Outlook 2003 slow startup - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 05-14-2006, 05:01 PM   #1 (permalink)
Newb Techie
 
Join Date: May 2006
Posts: 12
Send a message via Yahoo to realz
Default Outlook 2003 slow startup

I m facing issues with my outlook 2003 getting hang during startups.... i tried to watch the exe using windbg.exe and have found the culprit

Look at the output below....i wanna find out what's
(204.c1c): Unknown exception - code 000006d9 (first chance)
(204.c1c): Unknown exception - code 000006ba (first chance)
(204.9b0): Unknown exception - code 000006ba (first chance)
??????

please answer my question ASAP



****************************************




CommandLine: "C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE"
Symbol search path is: *** Invalid ***
************************************************** **************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
************************************************** **************************
Executable search path is:
ModLoad: 30000000 30031000 outlook.exe
ModLoad: 7c900000 7c9b0000 ntdll.dll
ModLoad: 7c800000 7c8f4000 C:\WINDOWS\system32\kernel32.dll
ModLoad: 30040000 30788000 C:\Program Files\Microsoft Office\OFFICE11\OUTLLIB.dll
ModLoad: 77c10000 77c68000 C:\WINDOWS\system32\MSVCRT.dll
ModLoad: 77dd0000 77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
ModLoad: 77e70000 77f01000 C:\WINDOWS\system32\RPCRT4.dll
ModLoad: 773d0000 774d2000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
ModLoad: 77f10000 77f57000 C:\WINDOWS\system32\GDI32.dll
ModLoad: 77d40000 77dd0000 C:\WINDOWS\system32\USER32.dll
ModLoad: 77f60000 77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
ModLoad: 774e0000 7761d000 C:\WINDOWS\system32\ole32.dll
(204.4c4): Break instruction exception - code 80000003 (first chance)
eax=00261eb4 ebx=7ffd7000 ecx=00000006 edx=00000040 esi=00261f48 edi=00261eb4
eip=7c901230 esp=0013fb20 ebp=0013fc94 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
ntdll!DbgBreakPoint:
7c901230 cc int 3
0:000> g
ModLoad: 5cb70000 5cb96000 C:\WINDOWS\system32\ShimEng.dll
ModLoad: 629c0000 629c9000 C:\WINDOWS\system32\LPK.DLL
ModLoad: 74d90000 74dfb000 C:\WINDOWS\system32\USP10.dll
ModLoad: 10000000 1000d000 C:\WINDOWS\system32\ocmapihk.dll
LoadLibraryExW is Patched
ModLoad: 37000000 37013000 C:\WINDOWS\system32\EntApi.dll
ModLoad: 76bf0000 76bfb000 C:\WINDOWS\system32\PSAPI.DLL
ModLoad: 5b860000 5b8b4000 C:\WINDOWS\system32\NETAPI32.dll
ModLoad: 71ab0000 71ac7000 C:\WINDOWS\system32\WS2_32.dll
ModLoad: 71aa0000 71aa8000 C:\WINDOWS\system32\WS2HELP.dll
ModLoad: 771b0000 77259000 C:\WINDOWS\system32\WININET.dll
ModLoad: 77a80000 77b14000 C:\WINDOWS\system32\CRYPT32.dll
ModLoad: 77b20000 77b32000 C:\WINDOWS\system32\MSASN1.dll
ModLoad: 77120000 771ac000 C:\WINDOWS\system32\OLEAUT32.dll
ModLoad: 30c90000 31848000 C:\Program Files\Common Files\Microsoft Shared\office11\mso.dll
ModLoad: 5ad70000 5ada8000 C:\WINDOWS\system32\uxtheme.dll
ModLoad: 00930000 0093e000 C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
ModLoad: 74720000 7476b000 C:\WINDOWS\system32\MSCTF.dll
ModLoad: 63000000 63013000 C:\WINDOWS\system32\SynTPFcs.dll
ModLoad: 77c00000 77c08000 C:\WINDOWS\system32\VERSION.dll
ModLoad: 308e0000 30bcc000 C:\Program Files\Microsoft Office\OFFICE11\1033\outllibr.dll
ModLoad: 35f70000 360cc000 C:\Program Files\Common Files\System\MSMAPI\1033\msmapi32.dll
ModLoad: 61dd0000 61df1000 C:\Program Files\Common Files\System\MSMAPI\1033\mapi32.dll
ModLoad: 00cb0000 00f76000 C:\WINDOWS\system32\msi.dll
ModLoad: 35e80000 35f40000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\MAPIR.DLL
ModLoad: 7c9c0000 7d1d5000 C:\WINDOWS\system32\SHELL32.dll
