09, 2007 System Error Error code 100000ea, parameter1 82bd5da8, parameter2 82cfe1e0, parameter3 f8ae7cb4, parameter4 00000001.
Friday, January 12, 2007 System Error Error code 1000008e, parameter1 c0000005, parameter2 8058b444, parameter3 ef5e3910, parameter4 00000000.
Friday, January 12, 2007 System Error Error code 100000ea, parameter1 827fdda8, parameter2 82d45b08, parameter3 f8aebcb4, parameter4 00000001.
Monday, January 15, 2007 System Error Error code 100000ea, parameter1 827fdda8, parameter2 82a5f580, parameter3 f8ae7cb4, parameter4 00000001.
Tuesday, January 16, 2007 Dhcp Your computer has lost the lease to its IP address 192.168.0.141 on the Network Card with network address 000F1F54086A.
Tuesday, January 16, 2007 System Error Error code 100000ea, parameter1 82a45a80, parameter2 82ba1ec0, parameter3 f8af7cb4, parameter4 00000001.
Sunday, January 21, 2007 System Error Error code 100000ea, parameter1 82971b30, parameter2 82bd38a8, parameter3 f8aefcb4, parameter4 00000001.
Sunday, January 21, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Sunday, January 21, 2007 System Error Error code 000000ea, parameter1 82843020, parameter2 828be9f0, parameter3 82af2c40, parameter4 00000001.
Sunday, January 21, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Tuesday, January 23, 2007 System Error Error code 000000ea, parameter1 82aaa980, parameter2 82e57ed0, parameter3 82c3b938, parameter4 00000001.
Wednesday, January 31, 2007 System Error Error code 100000c5, parameter1 00000000, parameter2 00000002, parameter3 00000001, parameter4 8054b207.
Wednesday, January 31, 2007 System Error Error code 10000050, parameter1 e001608c, parameter2 00000001, parameter3 f000be45, parameter4 00000000.
Wednesday, January 31, 2007 System Error Error code 1000000a, parameter1 00000054, parameter2 00000002, parameter3 00000001, parameter4 804dbc8e.
Thursday, February 01, 2007 System Error Error code 1000008e, parameter1 c0000005, parameter2 bf804996, parameter3 ee8a2b74, parameter4 00000000.
Thursday, February 01, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Friday, February 02, 2007 System Error Error code 000000ea, parameter1 82982da8, parameter2 8279ef60, parameter3 8283d930, parameter4 00000001.
Saturday, February 03, 2007 System Error Error code 1000000a, parameter1 00000054, parameter2 00000002, parameter3 00000001, parameter4 804dbc8e.
Saturday, February 03, 2007 System Error Error code 100000ea, parameter1 82beb518, parameter2 82cb7d00, parameter3 f8aebcb4, parameter4 00000001.
Sunday, February 04, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Sunday, February 04, 2007 System Error Error code 10000050, parameter1 ef8aae20, parameter2 00000000, parameter3 804d9a69, parameter4 00000000.
Sunday, February 04, 2007 System Error Error code 10000050, parameter1 ef885e20, parameter2 00000000, parameter3 804d9a69, parameter4 00000003.
Sunday, February 04, 2007 System Error Error code 000000ea, parameter1 828d8c08, parameter2 82b90f60, parameter3 82bca9d8, parameter4 00000001.
Sunday, February 04, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Monday, February 05, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Tuesday, February 06, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Tuesday, February 06, 2007 System Error Error code 000000ea, parameter1 82745020, parameter2 82acab60, parameter3 82b0d340, parameter4 00000001.
Tuesday, February 06, 2007 System Error Error code 000000ea, parameter1 82b16308, parameter2 82ae1280, parameter3 82b838c8, parameter4 00000001.
Tuesday, February 06, 2007 System Error Error code 100000ea, parameter1 82e58bc8, parameter2 82b76008, parameter3 f8aefcb4, parameter4 00000001.
Thursday, February 08, 2007 System Error Error code 1000008e, parameter1 c0000005, parameter2 00000000, parameter3 eed4cf3c, parameter4 00000000.
Saturday, February 10, 2007 System Error Error code 1000000a, parameter1 00000004, parameter2 00000002, parameter3 00000000, parameter4 804e6617.
Saturday, February 10, 2007 System Error Error code 1000008e, parameter1 c0000005, parameter2 bf801699, parameter3 eef1d9d4, parameter4 00000000.
Tuesday, December 02, 2003 Windows Update Agent Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 59 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 119 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.
Wednesday, December 03, 2003 W32Time Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
Wednesday, December 03, 2003 W32Time The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time.
Thursday, December 04, 2003 W32Time The time service has detected that the system time needs to be changed by +100861692 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.0.141:123-> 207.46.130.100:123) is working properly.
Thursday, December 04, 2003 W32Time The time service has detected that the system time needs to be changed by +100861692 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.0.141:123-> 207.46.130.100:123) is working properly.
Thursday, December 04, 2003 System Error Error code 1000000a, parameter1 79737355, parameter2 00000002, parameter3 00000001, parameter4 804e6882.
Thursday, December 04, 2003 System Error Error code 100000ea, parameter1 82a75248, parameter2 82ebccb8, parameter3 f8aefcb4, parameter4 00000001.
Thursday, December 04, 2003 System Error Error code 10000050, parameter1 efb44e20, parameter2 00000000, parameter3 804d9a69, parameter4 00000000.
Thursday, December 04, 2003 System Error Error code 000000ea, parameter1 82c1e628, parameter2 82bbf960, parameter3 82bee3e0, parameter4 00000001.
Thursday, December 04, 2003 System Error Error code 1000008e, parameter1 c0000005, parameter2 00dff447, parameter3 ef8af608, parameter4 00000000.
Monday, February 13, 2006 Dhcp Your computer has lost the lease to its IP address 192.168.0.141 on the Network Card with network address 000F1F54086A.
Monday, February 13, 2006 W32Time The time service has detected that the system time needs to be changed by +31568893 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.0.141:123-> 207.46.130.100:123) is working properly.
Monday, February 13, 2006 Windows Update Agent Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
Tuesday, February 13, 2007 Dhcp Your computer has lost the lease to its IP address 192.168.0.141 on the Network Card with network address 000F1F54086A.
Tuesday, February 13, 2007 Dhcp Your computer has lost the lease to its IP address 192.168.0.141 on the Network Card with network address 000F1F54086A.
Tuesday, February 13, 2007 Windows Update Agent Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
Sunday, February 18, 2007 System Error Error code 1000008e, parameter1 c000001d, parameter2 804e3b7c, parameter3 efb7b980, parameter4 00000000.
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Monday, February 19, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Monday, February 19, 2007 System Error Error code 1000008e, parameter1 c0000005, parameter2 80562dca, parameter3 ee07aa70, parameter4 00000000.
Monday, February 19, 2007 System Error Error code 1000000a, parameter1 00000004, parameter2 00000002, parameter3 00000001, parameter4 804dc353.
Tuesday, February 20, 2007 System Error Error code 00000019, parameter1 00000020, parameter2 e180f800, parameter3 e180f860, parameter4 0c0c0401.
Tuesday, February 20, 2007 System Error Error code 00000019, parameter1 00000020, parameter2 e180f800, parameter3 e180f860, parameter4 0c0c0401.
Tuesday, February 20, 2007 System Error Error code 1000000a, parameter1 000a005c, parameter2 00000002, parameter3 00000001, parameter4 804dbc8e.
Thursday, February 22, 2007 System Error Error code 1000000a, parameter1 000a005c, parameter2 00000002, parameter3 00000001, parameter4 804dbc8e.
Thursday, February 22, 2007 System Error Error code 0000004e, parameter1 00000007, parameter2 0001ef5c, parameter3 0001edaa, parameter4 00000000.
Thursday, February 22, 2007 System Error Error code 00000024, parameter1 001902fe, parameter2 ef176990, parameter3 ef17668c, parameter4 f854f5bf.
Thursday, February 22, 2007 System Error Error code 1000007e, parameter1 c000001d, parameter2 804dc142, parameter3 f8b2bcac, parameter4 f8b2b9a8.
Thursday, February 22, 2007 System Error Error code 100000ea, parameter1 ff26ada8, parameter2 82d1ae20, parameter3 f8aebcb4, parameter4 00000001.
Friday, February 23, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Friday, February 23, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Friday, February 23, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Saturday, February 24, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Saturday, February 24, 2007 System Error Error code 0000004e, parameter1 0000008f, parameter2 0001cb7e, parameter3 0001cb6e, parameter4 00000000.
Sunday, February 25, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Monday, February 26, 2007 System Error Error code 000000ea, parameter1 f9e4fc78, parameter2 82ca69d0, parameter3 82cdd448, parameter4 00000001.
Monday, February 26, 2007 sr The System Restore filter encountered the unexpected error '0xC0000043' while processing the file 'EraserUtilDrv10710.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
Monday, February 26, 2007 ialm The driver ialmrnt5 for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
Monday, February 26, 2007 System Error Error code 1000007e, parameter1 c0000005, parameter2 804e844f, parameter3 f8aeba68, parameter4 f8aeb764.
Tuesday, February 27, 2007 System Error Error code 000000ea, parameter1 ff0a0da8, parameter2 82c42820, parameter3 82cb90e8, parameter4 00000001.
Tuesday, February 27, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Tuesday, February 27, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Tuesday, February 27, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Tuesday, February 27, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Tuesday, February 27, 2007 DCOM DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B 1D0-00805FC1270E}
Tuesday, February 27, 2007 DCOM DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B 726-00C04FB926AF}
Tuesday, February 27, 2007 System Error Error code 000000ea, parameter1 ff0a0da8, parameter2 82c42820, parameter3 82cb90e8, parameter4 00000001.
Tuesday, February 27, 2007 System Error Error code 1000000a, parameter1 d5b80004, parameter2 00000002, parameter3 00000001, parameter4 804ec6ec.
Friday, December 16, 2005 Applicatio n Error Faulting application toontown.exe, version 1.0.14.0, faulting module libpanda.dll, version 0.0.0.1, fault address 0x000acfdb.
Friday, December 16, 2005 Applicatio n Error Fault bucket 243944809.
Saturday, December 17, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Sunday, December 18, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Sunday, December 18, 2005 Applicatio n Error Fault bucket 202143801.
Sunday, December 18, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Wednesday, December 21, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Wednesday, December 21, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Wednesday, December 21, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Wednesday, December 21, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Wednesday, December 21, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Wednesday, December 21, 2005 Applicatio n Hang Fault bucket 126637809.
Thursday, December 22, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, December 22, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, December 22, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, December 22, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, December 22, 2005 Applicatio n Hang Fault bucket 126637809.
Thursday, December 22, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, December 22, 2005 Applicatio n Hang Fault bucket 126637809.
Thursday, December 22, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Thursday, December 22, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Thursday, December 22, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Thursday, December 22, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Thursday, December 22, 2005 Applicatio n Error Fault bucket 202143801.
Thursday, December 22, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001e4be.
Sunday, December 25, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001a868.
Sunday, December 25, 2005 Applicatio n Error Fault bucket 202150325.
Sunday, December 25, 2005 Applicatio n Error Faulting application bleep.exe, version 1.0.0.0, faulting module bleep.exe, version 1.0.0.0, fault address 0x00178223.
Sunday, December 25, 2005 Applicatio n Error Faulting application bleep.exe, version 1.0.0.0, faulting module bleep.exe, version 1.0.0.0, fault address 0x00178223.
Monday, December 26, 2005 Applicatio n Error Faulting application bleep.exe, version 1.0.0.0, faulting module bleep.exe, version 1.0.0.0, fault address 0x00178223.
Monday, December 26, 2005 MsiInstall er Product: assistant 4.0 -- You must have .NET Framework version 1.1 before you can install this product.
Tuesday, December 27, 2005 Applicatio n Error Faulting application bleep.exe, version 1.0.0.0, faulting module bleep.exe, version 1.0.0.0, fault address 0x00178223.
Thursday, December 29, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, December 29, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, December 30, 2005 Applicatio n Hang Hanging application Geneforge 2.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, December 30, 2005 Applicatio n Hang Fault bucket 67923599.
Friday, December 30, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, December 30, 2005 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, December 30, 2005 Applicatio n Hang Fault bucket 126637809.
Friday, December 30, 2005 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001a868.
Saturday, January 07, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module flash8.ocx, version 8.0.22.0, fault address 0x00054b28.
Saturday, January 07, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001a868.
Saturday, January 07, 2006 Applicatio n Error Fault bucket 202150325.
Tuesday, January 10, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, January 12, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, January 12, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, January 12, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, January 12, 2006 Applicatio n Hang Fault bucket 126637809.
Thursday, January 19, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, January 19, 2006 Applicatio n Hang Fault bucket 126637809.
Friday, January 20, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, January 20, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, January 20, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, January 20, 2006 Applicatio n Hang Fault bucket 126637809.
Friday, January 20, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, January 21, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Monday, January 23, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module starware.dll, version 3.1.3.19979, fault address 0x0001a868.
Thursday, January 26, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, January 28, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, January 28, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, February 02, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, February 02, 2006 Applicatio n Hang Fault bucket 126637809.
Saturday, February 04, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, February 10, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, February 18, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x000106c3.
Wednesday, March 15, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x000106c3.
Wednesday, March 15, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, March 16, 2006 Applicatio n Hang Hanging application RNArcade.exe, version 1.2.0.1256, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, March 25, 2006 Applicatio n Error Faulting application securitysuite.exe, version 3.5.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00018fea.
Saturday, March 25, 2006 Applicatio n Error Fault bucket 206007693.
Saturday, April 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Saturday, April 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Saturday, April 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Saturday, April 01, 2006 Applicatio n Error Fault bucket 263322443.
Saturday, April 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Saturday, April 01, 2006 Applicatio n Error Fault bucket 263322443.
Saturday, April 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Thursday, April 06, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Sunday, April 16, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Saturday, April 22, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Monday, April 24, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Sunday, May 07, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, May 07, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, May 07, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module flash8a.ocx, version 8.0.24.0, fault address 0x00073a5f.
Sunday, May 07, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, May 07, 2006 Applicatio n Hang Fault bucket 126637809.
Tuesday, May 09, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Tuesday, May 09, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, May 13, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Saturday, May 13, 2006 Applicatio n Error Fault bucket 264724352.
Saturday, May 20, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x000106c3.
Tuesday, May 23, 2006 Applicatio n Error Faulting application toontown.exe, version 1.0.14.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Tuesday, May 23, 2006 Applicatio n Error Fault bucket 32946798.
Thursday, May 25, 2006 Applicatio n Error Faulting application firefox.exe, version 1.0.2.0, faulting module firefox.exe, version 1.0.2.0, fault address 0x0027fb0f.
Monday, June 05, 2006 Applicatio n Error Faulting application toontown.exe, version 1.0.14.0, faulting module libpanda.dll, version 0.0.0.1, fault address 0x000c827b.
Wednesday, June 07, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Thursday, June 08, 2006 Applicatio n Hang Hanging application RNArcade.exe, version 1.2.0.1256, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, June 08, 2006 EventSyste m The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070005 from line 44 of d:\qxp_slp\com\com1x\src\event s\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Thursday, June 08, 2006 EventSyste m The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070005 from line 44 of d:\qxp_slp\com\com1x\src\event s\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Sunday, June 18, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module flash8a.ocx, version 8.0.24.0, fault address 0x0001c37a.
Sunday, June 18, 2006 Applicatio n Error Fault bucket 275186216.
Sunday, June 18, 2006 Applicatio n Error Faulting application toontown.exe, version 1.0.14.0, faulting module libpanda.dll, version 0.0.0.1, fault address 0x000c827b.
Wednesday, June 21, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Saturday, June 24, 2006 Applicatio n Error Faulting application toontown.exe, version 1.0.14.0, faulting module mss32.dll, version 7.0.8.0, fault address 0x00040877.
Tuesday, June 27, 2006 Applicatio n Error Faulting application firefox.exe, version 1.0.2.0, faulting module npswf32.dll, version 8.0.24.0, fault address 0x0000490e.
Tuesday, June 27, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, July 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Friday, August 04, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Saturday, August 19, 2006 Applicatio n Error Faulting application avernum 4.exe, version 0.0.0.0, faulting module avernum 4.exe, version 0.0.0.0, fault address 0x00009eb9.
