I was an AOL user for 13 years starting in 1993, mostly because I didn't know any better. Now that I do, I can say with 100% certainty that you would be doing yourself an immense favor to drop AOL and move on to something else. Their software is far too buggy to be even remotely useful unless the only thing you are doing is sending/receiving email. May I ask why you are using AOL? Are you still on dial-up? If yes, you should get another ISP-cable or DSL. If the answer is no and you already have an ISP, just launch your browser and go where you want to go. Do what millions of others have done and forget AOL. Also...get rid of McAfee. There is better A-V software available and much of it is FREE or at lower cost than McAfee. Avira Antivir, Avast, AVG just to name a few.

Thru my internet searching, it didn't seem like an AOL problem...but not entirely sure though.
* I've been using the free AOL-Desktop for years now.
* We have a "medium-speed" wireless internet connection...not CABLE fast, but much faster than dial-up.
* Also using the FREE AOL/McAfee-A/V/Firewall.

Now...anyone know of places to debug/rectify this svchost.defaultgrp shut-down issue?!

Thanks again,
Faron

Click Here to download HJTInstall.exe
Save HJTInstall.exe to your desktop.
 Doubleclick on the HJTInstall.exe icon on your desktop.
 By default it will install to C:\Program Files\Trend Micro\HijackThis .
 Click on Install.
 It will create a HijackThis icon on the desktop.
 Once installed, it will launch Hijackthis.
 Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
 Click on "Edit > Select All" then click on "Edit > Copy" and Paste the entire contents of the log (no attachments) into your next post.
DO NOT use the AnalyzeThis button, its findings are dangerous if misinterpreted.
DO NOT have Hijackthis fix anything yet. Most of what HJT lists will be harmless or even required by your Operating System.

I would add the following free antispyware programs to your system to help you keep free of infection, these can safely be added right along side what you have. I personally no longer use spybot S&D, it used to be very good but others are better.
SUPERAntiSpyware Free Edition
Malwarebytes' Anti-Malware
both of those need to be updated and run a full scan with them, allow them to clean what they find. both come in free versions.

add spywareblaster, update it weekly then click on enable all protection to keep it updated, no scans to run it just does it's thing in the background.
SpywareBlaster

do those scans mentioned above and after rebooting let us know if you still are seeing error messages, I want to rule out an infection causing problems first.

Lets do this also please
Please download ATF Cleaner HERE by Atribune.
HERE
It does not require any installation.. It is set up to clean Windows TEMP folders, as well as IE, FireFox and Opera, Temporary Internet Files and Cookies.

Double-click ATF-Cleaner.exe to run the program.

First Step:
* Under Main choose: Select All
* Click the Empty Selected button.
.
Next, if you use Firefox (and some Mozilla-based browsers)
* Click Firefox at the top and choose: Select All
* Click the Empty Selected button.
.
Next, if you use the Opera browser
* Click Opera at the top and choose: Select All
* Click the Empty Selected button.

Click Exit on the Main menu to close the program.

Let me ask you this, did you do the install of sp3 to your xp? and if you did, at that time did you by any chance have Norton on the pc?

let me know those results Please
also make sure your McAfee is updating and has the latest definitions.

Thanks so much you guys!

Here's the Logfile:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:10:17 AM, on 9/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Common Files\AOL\1242353284\ee\AOLSoftware.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\MESSEN~1\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\SLIDESHW\Snsicon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1242353284\ee\AOLDesktop.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\RegCure\regcure.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/ext/gw/home.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com/ext/gw/home.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [GWMDMpi] C:\WINDOWS\GWMDMpi.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1242353284\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\PROGRA~1\MESSEN~1\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Snsicon.lnk = C:\SLIDESHW\Snsicon.exe
O4 - Startup: PowerReg SchedulerV2.exe
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM32\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Define - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O8 - Extra context menu item: Look Up in &Encyclopedia - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Encarta Encyclopedia - (2FDEF853-0759-11D4-A92E-006097DBED37) - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra 'Tools' menuitem: Encarta Encyclopedia - (2FDEF853-0759-11D4-A92E-006097DBED37) - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_ENC.HTM
O9 - Extra button: Define - (5DA9DE80-097A-11D4-A92E-006097DBED37) - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra 'Tools' menuitem: Define - (5DA9DE80-097A-11D4-A92E-006097DBED37) - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\A\ERS_DEF.HTM
O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .hpb: C:\PROGRA~1\INTERN~1\PLUGINS\nphpipb.dll
O15 - Trusted Zone: www.fargolibrary.org
O15 - Trusted Zone: www.tgt401k.com
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: (0C92900E-4D5A-4F04-ACC9-729E1767BBAE) (Image Uploader Control) - http://www.ritzpix.com/NET/Uploader/LPUploader45.cab
O16 - DPF: (11260943-421B-11D0-8EAC-0000C07D88CF) (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: (49232000-16E4-426C-A231-62846947304B) (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab
O16 - DPF: (4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120199057495
O16 - DPF: (73ECB3AA-4717-450C-A2AB-D00DAD9EE203) (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: (E2883E8F-472F-4FB0-9522-AC9BF37916A7) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS

--
End of file - 9971 bytes

I wouldn't doubt if this problem was somehow tied-into a Lexmark printer we don't use anymore.
It was creating registry "errors" that my Registry-Mechanic program kept finding.

Faron

What happens if you use your wireless internet connection without using your AOL desktop? If you just launch your Internet Explorer (or whatever browser you use) and visit your normal web sites, and then shut down....does the error still occur? This ought to give you an indication of whether or not the AOL software is part of the problem.

Azinoh (& others!),
Aaaaahhh yesssss...it could very well be AOL, in part at least...!

IE8 runs just fine for me when viewing AOL & everything thru IE. I don't recall any shutdown issues after using IE8, but I'll try later this a.m.

>>> Similiar issue I'm reminded of:

* 50% of the time, AOL doesn't RE-open when I double-click the icon...IF I've closed the browser, but NOT shut-down the computer.
* I always have to RESTART, then it'll open.
* Then, at shutdown, I'll sometimes get a window AOLLOAD.EXE issue, to which I have to click "End now".

Thanks guys!
Faron

Hi,
faron79

Re: Hijackthis log.

Not seeing anything to unusual, you do have a few Lexmark files (EXE'S) running and to many start up programs running those would be in the 04 entries, other then that there is nothing I see that relates to your issue.