ModLoad: 5d090000 5d127000 C:\WINDOWS\system32\comctl32.dll
ModLoad: 39700000 397eb000 C:\Program Files\Common Files\Microsoft Shared\office11\riched20.dll
ModLoad: 35ae0000 35b23000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\EMSABP32.DLL
ModLoad: 35c30000 35c57000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\EMSUI32.DLL
ModLoad: 77fe0000 77ff1000 C:\WINDOWS\system32\Secur32.dll
ModLoad: 71ad0000 71ad9000 C:\WINDOWS\system32\WSOCK32.dll
ModLoad: 76d60000 76d79000 C:\WINDOWS\system32\iphlpapi.dll
ModLoad: 71a50000 71a8f000 C:\WINDOWS\System32\mswsock.dll
ModLoad: 76d40000 76d58000 C:\WINDOWS\system32\MPRAPI.dll
ModLoad: 77cc0000 77cf2000 C:\WINDOWS\system32\ACTIVEDS.dll
ModLoad: 76e10000 76e35000 C:\WINDOWS\system32\adsldpc.dll
ModLoad: 76f60000 76f8c000 C:\WINDOWS\system32\WLDAP32.dll
ModLoad: 76b20000 76b31000 C:\WINDOWS\system32\ATL.DLL
ModLoad: 76e80000 76e8e000 C:\WINDOWS\system32\rtutils.dll
ModLoad: 71bf0000 71c03000 C:\WINDOWS\system32\SAMLIB.dll
ModLoad: 77920000 77a13000 C:\WINDOWS\system32\SETUPAPI.dll
ModLoad: 35440000 3545f000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\contab32.dll
ModLoad: 76f20000 76f47000 C:\WINDOWS\system32\DNSAPI.dll
(204.ca0): Unknown exception - code 000006ba (first chance)
ModLoad: 11900000 11918000 C:\Program Files\Network Associates\VirusScan\scanemal.dll
ModLoad: 19200000 19209000 C:\Program Files\Network Associates\VirusScan\RES09\SEmalRes.dll
ModLoad: 19250000 19254000 C:\Program Files\Network Associates\VirusScan\RES09\Product.dll
ModLoad: 18200000 1822a000 C:\Program Files\Network Associates\VirusScan\ShUtil.DLL
ModLoad: 01f80000 02246000 C:\WINDOWS\system32\msi.dll
ModLoad: 18440000 18446000 C:\Program Files\Network Associates\VirusScan\naiwmain.dll
ModLoad: 763b0000 763f9000 C:\WINDOWS\system32\comdlg32.dll
ModLoad: 12400000 12461000 C:\Program Files\Network Associates\VirusScan\mytilus.dll
ModLoad: 12580000 12585000 C:\Program Files\Network Associates\VirusScan\Res09\McShield.dll
ModLoad: 12000000 121e0000 C:\Program Files\Common Files\Network Associates\Engine\mcscan32.dll
ModLoad: 76f50000 76f58000 C:\WINDOWS\system32\WTSAPI32.Dll
ModLoad: 76360000 76370000 C:\WINDOWS\system32\WINSTA.dll
ModLoad: 76fd0000 7704f000 C:\WINDOWS\system32\CLBCATQ.DLL
ModLoad: 77050000 77115000 C:\WINDOWS\system32\COMRes.dll
ModLoad: 20000000 202c5000 C:\WINDOWS\system32\xpsp2res.dll
(204.ca0): Unknown exception - code 000006ba (first chance)
ModLoad: 60320000 60342000 C:\Program Files\Network Associates\Common Framework\GenEvtInf.dll
ModLoad: 75e90000 75f40000 C:\WINDOWS\system32\SXS.DLL
ModLoad: 24700000 2474d000 C:\Program Files\Network Associates\VirusScan\NaEventU.DLL
ModLoad: 71b20000 71b32000 C:\WINDOWS\system32\MPR.dll
ModLoad: 24800000 24815000 C:\Program Files\Network Associates\VirusScan\Res09\naEvtRes.dll
ModLoad: 35b70000 35c1f000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\EMSMDB32.DLL
ModLoad: 039f0000 03ba0000 C:\Program Files\PGP Corporation\PGP Desktop\OCEMSMDB.DLL
ModLoad: 03bb0000 03d24000 C:\WINDOWS\system32\PGPsdk.dll
ModLoad: 77c70000 77c93000 C:\WINDOWS\system32\msv1_0.dll
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.ca0): Unknown exception - code 000006ba (first chance)
ModLoad: 662b0000 66308000 C:\WINDOWS\system32\hnetcfg.dll
ModLoad: 71a90000 71a98000 C:\WINDOWS\System32\wshtcpip.dll
(204.ca0): Unknown exception - code 000006d9 (first chance)
ModLoad: 76fc0000 76fc6000 C:\WINDOWS\system32\rasadhlp.dll
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): C++ EH exception - code e06d7363 (first chance)
ModLoad: 35cb0000 35d62000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\MSPST32.DLL