Saturday, August 19, 2006 Applicatio n Error Faulting application subterra.exe, version 2.3.0.0, faulting module , version 0.0.0.0, fault address 0x00000000.
Thursday, August 24, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Thursday, August 24, 2006 Applicatio n Error Faulting application subterra.exe, version 2.3.0.0, faulting module unknown, version 0.0.0.0, fault address 0x6c9ae4b5.
Thursday, August 24, 2006 Applicatio n Hang Hanging application RNArcade.exe, version 1.2.0.1256, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Tuesday, August 29, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Thursday, September 07, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Saturday, September 16, 2006 Applicatio n Error Faulting application jokes[1].exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Sunday, September 17, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Sunday, September 17, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x000106ce.
Tuesday, September 19, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x000623f7.
Wednesday, September 20, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Saturday, September 23, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module urlmon.dll, version 6.0.2900.2960, fault address 0x0003a1be.
Thursday, September 28, 2006 Applicatio n Error Faulting application firefox.exe, version 1.0.2.0, faulting module xpcom.dll, version 1.7.20050.31717, fault address 0x0000f2b3.
Sunday, October 01, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0003426f.
Thursday, October 05, 2006 Applicatio n Error Faulting application launch.exe, version 2.0.0.2, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00001010.
Friday, October 06, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000adee.
Saturday, October 07, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0002ae22.
Tuesday, October 10, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Tuesday, October 10, 2006 Applicatio n Error Faulting application familyfeudop.exe, version 0.0.0.0, faulting module framework.dll, version 0.0.0.0, fault address 0x00026df4.
Saturday, October 14, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module mshtmled.dll, version 6.0.2900.2937, fault address 0x00030ca8.
Friday, October 20, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000adee.
Friday, October 20, 2006 Applicatio n Hang Hanging application javaw.exe, version 5.0.20.9, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, October 21, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Monday, October 23, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Tuesday, October 24, 2006 Applicatio n Hang Hanging application game.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, October 26, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module flash8a.ocx, version 8.0.24.0, fault address 0x00054afd.
Friday, November 03, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x000457f4.
Sunday, November 05, 2006 Applicatio n Error Faulting application iexplore.exe, version 6.0.2900.2180, faulting module urlmon.dll, version 6.0.2900.2960, fault address 0x0003a1be.
Wednesday, November 08, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x0002ae22.
Thursday, November 09, 2006 Applicatio n Error Faulting application DRWTSN32.EXE, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.2180, fault address 0x0001295d.
Thursday, November 09, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Thursday, November 09, 2006 Applicatio n Hang Hanging application iexplore.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Wednesday, November 15, 2006 Applicatio n Hang Hanging application iexplore.exe, version 7.0.5730.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, November 18, 2006 Applicatio n Error Faulting application geneforge 2.exe, version 0.0.0.0, faulting module geneforge 2.exe, version 0.0.0.0, fault address 0x0002889a.
Monday, November 20, 2006 Applicatio n Error Faulting application geneforge 2.exe, version 0.0.0.0, faulting module geneforge 2.exe, version 0.0.0.0, fault address 0x0002889a.
Friday, November 24, 2006 Applicatio n Hang Hanging application iexplore.exe, version 7.0.5730.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, December 03, 2006 Applicatio n Hang Hanging application Blades of Avernum.exe, version 1.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Friday, December 08, 2006 Applicatio n Hang Hanging application FamilyFeudOP.exe, version 0.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, December 30, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Saturday, December 30, 2006 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000adee.
