Blue screen of death (BSOD) - Page 2
Page 2 of 2 FirstFirst 1 2
Results 16 to 26 of 26

Thread: Blue screen of death (BSOD)

  1. February 10th, 2006, 11:07 PM #16
    CeeBee
    CeeBee is offline
    Registered User CeeBee's Avatar
    Join Date
    Nov 2002
    Location
    USA
    Posts
    2,494
    Right-click my computer->manage
    expand system tools->event viewer->system
    you shold see the major errors logged there
    look for the one that displays the reason for the crash and post all details
    the file might be too big to attach (64k)
    Last edited by CeeBee; February 10th, 2006 at 11:09 PM.
    Protected by Glock. Don't mess with me!
    Reply With Quote Reply With Quote
  2. February 10th, 2006, 11:33 PM #17
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    have dump file

    Hi,

    here it is but god knows what it means:



    * Symbols can not be loaded because symbol path is not initialized. *
    * *
    * The Symbol Path can be set by: *
    * using the _NT_SYMBOL_PATH environment variable. *
    * using the -y <symbol_path> argument when starting the debugger. *
    * using .sympath and .sympath+ *
    ************************************************** *******************
    Unable to load image ntoskrnl.exe, Win32 error 2
    *** WARNING: Unable to verify timestamp for ntoskrnl.exe
    *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
    Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Kernel base = 0x804d7000 PsLoadedModuleList = 0x805624a0
    Debug session time: Fri Feb 10 22:31:34.467 2006 (GMT-5)
    System Uptime: 0 days 0:04:58.470
    ************************************************** *******************
    * Symbols can not be loaded because symbol path is not initialized. *
    * *
    .................................................. .................................................. ............................................
    Loading User Symbols
    Loading unloaded module list
    ..............
    Unable to load image wanarp.sys, Win32 error 2
    *** WARNING: Unable to verify timestamp for wanarp.sys
    *** ERROR: Module load completed but symbols could not be loaded for wanarp.sys
    ERROR: FindPlugIns 8007007b
    ************************************************** *****************************
    * *
    * Bugcheck Analysis *
    * *
    ************************************************** *****************************

    Use !analyze -v to get detailed debugging information.

    BugCheck 100000D1, {0, 2, 0, 0}

    ***** Kernel symbols are WRONG. Please fix symbols to do analysis.

    *** WARNING: Unable to verify timestamp for TMeter.sys
    *** ERROR: Module load completed but symbols could not be loaded for ************************************************** ***********************
    *** ***
    *** ***
    *** Your debugger is not using the correct symbols ***
    *** ***
    *** In order for this command to work properly, your symbol path ***

    Probably caused by : wanarp.sys ( wanarp+5058 )

    Followup: MachineOwner
    ---------

    ----- 32 bit Kernel Mini Dump Analysis

    DUMP_HEADER32:
    MajorVersion 0000000f
    MinorVersion 00000a28
    KdSecondaryVersion 00000000
    DirectoryTableBase 22652000
    PfnDataBase 81d13000
    PsLoadedModuleList 805624a0
    PsActiveProcessHead 80568558
    MachineImageType 0000014c
    NumberProcessors 00000002
    BugCheckCode 100000d1
    BugCheckParameter1 00000000
    BugCheckParameter2 00000002
    BugCheckParameter3 00000000
    BugCheckParameter4 00000000
    PaeEnabled 00000000
    KdDebuggerDataBlock 805522e0
    SecondaryDataState 00000000
    ProductType 00000001
    SuiteMask 00000110
    MiniDumpFields 00000dff

    TRIAGE_DUMP32:
    ServicePackBuild 00000200
    SizeOfDump 00010000
    ValidOffset 0000fffc
    ContextOffset 00000320
    ExceptionOffset 000007d0
    MmOffset 00001068
    UnloadedDriversOffset 000010a0
    PrcbOffset 00001878
    ProcessOffset 000024c8
    ThreadOffset 00002728
    CallStackOffset 00002980
    SizeOfCallStack 00000788
    DriverListOffset 00003398
    DriverCount 000000b5
    StringPoolOffset 00006958
    StringPoolSize 00001948
    BrokenDriverOffset 00000000
    TriageOptions 00000041
    TopOfStack a51c2878
    DebuggerDataOffset 00003108
    DebuggerDataSize 00000290
    DataBlocksOffset 000082a0
    DataBlocksCount 00000003
    8417d000 - 8417dfff at offset 000082d0
    86b38000 - 86b38fff at offset 000092d0
    86cf5000 - 86cf5fff at offset 0000a2d0
    Max offset b2d0, ad30 from end of file


    Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
    Product: WinNt, suite: TerminalServer SingleUserTS
    Kernel base = 0x804d7000 PsLoadedModuleList = 0x805624a0
    Debug session time: Fri Feb 10 22:31:34.467 2006 (GMT-5)
    System Uptime: 0 days 0:04:58.470
    start end module name
    804d7000 806fd000 nt Tue Mar 01 19:57:27 2005 (42250F77)
    806fd000 8071dd00 hal Wed Aug 04 01:59:09 2004 (41107B2D)
    a47e9000 a47fa980 NAVENG Mon Nov 28 19:03:55 2005 (438B9AEB)
    a47fb000 a48b0ec0 NavEx15 Mon Nov 28 18:52:12 2005 (438B982C)
    a4e7c000 a4e7f800 asyncmac Wed Aug 04 02:05:02 2004 (41107C8E)
    a4f74000 a4f96080 RDPWD Thu Jun 09 19:52:39 2005 (42A8D647)
    a52df000 a5302000 Fastfat Wed Aug 04 02:14:15 2004 (41107EB7)
    Reply With Quote Reply With Quote
  3. February 11th, 2006, 09:57 AM #18
    CeeBee
    CeeBee is offline
    Registered User CeeBee's Avatar
    Join Date
    Nov 2002
    Location
    USA
    Posts
    2,494
    My instinct tells me that a system file on your system is corrupt: c:\windows\system32\wanarp.sys
    This could be due to spyware installed on your computer. Do a check for spyware (maybe also post a HijackThis log). Again, newdot.net comes first to my mind... But do *not* attempt to fix it by removal, just post the result.
    Protected by Glock. Don't mess with me!
    Reply With Quote Reply With Quote
  4. February 11th, 2006, 12:29 PM #19
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    run norton and msft

    Ceebee, I run norton scan and msft spyware eveery week. just reran and nothing shows up. Is there another spyware tool I should try?
    Reply With Quote Reply With Quote
  5. February 11th, 2006, 12:31 PM #20
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    update

    I'm now running ad aware. any other checks you suggest?
    Reply With Quote Reply With Quote
  6. February 11th, 2006, 01:13 PM #21
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    Hijackthis log

    Ok, here's the hijackthis log
    (I did a search for wanarp.sys and nothing came up) The log is two long so I'll try to post it in parts

    Part 1

    Logfile of HijackThis v1.99.1
    Scan saved at 12:45:24 PM, on 2/11/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
    C:\Program Files\Yahoo!\Yahoo! Desktop Search\YDSsystray.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\tcpIQ\Line Speed Meter\LineSpeedMeter.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\tcpsvcs.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\Program Files\TrafMeter\TrafSvc.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Free Software\tclock\TClock.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    c:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Yahoo!\Yahoo! Desktop Search\YahooDesktopSearch.exe
    C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    c:\program files\yahoo!\yahoo! desktop search\textExtractor.exe
    C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hijack\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csea rchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Bob Slotpole\Application Data\Mozilla\Profiles\default\wfeeltyp.slt\prefs.j s)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
    O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [YDSsystray] C:\Program Files\Yahoo!\Yahoo! Desktop Search\YDSsystray.exe
    O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Line Speed Meter V3.0] C:\Program Files\tcpIQ\Line Speed Meter\LineSpeedMeter.exe -minimized
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [aNMain] C:\Program Files\Common Files\Symantec Shared\NMain.exe
    O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1
    O4 - HKCU\..\Run: [nmgcasServ] C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [gcasDtServ] C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - Startup: SYSTRAY.lnk = C:\WINDOWS\SYSTEM32\SYSTRAY.EXE
    O4 - Startup: TClock.lnk = C:\Free Software\tclock\TClock.exe
    O4 - Startup: Yahoo! Desktop Search System Tray.lnk = Yahoo!\Yahoo! Desktop Search\YDSsystray.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = HP\Digital Imaging\bin\hpqthb08.exe
    Reply With Quote Reply With Quote
  7. February 11th, 2006, 01:18 PM #22
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    part 2