ModLoad: 03d40000 03ef0000 C:\Program Files\PGP Corporation\PGP Desktop\OCMSPST.DLL
ModLoad: 76c00000 76c2e000 C:\WINDOWS\system32\credui.dll
(204.4c4): Unknown exception - code 000006ba (first chance)
ModLoad: 767a0000 767b3000 C:\WINDOWS\system32\NTDSAPI.dll
(204.dd8): Unknown exception - code 000006ba (first chance)
(204.dd8): Unknown exception - code 000006ba (first chance)
(204.dd8): Unknown exception - code 000006d9 (first chance)
ModLoad: 018b0000 018c0000 C:\WINDOWS\system32\PGPlsp.dll
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.dd8): Unknown exception - code 000006ba (first chance)
(204.dd8): Unknown exception - code 000006d9 (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
ModLoad: 71cf0000 71d3b000 C:\WINDOWS\system32\kerberos.dll
ModLoad: 76790000 7679c000 C:\WINDOWS\system32\cryptdll.dll
(204.b9c): Unknown exception - code 000006ba (first chance)
(204.b9c): Unknown exception - code 000006d9 (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.8ec): Unknown exception - code 000006ba (first chance)
(204.8ec): Unknown exception - code 000006d9 (first chance)
(204.8ec): Unknown exception - code 000006ba (first chance)
(204.8ec): Unknown exception - code 000006d9 (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): Unknown exception - code 000006ba (first chance)
(204.4c4): C++ EH exception - code e06d7363 (first chance)
ModLoad: 76380000 76385000 C:\WINDOWS\system32\msimg32.dll
ModLoad: 19000000 190dc000 C:\Program Files\Network Associates\VirusScan\Graphics.dll
ModLoad: 35420000 35431000 C:\Program Files\Microsoft Office\OFFICE11\OUTLRPC.dll
ModLoad: 359a0000 359f8000 C:\Program Files\Microsoft Office\OFFICE11\exsec32.dll
(204.9b0): Unknown exception - code 000006ba (first chance)
(204.9b0): Unknown exception - code 000006ba (first chance)
ModLoad: 76390000 763ad000 C:\WINDOWS\system32\IMM32.dll
ModLoad: 35510000 35570000 C:\Program Files\Microsoft Office\OFFICE11\RTFHTML.DLL
ModLoad: 75cf0000 75d81000 C:\WINDOWS\system32\mlang.dll
ModLoad: 59000000 59032000 C:\PROGRA~1\MSNMES~1\msgsc.dll
ModLoad: 7c340000 7c396000 C:\PROGRA~1\MSNMES~1\MSVCR71.dll
(204.9b0): Unknown exception - code 000006d9 (first chance)
ModLoad: 77b40000 77b62000 C:\WINDOWS\system32\appHelp.dll
ModLoad: 77a20000 77a74000 C:\WINDOWS\System32\cscui.dll
ModLoad: 76600000 7661d000 C:\WINDOWS\System32\CSCDLL.dll
ModLoad: 746f0000 7471a000 C:\WINDOWS\system32\msimtf.dll
ModLoad: 355c0000 355c9000 C:\PROGRA~1\MICROS~2\OFFICE11\OUTLACCT.DLL
ModLoad: 608a0000 608af000 C:\WINDOWS\system32\msident.dll
ModLoad: 60890000 60896000 C:\WINDOWS\system32\msidntld.dll
ModLoad: 5e0c0000 5e0cd000 C:\WINDOWS\system32\PSTOREC.DLL
ModLoad: 35980000 35992000 C:\Program Files\Microsoft Office\OFFICE11\SENDTO.DLL
(204.ca0): Unknown exception - code 000006d9 (first chance)
(204.5fc): Unknown exception - code 000006ba (first chance)
(204.5fc): Unknown exception - code 000006d9 (first chance)
(204.d20): Unknown exception - code 000006ba (first chance)
(204.d20): Unknown exception - code 000006d9 (first chance)
ModLoad: 77690000 776b1000 C:\WINDOWS\system32\NTMARTA.DLL
(204.f64): Unknown exception - code 000006ba (first chance)
(204.f64): Unknown exception - code 000006d9 (first chance)
(204.bfc): Unknown exception - code 000006ba (first chance)
(204.bfc): Unknown exception - code 000006d9 (first chance)
(204.f64): Unknown exception - code 000006ba (first chance)
(204.f64): Unknown exception - code 000006d9 (first chance)
(204.bfc): Unknown exception - code 000006ba (first chance)
(204.bfc): Unknown exception - code 000006d9 (first chance)
ModLoad: 35950000 35974000 C:\Program Files\Microsoft Office\OFFICE11\outlph.dll