Saturday, December 30, 2006 Applicatio n Hang Hanging application spywareblaster.exe, version 3.5.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, December 31, 2006 Applicatio n Hang Hanging application iexplore.exe, version 7.0.5730.11, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Monday, January 01, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x00045763.
Monday, January 01, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Tuesday, January 02, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Tuesday, January 02, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module kernel32.dll, version 5.1.2600.2945, fault address 0x00009783.
Tuesday, January 02, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Tuesday, January 09, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Tuesday, January 09, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0001fe01.
Saturday, January 13, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011e5a.
Sunday, January 14, 2007 Applicatio n Error Faulting application game.exe, version 0.0.0.0, faulting module game.exe, version 0.0.0.0, fault address 0x000713c8.
Thursday, January 18, 2007 Applicatio n Error Faulting application iexplore.exe, version 7.0.5730.11, faulting module flash9b.ocx, version 9.0.28.0, fault address 0x00099589.
Sunday, February 04, 2007 Applicatio n Error Faulting application safeeyes.exe, version 4.1.0.0, faulting module safeeyes.exe, version 4.1.0.0, fault address 0x0000a976.
Thursday, February 08, 2007 Applicatio n Error Faulting application ashMaiSv.exe, version 4.7.889.0, faulting module mswsock.dll, version 5.1.2600.2180, fault address 0x00005fa6.
Friday, February 09, 2007 Applicatio n Error Faulting application iexplore.exe, version 7.0.5730.11, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011404.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Trackware.MegaSearch in File: c:\program files\bfgtoolbar\bfgtoolbar.dl l by: Manual scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Trackware.MegaSearch in File: c:\program files\bfgtoolbar\bfgtoolbar.dl l by: Manual scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: Trackware.MegaSearch in File: c:\program files\bfgtoolbar\bfgtoolbar.dl l by: Manual scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Applicatio n Error Faulting application is-d6l0t.tmp, version 51.41.0.0, faulting module isxdl.dll, version 5.1.0.0, fault address 0x00009504.
Sunday, February 18, 2007 Applicatio n Error Fault bucket 382707622.
Sunday, February 18, 2007 Applicatio n Error Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Sunday, February 18, 2007 Applicatio n Error Fault bucket 00000008.
Sunday, February 18, 2007 Applicatio n Hang Hanging application is-D6L0T.tmp, version 51.41.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, February 18, 2007 Applicatio n Hang Fault bucket 382707896.
Sunday, February 18, 2007 Applicatio n Error Faulting application iexplore.exe, version 7.0.6000.16414, faulting module ntdll.dll, version 5.1.2600.2180, fault address 0x00011ec3.
Sunday, February 18, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: Trackware.MegaSearch in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P513\A0256534.dll by: Auto-Protect scan. Action: Pending Side Effects Analysis. Action Description:
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Trackware.MegaSearch in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P513\A0256534.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: (null) in File: c:\system volume information\_restore{cca15f78- 7193-4ca6-8115-2b570dd6546c}\R P513\A0256534.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Trackware.MegaSearch in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P513\A0256534.dll by: Auto-Protect scan. Action: Terminate Process Required. Action Description:
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: Adware.Starware in File: C:\Program Files\Starware347\bin\Starware 347.dll by: Auto-Protect scan. Action: Pending Side Effects Analysis. Action Description:
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\Program Files\Starware347\bin\Starware 347.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: (null) in File: c:\program files\starware347\bin\starware 347.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\Program Files\Starware347\bin\Starware 347.dll by: Auto-Protect scan. Action: Terminate Process Required. Action Description:
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: Dialer.Adultchat in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P505\A0225512.dll by: Auto-Protect scan. Action: Pending Side Effects Analysis. Action Description:
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Dialer.Adultchat in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P505\A0225512.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Dialer.Adultchat in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P505\A0225512.dll by: Auto-Protect scan. Action: Terminate Process Required. Action Description:
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Dialer.Adultchat in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P505\A0225512.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Dialer.Adultchat in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P505\A0225512.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\Program Files\Starware347\bin\Starware 347.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: Adware.Starware in File: c:\program files\starware347\bin\starware 347.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\Program Files\Starware347\bin\Starware 347.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Trackware.MegaSearch in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P513\A0256534.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Sunday, February 18, 2007 Symantec AntiVirus Threat Found!Threat: Trackware.MegaSearch in File: c:\system volume information\_restore{cca15f78- 7193-4ca6-8115-2b570dd6546c}\R P513\A0256534.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Symantec AntiVirus Security Risk Found!Threat: Trackware.MegaSearch in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P513\A0256534.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Sunday, February 18, 2007 Applicatio n Error Faulting application geneforge 4 - rebellion.exe, version 0.0.0.0, faulting module geneforge 4 - rebellion.exe, version 0.0.0.0, fault address 0x0002b469.
Sunday, February 18, 2007 Applicatio n Error Faulting application geneforge 4 - rebellion.exe, version 0.0.0.0, faulting module geneforge 4 - rebellion.exe, version 0.0.0.0, fault address 0x0002b469.
Sunday, February 18, 2007 Applicatio n Error Faulting application geneforge 4 - rebellion.exe, version 0.0.0.0, faulting module geneforge 4 - rebellion.exe, version 0.0.0.0, fault address 0x0002b469.
Sunday, February 18, 2007 Applicatio n Error Faulting application geneforge 4 - rebellion.exe, version 0.0.0.0, faulting module geneforge 4 - rebellion.exe, version 0.0.0.0, fault address 0x0002b469.
Monday, February 19, 2007 Symantec AntiVirus Threat Found!Threat: Adware.Starware in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P515\A0256544.dll by: Auto-Protect scan. Action: Pending Side Effects Analysis. Action Description:
Monday, February 19, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P515\A0256544.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Monday, February 19, 2007 Symantec AntiVirus Threat Found!Threat: (null) in File: c:\system volume information\_restore{cca15f78- 7193-4ca6-8115-2b570dd6546c}\R P515\A0256544.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Monday, February 19, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P515\A0256544.dll by: Auto-Protect scan. Action: Terminate Process Required. Action Description:
Monday, February 19, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P515\A0256544.dll by: Auto-Protect scan. Action: Leave Alone succeeded. Action Description: The file was left unchanged.
Monday, February 19, 2007 Symantec AntiVirus Threat Found!Threat: Adware.Starware in File: c:\system volume information\_restore{cca15f78- 7193-4ca6-8115-2b570dd6546c}\R P515\A0256544.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Monday, February 19, 2007 Symantec AntiVirus Security Risk Found!Threat: Adware.Starware in File: C:\System Volume Information\_restore{CCA15F78- 7193-4CA6-8115-2B570DD6546C}\R P515\A0256544.dll by: Auto-Protect scan. Action: Quarantine succeeded. Action Description: The file was quarantined successfully.
Thursday, February 22, 2007 Applicatio n Error Faulting application Rtvscan.exe, version 10.0.0.359, faulting module CCERASER.DLL, version 107.1.0.69, fault address 0x000ad1fb.
Saturday, February 24, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, February 24, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, February 24, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, February 24, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, February 24, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Saturday, February 24, 2007 Applicatio n Hang Hanging application iexplore.exe, version 7.0.6000.16414, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Monday, February 26, 2007 Applicatio n Error Faulting application lsass.exe, version 5.1.2600.2180, faulting module kernel32.dll, version 5.1.2600.2945, fault address 0x00002558.
Monday, February 26, 2007 Winlogon A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code c0000005. The machine must now be restarted.
Monday, February 26, 2007 Applicatio n Error Faulting application lsass.exe, version 5.1.2600.2180, faulting module kernel32.dll, version 5.1.2600.2945, fault address 0x00002558.
Monday, February 26, 2007 Applicatio n Error Fault bucket 319599960.
Tuesday, February 27, 2007 Applicatio n Error Faulting application setup.exe, version 6.0.12.1741, faulting module rnms3270.dll, version 7.0.1.3584, fault address 0x000353f2.
Tuesday, February 27, 2007 Applicatio n Error Fault bucket 337077046.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:27:15 PM 2/26/2007

