Question

Error on every boot windows XP Home

Asked by: Bimal2002

Every time I boot my computer I get an error as per the attached screen shot. Is this a virus. I ran a Microsoft scanner which report presence of a  trojan as per the attached screen shot. Please help.

This Question has been solved and asker verified All Experts Exchange premium technology solutions are available to subscription members.

Subscribe now for full access to Experts Exchange and get

Instant Access to this Solution

  • Plus...
  • 30 Day FREE access, no risk, no obligation
  • Collaborate with the world's top tech experts
  • Unlimited access to our exclusive solution database
  • Never be left without tech help again

Subscribe Now

Asked On
2009-08-06 at 05:25:14ID24631113
Tags

Windows XP Home version

Topic

Windows XP Operating System

Participating Experts
4
Points
500
Comments
8

Trusted by hundreds of thousands everyday for fast, accurate and reliable tech support.

  • "The time we save is the biggest benefit of Experts Exchange to Warner Bros. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange." Mike Kapnisakis, Warner Bros.
  • "Our team likes having a resource that is more secure than just using Google and most experts using this service really know their stuff. It's nice to look here first versus using Google." Dayna Sellner, Lockheed Martin
  • "Anytime that I've been stumped with a problem, 9 out of 10 times Experts Exchange has either the accepted solution or an open discussion of the potential solution to the problem." Kenny Red, eBay Inc.

See what Experts Exchange can do for you.

Got a question?

We've got the answer.

Experts Exchange has been collecting answers to technology questions since 1996…3 million and counting! If you have a question, chances are we already have your answer.

Screenshot of Experts Exchange Knowledgebase

Need individual assistance?

Our experts are ready to help.

If you can't find the exact answer you're looking for, ask our exclusive community of 50,000 experts. You’ll get a personalized answer from a trusted professional.

Screenshot of Experts Exchange Knowledgebase

Want to learn from the best?

Read articles from industry experts.

Thousands of free tech tips, tricks, how-to’s and tutorials are available in our peer reviewed articles section. See for yourself how smart our experts are, no login required.

Screenshot of an Article

Working on a long term project?

Store your work and research.

Save solutions to your questions, answers you’ve discovered through searching plus helpful articles in your personal knowledgebase for easy future access.

Screenshot of Experts Exchange Knowledgebase

Access the answers to your technology questions today.

Subscribe Now

30-day free trial. Register in 60 seconds.

What Makes Experts Exchange Unique?

Members of the expert community talk about why the experience at Experts Exchange is different than what you will find anywhere else.

Trusted by the world's most respected brands.

image of each brand's logo

Faithfully serving IT professionals since 1996.

Experts Exchange Logo

Try it out and discover for yourself.

Subscribe Now

30-day free trial. Register in 60 seconds.

Related Solutions

  1. Trojans
    Can A trojan infect the MBR? If so will repartitioning get rid of it?
  2. Is it a virus or trojan horse?
    When I start my computer a program file has started to appear - C\programfiles\apoint2K\apntex.exe Is this a virus or trojan horse? If it is not safe how do I remove it please?
  3. Trojan Horse Virus Elimination
    Hi all, I have a "Back Door Trojan Horse" Virus that I can not eliminate. Have run every anti-spyware / adware / program and nothing helps. System keeps getting slower and more pop-ups of spyware removal are happening. Cannot access my control panel to investig...
  4. VIrus Infection Trojan and Worm
    My computer is infected with virus. I had Kaspersky and it was disabled. I installed Microsoft OnCare ahd they have tried to help. Installed Super Anti Spyware and ran in safe mode Ditto with Malware Malbites (sp). Trojan and other viruses reappear after cleaning or quarant...

Free Tech Articles

  1. WARNING: 5 Reasons why you should NEVER fix a computer for free.
    It is in our nature to love the puzzle. We are obsessed. The lot of us. We love puzzles. We love the challenge. We thrive on finding the answer. We hate disarray. It bothers us deep in our soul. W...
  2. SCCM OSD Basic troubleshooting
    SCCM 2007 OSD is a fantastic way to deploy operating systems, however, like most things SCCM issues can sometimes be difficult to resolve due to the sheer volume of logs to sift through and the dispe...
  3. Migrate Small Business Server 2003 to Exchange 2010 and Windows 2008 R2
    This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Windows 2008 R2 with Exchange 2010. For this migration to work you will need the fo...
  4. Create a Win7 Gadget
    This article shows you how to create a simple "Gadget" -- a sort of mini-application supported by Windows 7 and Vista. Gadgets can be dropped anywhere on the desktop to provide instant information, ...
  5. Outlook continually prompting for username and password
    There have been a lot of questions recently regarding Outlook prompting for a username and password whilst using Exchange 2007. There are a few reasons why this would happen and I will try to cover t...
  6. Backup Exchange 2010 Information Store using Windows Backup
    There seems to be quite a lot of confusion around the ability to backup Exchange 2010 using the built in Windows Backup feature. This stems from the omission of this feature prior to Exchange 2007 s...