ModLoad: 35db0000 35e52000 C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\OUTEX.dll
ModLoad: 74c80000 74cac000 C:\WINDOWS\system32\OLEACC.dll
ModLoad: 76080000 760e5000 C:\WINDOWS\system32\MSVCP60.dll
(204.d20): Unknown exception - code 000006ba (first chance)
(204.d20): Unknown exception - code 000006d9 (first chance)
(204.a8c): Unknown exception - code 000006ba (first chance)
(204.a8c): Unknown exception - code 000006d9 (first chance)
ModLoad: 61e00000 61e1f000 C:\WINDOWS\system32\mapi32.dll
ModLoad: 66900000 66944000 C:\WINDOWS\system32\msdrm.dll
ModLoad: 76780000 76789000 C:\WINDOWS\system32\SHFOLDER.dll
(204.ca4): Unknown exception - code 000006ba (first chance)
(204.ca4): Unknown exception - code 000006ba (first chance)
(204.ca4): Unknown exception - code 000006d9 (first chance)
ModLoad: 71d40000 71d5c000 C:\WINDOWS\system32\ACTXPRXY.DLL
ModLoad: 01d70000 01d7f000 C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
(204.c1c): Unknown exception - code 000006ba (first chance)
(204.c1c): Unknown exception - code 000006ba (first chance)
(204.c1c): Unknown exception - code 000006d9 (first chance)
(204.c1c): Unknown exception - code 000006ba (first chance)
(204.9b0): Unknown exception - code 000006ba (first chance)
(204.9b0): Unknown exception - code 000006d9 (first chance)
(204.9b0): Unknown exception - code 000006ba (first chance)
ModLoad: 76150000 761fa000 C:\WINDOWS\system32\inetcomm.dll
ModLoad: 76880000 768a2000 C:\WINDOWS\system32\MSOERT2.dll
ModLoad: 01df0000 01dfe000 C:\WINDOWS\system32\inetres.dll
ModLoad: 76fb0000 76fb8000 C:\WINDOWS\System32\winrnr.dll
(204.84c): Unknown exception - code 000006ba (first chance)
(204.84c): Unknown exception - code 000006d9 (first chance)
(204.c88): Unknown exception - code 000006ba (first chance)
(204.c88): Unknown exception - code 000006d9 (first chance)
(204.c88): Unknown exception - code 000006ba (first chance)
ModLoad: 767f0000 76817000 C:\WINDOWS\system32\schannel.dll
ModLoad: 769c0000 76a73000 C:\WINDOWS\system32\USERENV.dll
ModLoad: 0ffd0000 0fff8000 C:\WINDOWS\system32\rsaenh.dll
ModLoad: 68100000 68124000 C:\WINDOWS\system32\dssenh.dll
ModLoad: 35650000 35668000 C:\PROGRA~1\MICROS~2\OFFICE11\OUTLMIME.DLL
ModLoad: 09c60000 09cad000 C:\Program Files\Microsoft Office\OFFICE11\OUTLFLTR.DLL
ModLoad: 4d4f0000 4d548000 C:\WINDOWS\system32\WINHTTP.dll
ModLoad: 78800000 78942000 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL
ModLoad: 7dc30000 7df20000 C:\WINDOWS\system32\mshtml.dll
ModLoad: 746c0000 746e7000 C:\WINDOWS\system32\msls31.dll
ModLoad: 77760000 778cf000 C:\WINDOWS\system32\SHDOCVW.dll
ModLoad: 754d0000 75550000 C:\WINDOWS\system32\CRYPTUI.dll
ModLoad: 76c30000 76c5e000 C:\WINDOWS\system32\WINTRUST.dll
ModLoad: 76c90000 76cb8000 C:\WINDOWS\system32\IMAGEHLP.dll
ModLoad: 77260000 77300000 C:\WINDOWS\system32\urlmon.dll
ModLoad: 36bd0000 36bfa000 C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL
ModLoad: 057b0000 05838000 C:\WINDOWS\system32\shdoclc.dll
ModLoad: 51660000 5168c000 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL
ModLoad: 51580000 515ab000 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL
ModLoad: 76200000 76271000 C:\WINDOWS\system32\mshtmled.dll
ModLoad: 76820000 76834000 C:\WINDOWS\system32\hlink.dll
ModLoad: 35650000 35668000 C:\PROGRA~1\MICROS~2\OFFICE11\OUTLMIME.DLL
ModLoad: 76b40000 76b6d000 C:\WINDOWS\system32\WINMM.dll
ModLoad: 72d20000 72d29000 C:\WINDOWS\system32\wdmaud.drv
ModLoad: 72d20000 72d29000 C:\WINDOWS\system32\wdmaud.drv
ModLoad: 72d10000 72d18000 C:\WINDOWS\system32\msacm32.drv
ModLoad: 77be0000 77bf5000 C:\WINDOWS\system32\MSACM32.dll
ModLoad: 77bd0000 77bd7000 C:\WINDOWS\system32\midimap.dll
__________________

realz is offline  
Old 05-14-2006, 05:03 PM   #2 (permalink)
Banned
 
Join Date: May 2005
Posts: 7,915
Send a message via Yahoo to talldude123
Default

Post a HiJackThis log. Its gonna be alot easier for us.

Download : http://www.majorgeeks.com/download3155.html

Run Scan and save a logfile. Paste the logfile here.
__________________

talldude123 is offline  
Old 05-14-2006, 06:17 PM   #3 (permalink)
Newb Techie
 
Join Date: May 2006
Posts: 12
Send a message via Yahoo to realz
Default

Logfile of HijackThis v1.99.1
Scan saved at 6:17:22 PM, on 5/14/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Cisco System\VPN Client\cvpnd.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Say the Time\SayTime.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Cisco System\VPN Client\vpngui.exe
C:\Program Files\Cisco System\VPN Client\ipseclog.exe
C:\WINDOWS\system32\mstsc.exe
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Software4u\Office CleanUP 2006 Small\Software4u.OfficeCleanUP.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DAP\DAP.EXE
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Program Files\Debugging Tools for Windows\windbg.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\ralvarez\Local Settings\Temp\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Common Files\ReGet Shared\Catcher.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [Say the Time] C:\Program Files\Say the Time\SayTime.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: IRMC VPN- SU.LNK = C:\Program Files\Cisco System\VPN Client\ipsecdialer.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco System\VPN Client\vpngui.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Common Files\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Common Files\ReGet Shared\CC_All.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\pgplsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\pgplsp.dll
O12 - Plugin for .NPSSView: C:\Program Files\Seagate Software\Viewers\ActiveXViewer\NPssView.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O15 - Trusted Zone: *.hi5
O15 - Trusted Zone: *.hi5.com
O15 - Trusted Zone: *.live.com
O15 - Trusted Zone: *.msn.com
O15 - Trusted Zone: *.passport.com
O15 - Trusted Zone: *.passport.net
O15 - Trusted Zone: *.usnjpar1hds1
O16 - DPF: PowerBuilder DW Control & JDBC - http://usnjpar1hds1/webview/psdwc100.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} - https://www.windowsonecare.com/insta...SSWebAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://www.runaware.com/dolphin/wficat.cab
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {460324E8-CFB4-4357-85EF-CE3EBFE23A62} (Crystal ActiveX Report Viewer Control 11.0) - http://usnjpar1blcry01/crystalreport...iveXViewer.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - https://scan.safety.live.com/resourc...scbase3401.cab
O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - http://www.amiuptodate.com/vsc/bin/1...datePortal.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1140439195784
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {7A7BA269-2D21-4B33-B60A-8510A1865D5F} (IWS Photo Upload Tool) - http://public2.uploader.officelive.c...X/MsnPUpld.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37590.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {CA059F51-A1D6-42EC-90B8-BC7D1EDC273C} (Axsched Class) - http://usnjpar1hds1/virmc/Scheduler.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://premconf.webex.com/client/v_...ex/ieatgpc.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = us.ad.irmc.com
O17 - HKLM\Software\..\Telephony: DomainName = us.ad.irmc.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A8D06A3-638D-4FD2-9CB4-E8262029B068}: NameServer = 202.56.215.6,202.56.230.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{456F2D2E-9C90-4F14-AA3A-B753F483FF20}: NameServer = 202.56.215.6,202.56.230.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{D22E4888-CA0F-408A-BA3A-0C4B3F780E4D}: NameServer = 202.56.215.6,202.56.230.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE602893-6F02-4E99-97E1-644D898E5ED7}: NameServer = 10.128.48.10,10.250.1.16
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = us.ad.irmc.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = us.ad.irmc.com,us.ad.irmc.com,ad.irmc.com,irmc.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A8D06A3-638D-4FD2-9CB4-E8262029B068}: NameServer = 202.56.215.6,202.56.230.6
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = us.ad.irmc.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = us.ad.irmc.com,ad.irmc.com,irmc.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A8D06A3-638D-4FD2-9CB4-E8262029B068}: NameServer = 202.56.215.6,202.56.230.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = us.ad.irmc.com,us.ad.irmc.com,ad.irmc.com,irmc.com
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: ocmapihk.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco System\VPN Client\cvpnd.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
realz is offline  
Old 05-15-2006, 02:38 AM   #4 (permalink)
Master Techie
 
Join Date: Oct 2003
Posts: 2,258
Default

try this. run outlook.exe /safe

if that fixes it, you have some stuff running as an add on that is causing trouble.
Inaris is offline  
Old 05-15-2006, 06:05 AM   #5 (permalink)
Newb Techie
 
Join Date: May 2006
Posts: 12
Send a message via Yahoo to realz
Default

Inaris...I have done all that...there is no use....i dont have any add ins.. i have seen by disabling them all...i am sure there is some Dll faulting...i need to know which one
realz is offline  
Old 05-15-2006, 11:42 AM   #6 (permalink)
Master Techie
 
Join Date: Oct 2003
Posts: 2,258
Default

have you uninstalled and reinstalled yet?
Have you tried running Filemon and Regmon to see if there is a problem with access?
Inaris is offline  
Old 05-15-2006, 06:50 PM   #7 (permalink)
Newb Techie
 
Join Date: May 2006
Posts: 12
Send a message via Yahoo to realz
Default

I have uninstalled and reinstalled....i dont know how to use filemon and regmon...can u please xplain how i use them
realz is offline  
Old 05-15-2006, 07:19 PM   #8 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

do you have sp2 applied yet?
__________________
Osiris is offline  
Old 05-15-2006, 07:50 PM   #9 (permalink)
Master Techie
 
Join Date: Oct 2003
Posts: 2,258
Default

They are tracing programs. They monitor all file (filemon) and registry (regmon) accesses that are occuring in the system.
Run Filemon, then launch outlook. At that point, the file accesses that occur are all being logged. Wait for the error, then stop the scan. Press ctrl F and type denied and see if anything shows up. Do the same for regmon. Look for access denied errors on both to see if something is setup wrong on that end.

Are you an admin on the machine?
Inaris is offline  
Old 05-15-2006, 09:06 PM   #10 (permalink)
Master Techie
 
Join Date: Feb 2004
Posts: 2,172
Send a message via AIM to Win2kpatcher
Default

When you do the uninstall make sure you run the MSI Installer cleaner tool from Microsoft on the Office/Outlook install as sometimes it doesnt get rid of all the files...but the cleaner will
__________________

Win2kpatcher is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 02:34 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.