Iexplore Application Error Hjt Log

When I try to go to certain websites
ie.. hollywood.com for example the
website dies and it goes back to desktop
Other website crash when to click onto a
certain section of the website
Here my HIJACKTHIS LOg
Logfile of HijackThis v1.98.2
Scan saved at 8:01:12 PM, on 12/9/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Bernie Macko\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.netscape.net/
N3 - Netscape 7: user_pref( "browser.startup.homepage ", "http://home.netscape.com/ "); (C:\Documents and Settings\Bernie Macko\Application Data\Mozilla\Profiles\default\lw4kcrmw.slt\prefs.js)
N3 - Netscape 7: user_pref( "browser.search.defaultengine ", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src "); (C:\Documents and Settings\Bernie Macko\Application Data\Mozilla\Profiles\default\lw4kcrmw.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe "
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe "
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/035e7ac61113208ae601/netzip/RdxIE601.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/oas/ActiveX/FileXfer.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.freedom.net/viruscenter/onlineviruscheck/cabs/cssweb.cab
O16 - DPF: {D670D0B3-05AB-4115-9F87-D983EF1AC747} (AOL Downloader Plugin) - http://pak01.pictures.aol.com/ygp/aol/plugin/download/YGPPicDownload.en-US.9.1.6.18.cab

 

Hi again bmacko. I moved this thread from IE/OE to security since it is probably a spyware issue. It will get more attention here and we try to keep all threads containing a hijackthis log in security.

You have HJT loaded in a folder under your desktop. That's fine for doing a scan to get this log but it will not be fine if anything needs fixing. The program really needs to be in a folder that isn't part of the desktop so maybe c:\hjt or something.

My first impression is that you have a very (surprisingly) clean system with only some legit but sludgy stuff running at startup that you'd be better off without. No baddies leap out at me. Still, better to give some time for some of the security experts to take a look.

 

IEXPLORE Application Error

Thanks for your suggestions and
help Newt.........
I really don't undestand what you
said about HJT...
When I load from the supplier and it
prompts me where to load it to
where exacly should I put it ?????
Say I to Loews Speedway for me

 

IEXPLORE Application Error

While running Ad-Aware
My AVG Virus Software discovered a Trojan
Virus... The file location was as follows
C:\Documents and Setting\Bernie Macko\Local Settings\
\Temp\temp.fr2c5e\tsl.exe
the AVG Software would not let me HEAL or DELETE
the files.........
What should I do next

 

Step #1 - create a new folder. I made one on my PC called c:\antispyware but I use a variety of things including HJT. You might prefer c:\hijackthis or c:\hjt.

When you download the program and it asks for a location, use that one.

As to AVG lighting up when you ran the Ad-aware scan - I've had the same thing happen to me and AVG also was unable to delete or quarantine (place in the virus vault) the infected files. Since they are in a temp folder you can safely get rid of them but first you need to be able to see them.

In Windows Explorer click on tools => folder options => view and set to see hidden files and system files. You will be warned about the system files piece but it's fine so say OK.

Then from windows explorer, go to the
C:\Documents and Setting\Bernie Macko\Local Settings\
\Temp folder, click on edit => select all and press the delete key. Hopefully all that stuff including the infected files will go away. If not you may need to boot to safe mode and try again since the files will be free to remove at that point.

I'll wave at the race track tomorrow since the wife & I will pass it on the way to have lunch near the BassPro shop.

 

IEXPLORE Application Error

You mention above "Windows Explorer" do you mean
Internet Explorer" click on tools ?
I don't see "folder options "

Then you mention going to Windows Explorer and keying in
c:\Documents..... etc Where do I key that
I'm sorry to be so PC Stupid

Thanks for waving at the track for me

 

Open My Computer and click tools>folder options on the toolbar. Click the view tab, then check the box to show hidden files and uncheck the boxes to hide known file extensions and protected operating system files. Click apply and OK. Navigate to C:\Documents and Settings\Bernie Macko\Local Settings\Temp. Click edit on the toolbar, then select all. Click edit again and delete. Some of the files you will undoubtedly be unable to delete. Delete as many more individually as you can. (if you do this in safe mode instead, you will most likely be able to delete all without the use of Move-on-Boot) For any leftovers, you can download and install Move-on-Boot. Once installed, you can right click a file and select Delete file on next boot, click OK, close all windows and reboot.

 

Did it twice. Passed the Lowe's Motor Speedway on the way to Razoos for lunch (great Cajun place BTW) and waved. Had some outstanding blackened fish with hot, dirty rice and a libation. Waved again on the way home.

Hopefully Dave's instructions helped you out. I was talking about opening windows explorer but I think his way is simpler.

In case you haven't noticed, there are usually 2, 3, 4 ways to do any particular chore in XP and we all have the ways we are accustomed to and tend to recommend.

You are maybe PC Inexperienced but no kind of stupid. You won't even be nearly as inexperienced by the time this mess is all cleared up.

 

IEXPLORE Application Error

Can you tell me about
Un-installing & re-installing
INTERNET EXPLORER
Is it impossible ????

 

With XP, it is not possible without completely destroying the operating system to the point you'd need a clean install of XP.

 

Outlook Express and its folders...saving to cd

Newts...
I would like save to CD the Outlook EXpress'
Drafts folder aand the Address Book

 

OE folders end in .dbx and the name should tell you what folder is in which .dbx file. Don't try to just open the files though. They hate that.

Address book should be a .wab file.

Burn any of the above to CD and you have your backups.

 

IE Error

Thanks for all your help NEWT
But I solved this problem by clearing
my disk and re-installing Windows XP
After two months of help from everybody
including you guys, Microsoft and Aumha
That was the only thing that worked
Thabks alot
Bernie Macko