| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 79643 | 2007-05-27 09:24:00 | USER.EXE and KERNEL32.DLL Error | Skyliner56 (12332) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 553622 | 2007-05-27 09:24:00 | Hi can anybody please help me to fix this two errors because they are coming up more and more offen and i am get really annoyed with reseting my computer every time they come up! Here are there details: EXPLORER caused an invalid page fault in module KERNEL32.DLL at 0167:bff7b9a6. Registers: EAX=00000000 CS=0167 EIP=bff7b9a6 EFLGS=00000246 EBX=82f3a1f8 SS=016f ESP=00eae388 EBP=82f3a1e4 ECX=d6db8390 DS=016f ESI=82f3a1f8 FS=5017 EDX=5000ebb8 ES=016f EDI=0000019c GS=0000 Bytes at CS:EIP: ff 76 04 e8 13 89 ff ff 5e c2 04 00 56 8b 74 24 Stack dump: 00000000 7f88de25 82f3a1f8 00eae3cc 00000003 00000000 00eae4ac 00000000 7f8c2fa3 00000000 00eae3c8 00eae3c4 00000003 00eae49c 00000000 7f8c1d34 XFILTER caused a general protection fault in module USER.EXE at 001e:00001dd7. Registers: EAX=00000000 CS=16df EIP=00001dd7 EFLGS=00000202 EBX=17b79528 SS=5f97 ESP=00008d90 EBP=01fe8da0 ECX=00000001 DS=16bf ESI=01fe9550 FS=0de7 EDX=0000000d ES=5f97 EDI=00028e8c GS=0000 Bytes at CS:EIP: c5 74 04 66 ad 66 ab 66 ad 66 8b c8 66 ab 83 c6 Stack dump: 00029560 01fe9550 1d0416bf 95289528 22028db6 000117af 95609550 00001dc1 8dc09528 8dc616bf 000121b0 1e449528 207b8de2 8de216bf 17af2119 95280001 |
Skyliner56 (12332) | ||
| 553623 | 2007-05-27 09:29:00 | Could be anything. Get hijackthis in my sig below, put it in its own folder then run it click on scan and save a log. Post the log here. It could be something on your system, thats making it crash. Whats Xfilter part of?? Do you know? |
Speedy Gonzales (78) | ||
| 553624 | 2007-05-27 09:42:00 | It says 'If the proplem persists, contact the program vendor' And heres the log Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 8:44:17 p.m., on 26/05/07 Platform: Windows 98 SE (Win9x 4.10.2222A) Boot mode: Normal Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\EASY INTERNET\ENCMONTR.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\PROGRAM FILES\ALCATEL ONE TOUCH 535-735\DESKTOPTOOL\DESKTOPTOOL.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE C:\PROGRAM FILES\FILSECLAB\XFILTER\XFILTER.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\RunDLL.exe C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE C:\PROGRAM FILES\COMMON FILES\FILSECLAB\FILMSG.EXE C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\ACCESSORIES\WORDPAD.EXE C:\PROGRAM FILES\ASTRA32\ASTRA32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAM FILES\WINZIP\WINZIP32.EXE C:\DOWNLOADS\HIJACKTHIS_V2.EXE C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: YBIOCtrl Class - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\IEFDMCKS.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [HPScanPatch] C:\WINDOWS\SYSTEM\HPScanFix.exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [AUXXTRAY] au10setp.exe 3 O4 - HKLM\..\Run: [Desktop Tool] "C:\Program Files\Alcatel One Touch 535-735\DesktopTool\DesktopTool.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE O4 - HKLM\..\Run: [xfilter] "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [errorkiller] "C:\Program Files\errorkiller\errorkiller.exe" -boot O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [Encompass_ENCMONTR] C:\Program Files\Easy Internet\ENCMONTR.EXE O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY O4 - HKCU\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\.DEFAULT\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY (User 'Default user') O4 - HKUS\.DEFAULT\..\Run: [MsnMsgr] "c:\Program Files\MSN Messenger\MsnMsgr.Exe" /background (User 'Default user') O4 - .DEFAULT Startup: Filseclab Messenger.lnk = C:\Program Files\Common Files\Filseclab\FilMsg.exe (User 'Default user') O4 - .DEFAULT Startup: PowerReg Scheduler V3.exe (User 'Default user') O4 - .DEFAULT Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (User 'Default user') O4 - Startup: Filseclab Messenger.lnk = C:\Program Files\Common Files\Filseclab\FilMsg.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - \MSMSGS.EXE (file missing) O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - \MSMSGS.EXE (file missing) O12 - Plugin for .3dml: C:\Program Files\Flatland\NProver.dll O16 - DPF: {DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C} (NSUpdateLiteCtrl Class) - 204.177.92.201 O16 - DPF: {1DEFB8C0-22A7-4E58-B735-43A169CDA2AB} (CWDL_DownLoadControl Class) - www.callwave.com O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - www2.incredimail.com O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - driveragent.com O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 202.27.158.40,202.27.156.72 O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SYSTEM\BROWSEUI.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SYSTEM\BROWSEUI.DLL -- End of file - 6015 bytes |
Skyliner56 (12332) | ||
| 553625 | 2007-05-27 09:53:00 | Whats Xfilter part of?? That appears to be part of the Filseclab Internet Guardian Angel ( . filseclab . com/eng/products/guardian . htm" target="_blank">www . filseclab . com) program . Have you tried uninstalling this application and seeing if that resolves the errors? |
Jen (38) | ||
| 553626 | 2007-05-27 10:09:00 | Run Hijackthis again tick these entries then tick fix checked. Close browser/s. O2 - BHO: YBIOCtrl Class - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) Uninstall this. I would say this is one of the causes of the crashes. O4 - HKLM\..\Run: [xfilter] "C:\Program Files\Filseclab\xfilter\xfilter.exe" -a - uninstall this. I think this is malware. O4 - HKLM\..\Run: [errorkiller] "C:\Program Files\errorkiller\errorkiller.exe" -boot 4 - Startup: Filseclab Messenger.lnk = C:\Program Files\Common Files\Filseclab\FilMsg.exe O4 - .DEFAULT Startup: PowerReg Scheduler V3.exe (User 'Default user') O4 - Startup: PowerReg Scheduler V3.exe O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - \MSMSGS.EXE (file missing) O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - \MSMSGS.EXE (file missing) O16 - DPF: {DA9A0B1E-9B7B-11D3-B8A4-00C04F79641C} (NSUpdateLiteCtrl Class) - 204.177.92.201 O16 - DPF: {1DEFB8C0-22A7-4E58-B735-43A169CDA2AB} (CWDL_DownLoadControl Class) - www.callwave.com O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - www2.incredimail.com Then reboot, then see if it crashes. as much. |
Speedy Gonzales (78) | ||
| 1 | |||||