    O4 - Global Startup: HP Image Zone Fast Start.lnk = HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI8CBC~1\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Open Link Target in Firefox - file://C:\Documents and Settings\Bob Slotpole\Application Data\Mozilla\Firefox\Profiles\7nd0ozyl.Default User\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O8 - Extra context menu item: View This Page in Firefox - file://C:\Documents and Settings\Bob Slotpole\Application Data\Mozilla\Firefox\Profiles\7nd0ozyl.Default User\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O12 - Plugin for .exe: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll
    O12 - Plugin for .htm: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
    O12 - Plugin for .zip: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npfd.dll
    O15 - Trusted Zone: http://www.cartoonnetwork.com
    O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
    O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/tech...l/LSSupCtl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
    O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
    O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://www.installshield.com/install/iftwclix.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1130250190087
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37380.cab
    O16 - DPF: {8DAE7A62-4632-4691-805C-0338A5F26F9D} (Spam Arrest Email Configurator Download) - https://spamarrest.com/xcarab/10110/saclient.cab
    O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/Visi.../TLIEFlash.CAB
    O16 - DPF: {99999999-9999-9999-9999-999999999999} - https://topas.vestek.com/TopasUpdate...UpdaterCab.CAB
    O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/pro...tor/WebAAS.cab
    O16 - DPF: {A93D84FD-641F-43AE-B963-E6FA84BE7FE7} (LinkSys Content Update) - http://www.linksysfix.com/netcheck/2...l/gtdownls.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/Ms...Downloader.cab
    O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1) -
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...l/SymAData.cab
    O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
    O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} - http://www.sunterra.com/downloads/svh/svideo3.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/def...ploader_v6.cab
    O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {E6EB803E-DD89-11D3-80C4-0050DA2E09D0} (LightSurfUploadCtl Class) - http://prints.picturecenter.kodak.co...oadControl.cab
    O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca04.rightnowtech.com/702.../java/RntX.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/is...98/mcfscan.cab
    O16 - DPF: {EFAEF0E4-F044-4D57-9900-1C3FF18524C9} (AV Class) - http://www.pcpitstop.com/antivirus/PitPav.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} - http://chat.msn.com/bin/msnchat45.cab
    O18 - Protocol: bw+0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {98B22827-1877-4815-9C4C-8D21E65537B3} -
    Reply With Quote Reply With Quote
  8. February 11th, 2006, 01:20 PM #23
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    part 3 end

    O18 - Protocol: bwh0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: Festoon - (no CLSID) - (no file)
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {98B22827-1877-4815-9C4C-8D21E65537B3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SoftPerfect Bandwidth Manager (bwmservice) - Unknown owner - C:\Program Files\SoftPerfect Bandwidth Manager\bwmsvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
    O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrafMeter 5.5.286 (TrafSvc) - Unknown owner - C:\Program Files\TrafMeter\TrafSvc.exe
    Reply With Quote Reply With Quote
  9. February 12th, 2006, 12:15 AM #24
    CeeBee
    CeeBee is offline
    Registered User CeeBee's Avatar
    Join Date
    Nov 2002
    Location
    USA
    Posts
    2,494
    What I see and can raise some questions are:
    -a speed meter
    -a traffic monitor
    -winpcap
    since vpn is supposed to create an encrypted "tunnel" it is possible that any of these causes a crash as they are trying to "capture" the traffic.

    Also go to the system event viewer and open the event called "Save Dump" and paste it here (just cause a new bsod if you have cleared the event log).
    From the crash description so far the traffic meter seems to be at fault, but let's see what the event viewer has to say.
    Protected by Glock. Don't mess with me!
    Reply With Quote Reply With Quote
  10. February 12th, 2006, 11:17 AM #25
    rss
    rss is offline
    Registered User
    Join Date
    Sep 2004
    Posts
    109

    Ceebee, you rock!

    Well, at long last we come to the end of this puzzle. I disabled those three and low and behold the BLUE SCREEN OF DEATH is no more. Thank you. I really appreciate your help.

    I do have another minor problem that I'll pose but if you don't have the answer right off the top there's a fair amount of research I need to do first.

    When I connect my laptop directly to cable modem the vpn works fine. But when I try to vpn from my desktop through a wireless router thats connected to a wired router I get a 619 error. The desktop is wirless and I'm told that the wireless router is acting like a switch. The problem may be port forwarding.

    So my question is do you know how to vpn over a wirelesss network that's connected to the interent through a wired router? Also, how would I find out what port the vpn connection is trying to use?
    Reply With Quote Reply With Quote
  11. February 12th, 2006, 05:13 PM #26
    CeeBee
    CeeBee is offline
    Registered User CeeBee's Avatar
    Join Date
    Nov 2002
    Location
    USA
    Posts
    2,494
    Some routers have an option to enable/disable vpn passthrough. Check your router's documentation. Sometimes a firmware update is needed.
    Protected by Glock. Don't mess with me!
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. blue screen of death vxd errors
    By mycomputerblows in forum Windows 95/98/98SE/ME
    Replies: 24
    Last Post: April 14th, 2001, 01:47 AM
  2. [RESOLVED] Vredir.vxd Blue Screen of Death When Printing
    By eedmond in forum Windows NT/2000
    Replies: 3
    Last Post: February 12th, 2001, 08:01 PM
  3. [RESOLVED] blue screen of death
    By necropolis22 in forum Tech-To-Tech
    Replies: 7
    Last Post: December 5th, 2000, 12:16 AM
  4. [RESOLVED] BSOD (blue screen of death
    By dragornus in forum Windows 95/98/98SE/ME
    Replies: 0
    Last Post: August 15th, 2000, 09:08 AM
  5. [RESOLVED] Blue Screen of Death
    By Harry in forum Windows 95/98/98SE/ME
    Replies: 5
    Last Post: July 6th, 1999, 09:19 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules