Hijackthis Log.

Would appreciate a look at this log please...Adaware, Spybot S&D run an cleared OK...Problem I'am having is with my Browser Addy bar...whatever addy I type in I get a M$ Error Message about having to close and would I like to send a report to M$ Yes or No...either one just restarts my Browser??
Thanks for any help...
Cochise, 97.7
Scan saved at 12:58:42 PM, on 25/05/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE
C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\OUTPOST.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\HKCMD.EXE
C:\PROGRAM FILES\TRUST\305KS WIRELESS OPTICAL DESKSET\KBDAP32A.EXE
C:\PROGRAM FILES\TRUST\305KS WIRELESS OPTICAL DESKSET\LWBWHEEL.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\TWAIN_32\TRUST\COMPACT SCAN\WATCH.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {41353F8B-78CE-48A5-BE44-153ED293D192} - C:\PROGRA~1\POPUPP~1\POPLIB.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe
O4 - HKLM\..\Run: [CleanIt] C:\Program Files\CleanIt\cleanit.exe
O4 - HKLM\..\Run: [LWBKEYBOARD] C:\Program Files\Trust\305KS WIRELESS OPTICAL DESKSET\KbdAp32A.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Trust\305KS WIRELESS OPTICAL DESKSET\lwbwheel.exe
O4 - HKLM\..\Run: [ScriptSentry] C:\PROGRAM FILES\SCRIPT SENTRY\SCRIPTSENTRY.exe /check
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAM FILES\GRISOFT\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [bpcpost.exe] C:\WINDOWS\SYSTEM\bpcpost.exe
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe
O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\outpost.exe /waitservice
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKLM\..\RunServices: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL 1.0\outpost.exe /service
O4 - Startup: EPSON Background Monitor.lnk = C:\ESM2\Stms.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\Trust\Compact Scan\WATCH.exe
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: PopupPopper Control Panel (HKLM)
O9 - Extra button: Trashcan (HKCU)
O9 - Extra 'Tools' menuitem: Show Trashcan (HKCU)
O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
O15 - Trusted Zone: http://register-tesco.qa.business.ntl.com
O15 - Trusted Zone: http://memberservices.tesco.net
O16 - DPF: {4E544C53-6967-6E02-BBAD-233AD71832A8} (NTLSignup1 Class) - https://tesco.autoregister.net/tesco/NTLSignup.cab
O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productupdates/content/opuc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37867.6500694444
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\system\IntraLaunch.CAB
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} - http://download.microsoft.com/download/vizact2000/Install/10/WIN98Me/EN-US/msorun.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: NTLSignup - https://tesco.autoregister.net/tesco/NTLSignup.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab

Got a feeling that 'Realtime EXE' might be a bit iffy.

 

Hi Cochise,

Please try this.

Check the items listed below in HijackThis, close all windows except HijackThis and click Fix checked:

O4 - HKLM\..\Run: [bpcpost.exe] C:\WINDOWS\SYSTEM\bpcpost.exe
O4 - HKLM\..\Run: [PCDRealtime] C:\WINDOWS\realtime.exe

Then reboot.
If it doesn't help a repair of IE might be necessary.

HTH,

Pieter

 

Thank you Pieter for your kind attention....I Fixed your two suggestions....sorry to say, made no difference....tried the M$ Internet Explorer Repair in Add/Remove...still no good....

I still get this dialogue box saying...An exception has occurred in M$ Internet Explorer and will have to close....Sorry for the inconvenience etc., etc., and then it asks if I would like to send a report back and like I said, it just takes me back to my IE Browser (Google)....when this message pops up it freezes the screen so I'am unable to Save, Print Screen or Copy etc., the message..Grrrrrr! So I can't post it here...but I assume you have seen this M$ Dialogue box before?
Would the error Code:- '0xC0000005' give any clue?....I can't find anything on Google that makes any sense to me (Which isn't difficult LOL)..

Regards, Cochise,

 

This looks like a possible solution:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;218983

Regards,

Pieter

 

Nope! Sorry to say Pieter, nothing of consequence there either. Have you ever seen the error message that I'm trying to describe before this. Funny thing is, it allows me to type in some addys like Wilders for instance....If I type into Google search, no problem. For an instance, my Village has now got ADSL so I have been checking out Broadband ISPs...When I type www.wanadoo.co.uk and Enter I get the site to open but if I click a Link I get the MS error and returned to my browser...If I type www.wanadoo.co.uk/broadband and Enter I just get th MS message straight away etc.,...Could I possibly have checked something I shouldn't?

Many Thanks for your time, Cochise,

 

Next time it happens click on Details in the error screen and post what it says.

Regards,

Pieter

 

Hi Pieter,
As I said in #3 I can't do anything with it other than say Yes or No to sending report!....If I move my pointer outside the Message box it changes to the Hour-glass so I can't click on anything...

Our Friend SnowGuy has been on to me and he thinks it's a M$ Exploit for which there should be a Patch??....Obviously I don't have it....but he did put this link up so at least you can see the Error I'm talking about:-
http://support.microsoft.com/default.aspx?kbid=276550.

Best Regards, Cochise,

 

The More details button should be inside that window.

Regards,

Pieter

 

Sorry Pieter if I'm not making myself clear.....I can do nothing with the Window either in it or out of it.....all I can do within the Window is scroll through the details etc., which contain something in the region of 57/8 modules!! plus about two metres of letters and numbers like you wouldn't believe.....but nothing I do within the Window allows me to copy it or anything else.....I really don't know what else I can tell you that would help.

The only bits I can see that might be of use is the Exception:-
Address:-0x00000000780154a7
Code:-0xC0000005
Flags:-0x00000000

Probably all meaningless eh?

I'm not helping much am I?

Thanks, Cochise,

 

I'll see if I can get you some professional help.

Regards,

Pieter

 

Two messages from Mosaic1

Link for TweakUI added by me:
http://www.annoyances.org/exec/show/tweakui

Regards,

Pieter

 

God Pieter you certainly earn your keep around here, do you ever have time for yourself??....
Will try what you have suggested once I grasp the concept..Thanks...

I would be quite happy to settle for uninstalling the the offending 'Report'...I can find nothing in M$ Support on 'How To'...

I did find this:- (Regedit)..HKEY-LOCAL-MACHINE\Software\Microsoft\internet Explorer\Main\"IEWatsonenabled"=DWord:00000000. but I couldn't find the 'IEWatsonenabled etc., bit?? Was I up the wrong Cul-de-Sac?

As you may know I'm on Win98se and Tesco/Dialup Anytime.

Don't really know how to thank you for this, especially since i've looked through this Forum and seen how much work you put in.

Very Best Regards, Cochise,

 

Hi cochise,

I gotta do something around here to feel usefull.

I found this here: http://support.microsoft.com/default.aspx?kbid=276550&product=ie

Internet Explorer 5.0 - 5.5 SP1 (All Operating Systems)
To disable Internet Explorer Error Reporting, use the following steps:
Click Start, point to Settings, and then click Control Panel.
Double-click Add/Remove Programs.
In the list of installed programs, click Internet Explorer Error Reporting, and then click Add/Remove (in Windows 98, Windows Me, or Windows NT 4.0) or Remove (in Windows 2000).
Click OK.

And this for IE6 (but for XP)

Internet Explorer 6 for Windows XP
Click Start, and then click Control Panel (or point to Settings, and then click Control Panel).
Double-click System (or click Switch to Classic View, and then double-click System).
Click the Advanced tab, and then click Error Reporting.
Click Disable error reporting to disable both user and kernel-mode error reporting, or click to clear the Programs check box.
Click OK, and then click OK.

See if any of the given paths fits the bill.

Regards,

Pieter

 

Not one of 'em Pieter...M$ must be the most insidious B*****d that ever drew breath...I do not have XP....I have IE 6 SP1 and there is nothing in Add/Remove regarding Error reporting....I tried all the ways I knew how in MS to either Install or Uninstall Error \\report and nothing allows me to do either.

Just as a matter of fact, would this have anything to do with this prob, my very patient friend...Kle&Ple...

This Damn message is popping up all the time now.... but not Wilders??

Cochise,

 

Before we forget the obvious, you did clean out history, temp folders and AutoComplete?

Regards,

Pieter

 

Yes Pieter, did history and Temps...I don't appear to have Autocomplete?...A thought has sprung to mind, could this be some kind of Virus??....Going back to General Software and Services..May 16 04...a Poster called Greeneyed 42 (ON Page 3) asked about "KLe&PLE"....me, being the nosey person that I'am had a look on Google for it and up popped that M$ Error message?? and it's been with me off and on ever since...but now more on than off....
Would putting up my Startup list from HJT help Please....

This is beginning to get embarrassing now...

Best Regards, Cochise,

 

See if this registry file disable error reporting.

Copy the conntents of the quote box to notepad. Name as no error.reg
save as type all files.

Double click to enter, Restart IE to take effect.

Auto complete can be found here:

Internet Options>Content>Auto complete button

Did you create the faultlog? If so please open it and post the contents. Maybe it will give a clue.

 

I know you are doing your best for me but I must explain again...When the M$ Error message pops up I can do NOTHING with it... the screen freezes...although I can move my pointer about I'am unable to click on anything...I can't copy, screenprint, save, right click...nothing all I can do to get rid of it is to click 'Don't Send' and then I'm returned to my browser....

I found Autocomplete and did the deed....I have been through the Regedit\ HKEY...S/Ware\Microsoft\Internet Ex\Main....when I click on Main all I get is two Files.. 'Error Thresholds' and URL Templates?? No 'IEWatson' etc.,...

Looks like I'm going to have to give it up and take it to the Doctors eh?

Thank You so Much, Cochise,

 

Cochise,

Create the registry file as I showed you in my previous post. And then double click on it to enter into the registry. This should disable the error reporting tool. Restart Internet Explorer and see if the error reporting stops.

Using TWEAKUI click the paranoia tab and create a faultlog. This will keep track of any invalid page faults. Open that file and see if it has anything recorded after your next error. If there is another error. Sometimes the Error Reporting tool is the problem.



Mo

 

MANY, MANY, MANY Thanks to you Pieter and Mosaic1 for your tireless efforts to pull me out of the mire....at the end of the day my Good friends nothing would have saved me....each Error was part of a steady decline into the Abyss LOL....Obviously something dreadful had found it's way up the exhaust of my OS until it finally came to a screeching halt. (I still have no idea what) I have not been able to find anything untoward anywhere?!!

The last straw was Day before yesterday...I read my mail...then tried to open Sent Items and just got the Hour-Glass which stayed for 10 minutes until I gave it the CAD treatment....after it re-booted I was greeted with a blue screen with a White Dialogue box saying "Error loading Internet Explorer, You MUST re-install Windows"....which I did from my 98se Disc...(Very scarey for me) and, after a bit of hassle with my Dialup, which I have now resolved.... here I'am Chirpy as ever but a damn sight wiser.

You are all the Very Best and I wish you All the Very Best....(Where's the Applaud Button when I need it so badly??)

With the greatest of respect, Cochise,