Cloud Class Webinars

  1. Avoiding Bugs in Microsoft Access
    Alison Balter takes and in-depth look at avoiding bugs in Access. In this webinar you will learn about using the immediate window to debug your applications, invoking the debugger, using breakpoints to troubleshoot, stepping through code, setting the next statement to execute, ...
  2. Top 10 Best New Features in Visio 2010
    Scott Helmers gives live demonstrations of the top 10 new features in Visio 2010. This webinar will teach you how to create compelling diagrams by adding shapes to the page with a single click, linking the shapes in a diagram to data in Excel (or SQL Server, or SharePoint), ...
  3. IT Consultant Business Secrets Revealed
    Michael Munger, Experts Exchange tech pro and IT consultant, pulls back the curtain on his very successful businesses and answers question on every IT consultant and business owner should know about. He shares secrets on what he did to solve the 5 most common problems in IT, ...
  4. Disaster Recovery and Business Continuity
    Quest CTO, Mike Billon, gives an overview of the steps involved in building a dunamic disaster recovery plan. Through case studies and an examination of software/hardware tooles for monitoring and testing, you'll gain a better understandin of where you are, where you want ...
  5. Organize Your Visio Diagrams with Containers and Lists
    Scott Helmers uses cross functional flowcharts, wireframe diagrams, data graphic legends and seating charts to teach you: how to ustilize all three new structured diagram components in Visio 2010, the best practices for organizeing shapes in previous version of Visio, how to organize ...
  6. How to Us Objects, Properties, Events and Methods in Microsoft Access
    Alison Dalter gives an in-depbth look at objects, properties, events and methods in Microsoft Access. In this webinar you will learn about using the object browser, referring to objects, working with properties and methods, working with object variables, understanding the ...

Join the Community

Give a Little. Get a Lot.

Join the community of experts here and help other tech pros by answering question in your area of expertise. You can earn FREE access to all Experts Exchange's premium features and resources.

Join the Community

Answers

 

by: Milan_OjhPosted on 2009-08-06 at 05:29:10ID: 25032439

 

by: Stoner79Posted on 2009-08-06 at 05:29:39ID: 25032444

Not sure if XP Home has System Restore, but roll back to before these problems occured if you can.

Run a spyware cleaner or two (adaware/spybot, etc) and a full system scan AV (avast is a good free one).

 

by: Spec01Posted on 2009-08-06 at 05:41:11ID: 25032534

Boot your computer into Windows click start>run>msconfig, click the startup tab and disable everything on startup this should prevent anything program from starting up on bootup.

Download MalwareBytes from this location and Upddate the definitions and run a scan on your computer. http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

 

by: rpggamergirlPosted on 2009-08-06 at 05:57:33ID: 25032683

If problem persists, also run Combofix and show us the logfile. If it doesn't run at first go, redownload and rename the file before saving it to your desktop.

Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
You must download it to and run it from your Desktop

Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

I
f needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

 

by: Bimal2002Posted on 2009-08-07 at 01:41:31ID: 25040804

Dear All,
To give you more details I attach Drwatson32 log file to enable you to study the problem in more detail:

QUOTE
Application exception occurred:
        App: C:\Program Files\Internet Explorer\IEXPLORE.EXE (pid=2812)
        When: 07-08-2009 @ 11:24:32.336
        Exception number: c0000005 (access violation)

*----> System Information <----*
        Computer Name: BIMALJAIN
        User Name: Ion Exchange
        Terminal Session Id: 0
        Number of Processors: 1
        Processor Type: x86 Family 6 Model 22 Stepping 1
        Windows Version: 5.1
        Current Build: 2600
        Service Pack: 3
        Current Type: Uniprocessor Free
        Registered Organization: Ion Exchange Infrastructure Ltd.
        Registered Owner: Ion Exchange Infrastructure Ltd.

*----> Task List <----*
   0 System Process
   4 System
 680 smss.exe
 740 csrss.exe
 764 winlogon.exe
 808 services.exe
 820 lsass.exe
 968 svchost.exe
1032 svchost.exe
1096 svchost.exe
1172 svchost.exe
1220 svchost.exe
1500 spoolsv.exe
 148 svchost.exe
 212 mDNSResponder.exe
 280 InCDsrv.exe
 388 jqs.exe
 504 MDM.EXE
 576 mnmsrvc.exe
 700 Explorer.EXE
 724 MSCamS32.exe
 932 rundll32.exe
1076 opssvc.exe
1296 HPZipm12.exe
1372 EMLPROXY.EXE
1560 quhlpsvc.exe
1364 qhfw.exe
1600 RichVideo.exe
1892 scanwscs.exe
1948 svchost.exe
1972 tallylicserver.exe
2596 alg.exe
2620 wmiprvse.exe
2812 IEXPLORE.EXE
3472 EMLPROUI.EXE
3524 UPSCHD.EXE
3980 SCANMSG.EXE
3988 OnlineNT.EXE
3996 LVCOMSX.EXE
4016 igfxtray.exe
4032 igfxpers.exe
4044 hkcmd.exe
1548 Apoint.exe
 524 AGRSMMSG.exe
1568 RocketDock.exe
1576 ctfmon.exe
1828 Apntex.exe
2496 wuauclt.exe
3000 drwtsn32.exe

*----> Module List <----*
(0000000000400000 - 000000000049c000: C:\Program Files\Internet Explorer\IEXPLORE.EXE
(0000000000a90000 - 0000000000a99000: C:\WINDOWS\system32\Normaliz.dll
(0000000001370000 - 00000000013c5000: C:\WINDOWS\system32\NETAPI32.dll
(0000000016080000 - 00000000160a5000: C:\Program Files\Bonjour\mdnsNSP.dll
(000000003d930000 - 000000003da00000: C:\WINDOWS\system32\WININET.dll
(000000003dfd0000 - 000000003e015000: C:\WINDOWS\system32\iertutil.dll
(000000005ad70000 - 000000005ada8000: C:\WINDOWS\system32\UXTHEME.DLL
(000000005d090000 - 000000005d12a000: C:\WINDOWS\system32\comctl32.dll
(0000000066000000 - 0000000066086000: C:\Program Files\Stardock\Object Desktop\WindowBlinds\wblind.dll
(0000000066500000 - 000000006650a000: C:\WINDOWS\system32\wbsys.dll
(0000000066600000 - 0000000066617000: C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbhelp.dll
(0000000071a50000 - 0000000071a8f000: C:\WINDOWS\System32\mswsock.dll
(0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\system32\WS2HELP.dll
(0000000071ab0000 - 0000000071ac7000: C:\WINDOWS\system32\WS2_32.dll
(0000000071bf0000 - 0000000071c03000: C:\WINDOWS\System32\SAMLIB.dll
(0000000071c10000 - 0000000071c1e000: C:\WINDOWS\System32\ntlanman.dll
(0000000071c80000 - 0000000071c87000: C:\WINDOWS\System32\NETRAP.dll
(0000000071c90000 - 0000000071cd0000: C:\WINDOWS\System32\NETUI1.dll
(0000000071cd0000 - 0000000071ce7000: C:\WINDOWS\System32\NETUI0.dll
(00000000755c0000 - 00000000755ee000: C:\WINDOWS\system32\msctfime.ime
(0000000075a70000 - 0000000075a91000: C:\WINDOWS\system32\MSVFW32.dll
(0000000075f60000 - 0000000075f67000: C:\WINDOWS\System32\drprov.dll
(0000000075f70000 - 0000000075f7a000: C:\WINDOWS\System32\davclnt.dll
(0000000076380000 - 0000000076385000: C:\WINDOWS\system32\msimg32.dll
(0000000076390000 - 00000000763ad000: C:\WINDOWS\system32\IMM32.DLL
(0000000076600000 - 000000007661d000: C:\WINDOWS\system32\cscdll.dll
(0000000076b40000 - 0000000076b6d000: C:\WINDOWS\system32\WINMM.dll
(0000000076d60000 - 0000000076d79000: C:\WINDOWS\system32\Iphlpapi.dll
(0000000076f20000 - 0000000076f47000: C:\WINDOWS\system32\DNSAPI.dll
(0000000076f60000 - 0000000076f8c000: C:\WINDOWS\system32\WLDAP32.dll
(0000000076fb0000 - 0000000076fb8000: C:\WINDOWS\System32\winrnr.dll
(0000000076fc0000 - 0000000076fc6000: C:\WINDOWS\system32\rasadhlp.dll
(0000000077120000 - 00000000771ab000: C:\WINDOWS\system32\OLEAUT32.dll
(00000000773d0000 - 00000000774d3000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
(00000000774e0000 - 000000007761d000: C:\WINDOWS\system32\ole32.dll
(0000000077b40000 - 0000000077b62000: C:\WINDOWS\system32\Apphelp.dll
(0000000077c00000 - 0000000077c08000: C:\WINDOWS\system32\VERSION.dll
(0000000077c10000 - 0000000077c68000: C:\WINDOWS\system32\msvcrt.dll
(0000000077dd0000 - 0000000077e6b000: C:\WINDOWS\system32\ADVAPI32.dll
(0000000077e70000 - 0000000077f02000: C:\WINDOWS\system32\RPCRT4.dll
(0000000077f10000 - 0000000077f59000: C:\WINDOWS\system32\GDI32.dll
(0000000077f60000 - 0000000077fd6000: C:\WINDOWS\system32\SHLWAPI.dll
(0000000077fe0000 - 0000000077ff1000: C:\WINDOWS\system32\Secur32.dll
(0000000078130000 - 0000000078257000: C:\WINDOWS\system32\urlmon.dll
(000000007c800000 - 000000007c8f6000: C:\WINDOWS\system32\kernel32.dll
(000000007c900000 - 000000007c9b2000: C:\WINDOWS\system32\ntdll.dll
(000000007c9c0000 - 000000007d1d7000: C:\WINDOWS\system32\SHELL32.dll
(000000007e410000 - 000000007e4a1000: C:\WINDOWS\system32\USER32.dll

*----> State Dump for Thread Id 0xb00 <----*

eax=004031b9 ebx=7ffdf000 ecx=01c2f31c edx=01000000 esi=00000000 edi=000002bc
eip=7c810705 esp=0012fffc ebp=01c2f3d8 iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000             efl=00000200

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
function: kernel32!CreateThread
        7c8106f2 fd               std
        7c8106f3 ffff             ???
        7c8106f5 5d               pop     ebp
        7c8106f6 c21800           ret     0x18
        7c8106f9 33ed             xor     ebp,ebp
        7c8106fb 53               push    ebx
        7c8106fc 50               push    eax
        7c8106fd 6a00             push    0x0
        7c8106ff e9eeafffff       jmp    kernel32!GetModuleFileNameA+0x183 (7c80b6f2)
        7c810704 90               nop
        7c810705 33ed             xor     ebp,ebp
        7c810707 50               push    eax
        7c810708 6a00             push    0x0
        7c81070a e945690000     jmp kernel32!RegisterWaitForInputIdle+0x26 (7c817054)
        7c81070f 90               nop
        7c810710 8bff             mov     edi,edi
        kernel32!SwitchToFiber:
        7c810712 648b1518000000   mov     edx,fs:[00000018]
        7c810719 8b4210           mov     eax,[edx+0x10]
        7c81071c 8bcc             mov     ecx,esp
        7c81071e 8998b8000000     mov     [eax+0xb8],ebx

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
01c2f3d8 00000000 00000000 00000000 00000000 kernel32!CreateThread+0x2e

*----> Raw Stack Dump <----*
000000000012fffc  00 00 00 00 41 63 74 78 - 20 00 00 00 01 00 00 00  ....Actx .......
000000000013000c  98 24 00 00 c4 00 00 00 - 00 00 00 00 20 00 00 00  .$.......... ...
000000000013001c  00 00 00 00 14 00 00 00 - 01 00 00 00 06 00 00 00  ................
000000000013002c  34 00 00 00 14 01 00 00 - 01 00 00 00 00 00 00 00  4...............
000000000013003c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000013004c  02 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
000000000013005c  14 02 00 00 9c 01 00 00 - 00 00 00 00 5b 49 59 2d  ............[IY-
000000000013006c  b0 03 00 00 32 00 00 00 - e4 03 00 00 d2 02 00 00  ....2...........
000000000013007c  00 00 00 00 e4 02 02 83 - b8 06 00 00 46 00 00 00  ............F...
000000000013008c  00 07 00 00 ea 02 00 00 - 00 00 00 00 d2 d5 8c d1  ................
000000000013009c  ec 09 00 00 46 00 00 00 - 34 0a 00 00 ea 02 00 00  ....F...4.......
00000000001300ac  00 00 00 00 2e ad 6a d8 - 20 0d 00 00 46 00 00 00  ......j. ...F...
00000000001300bc  68 0d 00 00 04 03 00 00 - 10 00 00 00 04 00 00 00  h...............
00000000001300cc  d4 00 00 00 02 00 00 00 - 01 00 00 00 14 01 00 00  ................
00000000001300dc  8c 0f 00 00 01 00 00 00 - 02 00 00 00 a0 10 00 00  ................
00000000001300ec  2c 03 00 00 01 00 00 00 - 04 00 00 00 cc 13 00 00  ,...............
00000000001300fc  50 10 00 00 02 00 00 00 - 06 00 00 00 1c 24 00 00  P............$..
000000000013010c  7c 00 00 00 02 00 00 00 - 53 73 48 64 2c 00 00 00  |.......SsHd,...
000000000013011c  01 00 00 00 01 00 00 00 - 01 00 00 00 05 00 00 00  ................
000000000013012c  88 00 00 00 01 00 00 00 - 58 0f 00 00 2c 00 00 00  ........X...,...

*----> State Dump for Thread Id 0xb84 <----*

eax=77df848a ebx=00c9fed0 ecx=00000006 edx=00000000 esi=00000000 edi=7ffdf000
eip=7c90e514 esp=00c9fea8 ebp=00c9ff44 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\ntdll.dll -
function: ntdll!KiFastSystemCallRet
        7c90e4fa e829000000       call    ntdll!RtlRaiseException (7c90e528)
        7c90e4ff 8b0424           mov     eax,[esp]
        7c90e502 8be5             mov     esp,ebp
        7c90e504 5d               pop     ebp
        7c90e505 c3               ret
        7c90e506 8da42400000000   lea     esp,[esp]
        7c90e50d 8d4900           lea     ecx,[ecx]
        ntdll!KiFastSystemCall:
        7c90e510 8bd4             mov     edx,esp
        7c90e512 0f34             sysenter
        ntdll!KiFastSystemCallRet:
        7c90e514 c3               ret
        7c90e515 8da42400000000   lea     esp,[esp]
        7c90e51c 8d642400         lea     esp,[esp]
        ntdll!KiIntSystemCall:
        7c90e520 8d542408         lea     edx,[esp+0x8]
        7c90e524 cd2e             int     2e
        7c90e526 c3               ret
        7c90e527 90               nop
        ntdll!RtlRaiseException:
        7c90e528 55               push    ebp
        7c90e529 8bec             mov     ebp,esp

*----> Stack Back Trace <----*
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for C:\WINDOWS\system32\ADVAPI32.dll -
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
00c9ff44 77df8631 00000002 00c9ff6c 00000000 ntdll!KiFastSystemCallRet
00c9ffb4 7c80b729 00000000 7c9142af 00000000 ADVAPI32!WmiFreeBuffer+0x24e
00c9ffec 00000000 77df848a 00000000 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*
0000000000c9fea8  4a df 90 7c 90 95 80 7c - 02 00 00 00 d0 fe c9 00  J..|...|........
0000000000c9feb8  01 00 00 00 01 00 00 00 - 04 ff c9 00 e0 2e aa 00  ................
0000000000c9fec8  60 66 e4 77 00 10 00 00 - 60 00 00 00 6c 00 00 00  `f.w....`...l...
0000000000c9fed8  c0 fe c9 00 ff ff ff ff - dc ff c9 00 d8 9a 83 7c  ...............|
0000000000c9fee8  50 0b 81 7c 00 10 00 00 - 14 00 00 00 01 00 00 00  P..|............
0000000000c9fef8  00 00 00 00 00 00 00 00 - 10 00 00 00 00 a2 2f 4d  ............../M
0000000000c9ff08  ff ff ff ff 00 10 00 00 - 00 f0 fd 7f 00 c0 fd 7f  ................
0000000000c9ff18  dc ff c9 00 04 ff c9 00 - d0 fe c9 00 06 00 00 00  ................
0000000000c9ff28  02 00 00 00 c4 fe c9 00 - 06 00 00 00 dc ff c9 00  ................
0000000000c9ff38  d8 9a 83 7c 80 96 80 7c - 00 00 00 00 b4 ff c9 00  ...|...|........
0000000000c9ff48  31 86 df 77 02 00 00 00 - 6c ff c9 00 00 00 00 00  1..w....l.......
0000000000c9ff58  e0 93 04 00 01 00 00 00 - af 42 91 7c 00 00 00 00  .........B.|....
0000000000c9ff68  00 00 00 00 60 00 00 00 - 6c 00 00 00 00 10 00 00  ....`...l.......
0000000000c9ff78  e0 2e aa 00 00 00 00 00 - 00 10 00 00 e8 3e aa 00  .............>..
0000000000c9ff88  00 67 e4 77 28 00 00 00 - e0 66 e4 77 00 10 00 00  .g.w(....f.w....
0000000000c9ff98  00 00 00 00 00 67 e4 77 - e0 2e aa 00 e0 66 e4 77  .....g.w.....f.w
0000000000c9ffa8  e5 03 00 00 00 10 00 00 - e8 3e aa 00 ec ff c9 00  .........>......
0000000000c9ffb8  29 b7 80 7c 00 00 00 00 - af 42 91 7c 00 00 00 00  )..|.....B.|....
0000000000c9ffc8  00 00 00 00 00 c0 fd 7f - 00 06 3c 87 c0 ff c9 00  ..........<.....
0000000000c9ffd8  d0 0f bd 86 ff ff ff ff - d8 9a 83 7c 30 b7 80 7c  ...........|0..|

*----> State Dump for Thread Id 0xb88 <----*

eax=7ff60121 ebx=00000000 ecx=7c80becd edx=00daff73 esi=7c91650e edi=7ff6028e
eip=00000000 esp=00dafb7c ebp=00dafba8 iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000206