+ Scan result:



C:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP520\A0274634.ini -> Adware.Sahat : Cleaned with backup (quarantined).
C:\Documents and Settings\Yusuf\Cookies\yusuf@redir.adengage[1].txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@ad.yield

#10 damselindistress

damselindistress
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 27 February 2007 - 10:36 AM

the post seemed to get truncated. Here are the AVG reports again:

AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:27:09 PM 2/27/2007

+ Scan result:



Nothing found.


::Report end

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:27:15 PM 2/26/2007

+ Scan result:



C:\System Volume Information\_restore{CCA15F78-7193-4CA6-8115-2B570DD6546C}\RP520\A0274634.ini -> Adware.Sahat : Cleaned with backup (quarantined).
C:\Documents and Settings\Yusuf\Cookies\yusuf@redir.adengage[1].txt -> TrackingCookie.Adengage : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Yusuf\Cookies\yusuf@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.37:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.39:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.40:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.41:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.42:C:\Documents and Settings\Yusuf\Application Data\Mozilla\Firefox\Profiles\so30nyvd.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
HKU\S-1-5-21-1293181223-229118169-3377049838-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8B55274-0F9A-41E5-9067-A3539BD9E860} -> Trojan.Agent.dj : Cleaned with backup (quarantined).
HKU\S-1-5-21-1293181223-229118169-3377049838-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C044AAD-7955-4CBD-8175-501A165C4E5D} -> Trojan.Conhook.b : Cleaned with backup (quarantined).


::Report end


Thanks for your effort, you have amazing patience!

#11 damselindistress

damselindistress
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 02 March 2007 - 09:30 PM

Any ideas on the error files? Would reformatting the hard drive definitely do the trick?

#12 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:17 PM

Posted 02 March 2007 - 10:27 PM

Hi damselindistress,

Any ideas on the error files? Would reformatting the hard drive definitely do the trick?

No, I have not idea on the error files.
Let's hold off on the reformatting for now.


AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:27:15 PM 2/26/2007


That report is 5 days old. :thumbsup:

Please update it, then boot to Safe Mode and run AVG Anti-spyware again and post the log.

How to Reboot into Safe Mode
tap F8 key during reboot, until the boot menu appears...use the arrow keys to choose "Safe Mode" from the menu......,then press the "Enter" key. If that does not work this go to this site: http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/



Let's run Microsoft's System File Checker program.

The utility will check the system files and automatically replace any that it finds necessary.

Scannow Tutorial
http://www.updatexp.com/scannow-sfc.html

You may need the Windows Install CD, so have it ready.
Go to Start, then Run,  type sfc /scannow in the run box and press enter.

When it has finished it will close itself.

Note: There is a space between sfc and the forward slash. Windows may ask you for your Windows Install CD so put it in...don't worry if the XP setup screen appears, this is not a part of sfc /scannow, your autorun utility in Windows is starting it. Simply
minimize the screen and allow sfc to continue.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#13 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:02:17 PM

Posted 10 March 2007 - 07:20 PM

Due to inactivity, this thread will now be closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users