*** ERROR: Module load completed but symbols could not be loaded for C:\Program Files\Internet Explorer\IEXPLORE.EXE
function: <nosymbols>
No prior disassembly possible
        :
        00000000 ??               ???
        00000002 ??               ???
        00000004 ??               ???
        00000006 ??               ???
        00000008 ??               ???
        0000000a ??               ???
        0000000c ??               ???
        0000000e ??               ???
FAULT ->:
00000000 ??               ???
Error 0x00000001
        00000002 ??               ???
        00000004 ??               ???
        00000006 ??               ???
        00000008 ??               ???
        0000000a ??               ???
        0000000c ??               ???
        0000000e ??               ???
        00000010 ??               ???
        00000012 ??               ???
        00000014 ??               ???

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
00dafb78 100052a3 7ff60121 00000051 1000ac08 0x0
00dafba8 10004ce7 00daff64 00daff84 00000051 0x100052a3
00daffb4 7c80b729 7ff60000 0b80001c 7c91650e 0x10004ce7
00daffec 00000000 100045a4 7ff60000 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*
0000000000dafb7c  a3 52 00 10 21 01 f6 7f - 51 00 00 00 08 ac 00 10  .R..!...Q.......
0000000000dafb8c  8e 02 f6 7f 0e 65 91 7c - 00 00 f6 7f b4 ff da 00  .....e.|........
0000000000dafb9c  dc ff da 00 d8 9a 83 7c - d0 be 80 7c b4 ff da 00  .......|...|....
0000000000dafbac  e7 4c 00 10 64 ff da 00 - 84 ff da 00 51 00 00 00  .L..d.......Q...
0000000000dafbbc  1c 00 80 0b 0e 65 91 7c - 00 00 f6 7f 00 00 00 00  .....e.|........
0000000000dafbcc  24 fc da 00 00 f0 fd 7f - 59 d1 4f 77 a4 fb da 00  $.......Y.Ow....
0000000000dafbdc  02 00 00 00 79 2d 28 00 - 28 24 ac 71 96 13 ab 71  ....y-(.($.q...q
0000000000dafbec  f5 ff ff ff 02 00 00 00 - 79 f5 96 28 00 00 ab 71  ........y..(...q
0000000000dafbfc  02 00 00 00 04 00 00 00 - 00 00 00 00 24 fc da 00  ............$...
0000000000dafc0c  00 f0 fd 7f 00 00 41 7e - 10 01 00 00 43 3a 5c 57  ......A~....C:\W
0000000000dafc1c  49 4e 44 4f 57 53 5c 73 - 79 73 74 65 6d 33 32 5c  INDOWS\system32\
0000000000dafc2c  61 76 69 63 61 70 33 32 - 2e 64 6c 6c 00 fc da 00  avicap32.dll....
0000000000dafc3c  c4 b0 91 7c 54 fc da 00 - b7 b1 91 7c 00 b0 fd 7f  ...|T......|....
0000000000dafc4c  00 f0 fd 7f 00 00 00 00 - 14 00 00 00 01 00 00 00  ................
0000000000dafc5c  00 00 00 00 00 00 00 00 - 10 00 00 00 00 00 00 00  ................
0000000000dafc6c  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
0000000000dafc7c  00 00 00 00 00 f0 fd 7f - 73 12 ab 71 a4 1e 28 00  ........s..q..(.
0000000000dafc8c  48 fc da 00 00 00 00 00 - 0c fd da 00 20 e9 90 7c  H........... ..|
0000000000dafc9c  00 b1 91 7c ff ff ff ff - a4 b0 91 7c 9a de 90 7c  ...|.......|...|
0000000000dafcac  2a b0 91 7c 30 fd da 00 - 0e 65 91 7c 00 00 f6 7f  *..|0....e.|....

*----> State Dump for Thread Id 0xb94 <----*

eax=00faf9c0 ebx=00000000 ecx=7c91005d edx=00310000 esi=00faff8c edi=7e431211
eip=7c90e514 esp=00fafef4 ebp=00faff18 iopl=0         nv up ei pl zr na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000246

function: ntdll!KiFastSystemCallRet
        7c90e4fa e829000000       call    ntdll!RtlRaiseException (7c90e528)
        7c90e4ff 8b0424           mov     eax,[esp]
        7c90e502 8be5             mov     esp,ebp
        7c90e504 5d               pop     ebp
        7c90e505 c3               ret
        7c90e506 8da42400000000   lea     esp,[esp]
        7c90e50d 8d4900           lea     ecx,[ecx]
        ntdll!KiFastSystemCall:
        7c90e510 8bd4             mov     edx,esp
        7c90e512 0f34             sysenter
        ntdll!KiFastSystemCallRet:
        7c90e514 c3               ret
        7c90e515 8da42400000000   lea     esp,[esp]
        7c90e51c 8d642400         lea     esp,[esp]
        ntdll!KiIntSystemCall:
        7c90e520 8d542408         lea     edx,[esp+0x8]
        7c90e524 cd2e             int     2e
        7c90e526 c3               ret
        7c90e527 90               nop
        ntdll!RtlRaiseException:
        7c90e528 55               push    ebp
        7c90e529 8bec             mov     ebp,esp

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
00faff18 10009b15 00faff8c 00000000 00000000 ntdll!KiFastSystemCallRet
00faffb4 7c80b729 00000000 00000000 00dc0000 0x10009b15
00faffec 00000000 100099e7 00000000 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*
0000000000fafef4  be 91 41 7e 6b 77 42 7e - 8c ff fa 00 00 00 00 00  ..A~kwB~........
0000000000faff04  00 00 00 00 00 00 00 00 - 00 00 00 00 11 12 43 7e  ..............C~
0000000000faff14  cc 9b 00 10 b4 ff fa 00 - 15 9b 00 10 8c ff fa 00  ................
0000000000faff24  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
0000000000faff34  00 00 dc 00 00 00 00 00 - 30 00 00 00 00 00 00 00  ........0.......
0000000000faff44  3d 99 00 10 00 00 00 00 - 00 00 00 00 00 00 40 00  =.............@.
0000000000faff54  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00  ................
0000000000faff64  18 1c 00 10 00 00 00 00 - 1e dc 4f 80 e7 22 6d 80  ..........O.."m.
0000000000faff74  a8 1d 89 86 50 ed 46 aa - 00 00 00 00 00 00 00 00  ....P.F.........
0000000000faff84  01 00 00 00 00 00 00 00 - a0 4d a0 86 42 08 50 80  .........M..B.P.
0000000000faff94  00 00 00 00 00 00 00 00 - 00 00 00 00 80 0c 50 80  ..............P.
0000000000faffa4  9c ec 46 aa 98 0b 00 00 - bc 00 00 00 00 00 40 00  ..F...........@.
0000000000faffb4  ec ff fa 00 29 b7 80 7c - 00 00 00 00 00 00 00 00  ....)..|........
0000000000faffc4  00 00 dc 00 00 00 00 00 - 00 d0 fd 7f 00 06 3c 87  ..............<.
0000000000faffd4  c0 ff fa 00 d8 e7 91 86 - ff ff ff ff d8 9a 83 7c  ...............|
0000000000faffe4  30 b7 80 7c 00 00 00 00 - 00 00 00 00 00 00 00 00  0..|............
0000000000fafff4  e7 99 00 10 00 00 00 00 - 00 00 00 00 c8 00 00 00  ................
0000000000fb0004  4e 01 00 00 ff ee ff ee - 02 10 00 00 00 00 00 00  N...............
0000000000fb0014  00 fe 00 00 00 00 10 00 - 00 20 00 00 00 02 00 00  ......... ......
0000000000fb0024  00 20 00 00 2f 02 00 00 - ff ef fd 7f 0a 00 08 06  . ../...........

*----> State Dump for Thread Id 0xb9c <----*

eax=00000000 ebx=00000000 ecx=0122fee8 edx=76b60200 esi=00000001 edi=00faf140
eip=7c90e514 esp=0122ff08 ebp=0122ffb4 iopl=0         nv up ei ng nz ac po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000296

function: ntdll!KiFastSystemCallRet
        7c90e4fa e829000000       call    ntdll!RtlRaiseException (7c90e528)
        7c90e4ff 8b0424           mov     eax,[esp]
        7c90e502 8be5             mov     esp,ebp
        7c90e504 5d               pop     ebp
        7c90e505 c3               ret
        7c90e506 8da42400000000   lea     esp,[esp]
        7c90e50d 8d4900           lea     ecx,[ecx]
        ntdll!KiFastSystemCall:
        7c90e510 8bd4             mov     edx,esp
        7c90e512 0f34             sysenter
        ntdll!KiFastSystemCallRet:
        7c90e514 c3               ret
        7c90e515 8da42400000000   lea     esp,[esp]
        7c90e51c 8d642400         lea     esp,[esp]
        ntdll!KiIntSystemCall:
        7c90e520 8d542408         lea     edx,[esp+0x8]
        7c90e524 cd2e             int     2e
        7c90e526 c3               ret
        7c90e527 90               nop
        ntdll!RtlRaiseException:
        7c90e528 55               push    ebp
        7c90e529 8bec             mov     ebp,esp

*----> Stack Back Trace <----*
WARNING: Stack unwind information not available. Following frames may be wrong.
ChildEBP RetAddr  Args to Child              
0122ffb4 7c80b729 00000000 00faf140 76b42f44 ntdll!KiFastSystemCallRet
0122ffec 00000000 76b5aeaf 00000000 00000000 kernel32!GetModuleFileNameA+0x1ba

*----> Raw Stack Dump <----*
000000000122ff08  4a df 90 7c e9 ae b5 76 - 02 00 00 00 6c ff 22 01  J..|...v....l.".
000000000122ff18  01 00 00 00 01 00 00 00 - 00 00 00 00 44 2f b4 76  ............D/.v
000000000122ff28  a8 ad bb 86 10 00 00 00 - 00 00 00 00 f2 a3 63 80  ..............c.
000000000122ff38  a0 4d a0 86 a8 ad bb 86 - 00 90 fd 7f 84 ec 46 aa  .M............F.
000000000122ff48  98 0c 50 80 00 00 00 00 - 05 00 00 00 00 00 00 00  ..P.............
000000000122ff58  00 00 00 00 00 00 00 00 - 62 db 4f 80 00 00 00 00  ........b.O.....
000000000122ff68  00 00 00 00 d4 00 00 00 - e0 00 00 00 a8 ad bb 86  ................
000000000122ff78  50 ed 46 aa f0 be 22 87 - 00 00 00 00 01 ec 46 aa  P.F...".......F.
000000000122ff88  00 00 00 00 a0 4d a0 86 - 42 08 50 80 00 00 00 00  .....M..B.P.....
000000000122ff98  00 00 00 00 00 00 00 00 - 80 0c 50 80 9c ec 46 aa  ..........P...F.
000000000122ffa8  35 2c 6d 80 00 00 00 00 - 02 00 00 00 ec ff 22 01  5,m...........".
000000000122ffb8  29 b7 80 7c 00 00 00 00 - 40 f1 fa 00 44 2f b4 76  )..|....@...D/.v
000000000122ffc8  00 00 00 00 00 90 fd 7f - 00 06 3c 87 c0 ff 22 01  ..........<...".
000000000122ffd8  58 ad bb 86 ff ff ff ff - d8 9a 83 7c 30 b7 80 7c  X..........|0..|
000000000122ffe8  00 00 00 00 00 00 00 00 - 00 00 00 00 af ae b5 76  ...............v
000000000122fff8  00 00 00 00 00 00 00 00 - c8 00 00 00 cf 01 00 00  ................
0000000001230008  ff ee ff ee 02 10 00 00 - 00 00 00 00 00 fe 00 00  ................
0000000001230018  00 00 10 00 00 20 00 00 - 00 02 00 00 00 20 00 00  ..... ....... ..
0000000001230028  2f 02 00 00 ff ef fd 7f - 08 00 08 06 00 00 00 00  /...............
0000000001230038  00 00 00 00 00 00 00 00 - 00 00 00 00 98 05 23 01

UNQUOTE

Please help

 

by: Bimal2002Posted on 2009-08-08 at 00:04:49ID: 25048610

Hi all

I had recently installed Internet explorer but due many problems faced by me I uninstalled it and installed IE 7. I have been told that this error is becuase of this. Please suggest what corrective do I need to take to resolve this problem.

 

by: Bimal2002Posted on 2009-08-21 at 23:47:12ID: 31612378

it is very complicated to follow

 

by: rpggamergirlPosted on 2009-08-22 at 00:34:48ID: 25157770

The iexplore.exe error is not often an indicative that there is something wrong with IE,  a lurking nasties in the system also causes that same error.

The other 2 jpeg captures you posted are evidence of a rootkit/downloader present in the system.

So I don't know why someone would tell you that the error is caused by the IE version.

Weren't you able to run Combofix, if you run Combofix plese show us the log.

20120131-EE-VQP-002

3 Ways to Join

30-Day Free Trial

The Experts

98% positive feedback on 31,087 answers since March 2000. angeliii is a Microsoft Most Valuable Professional for his work with MS SQL Server & Develoment.

He has also proven his knowledge of Visual Basic Programming, PHP Scripting and Oracle Databases.

The Experts

97% positive feedback on 10,752 answers since July 2000. lrmoore has more than 18 years experience in the networking industry.

The six-time Mircosoft MVPs specialties include firewalls, virtual private networking, and network management.

Testimonials

"...and excellent source for support... Kind of like having your very own IT dept." Electriciansnet

Testimonials

"I was apprehensive at signing up at first. However... it has already made my life as an IT administrator much easier." JaCrews

Testimonials

"WOW! You guys have great, active, and knowledgeable people on here." moore50

Business Clients

Business Clients

In the Press

"If you’ve got a question... Experts Exchange can supply an answer.”

In the Press

"...an invaluable aid for both IT professionals and those who require tech support."

In the Press

"where IT professionals provide quick answers on just about any topic"

Business Account Plans

Loading Advertisement...