dbessis
asked on
Microsoft Application Error Reporting
I run Windows XP Professional Service Pack II.
From time to time dwwin.exe (Microsoft Application Error Reporting )locks up the computer. I find it loading ELEVEN times in Task Manager! Some are consuming 85% of the CPU time while others add up to the complement: the CPU load remains 100% and the computer is locked up.
Deleting them manually does not help. They reappear a little time later. Finally, I have to reboot;
What is going wrong?
dbessis
From time to time dwwin.exe (Microsoft Application Error Reporting )locks up the computer. I find it loading ELEVEN times in Task Manager! Some are consuming 85% of the CPU time while others add up to the complement: the CPU load remains 100% and the computer is locked up.
Deleting them manually does not help. They reappear a little time later. Finally, I have to reboot;
What is going wrong?
dbessis
ASKER
How do I access Event Logs?
Thank you for your help,
dbessis
Thank you for your help,
dbessis
Once you access the event logs and see problems, most allow you to access the MS site for more if not; this link helps.
http://www.microsoft.com/technet/support/ee/search.aspx?DisplayName=Windows+XP+Professional&ProdName=Windows+Operating+System&MajorMinor=5.1&LCID=1033
You can go there directly from the run command or right-click My Computer icon in desktop and choose Manage.... Do you have Adminstrator access
http://www.microsoft.com/technet/support/ee/search.aspx?DisplayName=Windows+XP+Professional&ProdName=Windows+Operating+System&MajorMinor=5.1&LCID=1033
You can go there directly from the run command or right-click My Computer icon in desktop and choose Manage.... Do you have Adminstrator access
How To View and Manage Event Logs in Event Viewer in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;308427&Product=winxp
http://support.microsoft.com/default.aspx?scid=kb;en-us;308427&Product=winxp
ASKER
I did not write down the precise time when the lock up occurred. There are many errors at different time and days and I am confused; I shall wait until next time and immediately read the Event Logs after the lock up occurs.
Thank you for your help,
dbessis
Thank you for your help,
dbessis
Error Reporting process often saves file to your default temp directory, if not already cleared. Also, found that much of the Error Reporting that is analyzed by Microsoft deals with Add-Ons.... here's a brief excerpt and link for more detail in this regard.
Windows Error Reporting data has shown that add-ons are a major cause of stability issues in Internet Explorer. These add-ons significantly affect the reliability of Internet Explorer. These add-ons can also pose a security risk, because they might contain malicious and unknown code.
Many users are unaware of the add-ons they have installed on their computer. Some add-ons are loaded whenever Internet Explorer is started, but cannot be detected unless the user searches the registry. When users experienced crashes, there was no easy way to diagnose whether the issue was related to an add-on. Even if they suspected that the problem stemmed from recently-installed software, it was difficult to isolate the cause and often impossible to resolve if the software did not provide an uninstall option.
Source for more: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx
If I were in your shoes, given all the problems you've been having, I'd be sure to get my Viruscan program updated and run a full scan. I'd also check for Spyware intrusions using some good tools. My preferences are what I call a great combo... AdAware SE Pro and Spybot S&D and configure the first to do deep scanning including the HOSTS file, the second I use the Immunize function to block about 2344 spyware intrusions. More about those tools as well as HijackThis guidance below:
https://www.experts-exchange.com/questions/20975384/Standard-response-material-re-Spyware-Adware-BHOs-and-other-Malware.html
https://www.experts-exchange.com/questions/21149514/Instructions-regarding-the-handling-of-HIJACK-THIS-logs.html
Happy to try and help you resolve this.
":0) Asta
Windows Error Reporting data has shown that add-ons are a major cause of stability issues in Internet Explorer. These add-ons significantly affect the reliability of Internet Explorer. These add-ons can also pose a security risk, because they might contain malicious and unknown code.
Many users are unaware of the add-ons they have installed on their computer. Some add-ons are loaded whenever Internet Explorer is started, but cannot be detected unless the user searches the registry. When users experienced crashes, there was no easy way to diagnose whether the issue was related to an add-on. Even if they suspected that the problem stemmed from recently-installed software, it was difficult to isolate the cause and often impossible to resolve if the software did not provide an uninstall option.
Source for more: http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx
If I were in your shoes, given all the problems you've been having, I'd be sure to get my Viruscan program updated and run a full scan. I'd also check for Spyware intrusions using some good tools. My preferences are what I call a great combo... AdAware SE Pro and Spybot S&D and configure the first to do deep scanning including the HOSTS file, the second I use the Immunize function to block about 2344 spyware intrusions. More about those tools as well as HijackThis guidance below:
https://www.experts-exchange.com/questions/20975384/Standard-response-material-re-Spyware-Adware-BHOs-and-other-Malware.html
https://www.experts-exchange.com/questions/21149514/Instructions-regarding-the-handling-of-HIJACK-THIS-logs.html
Happy to try and help you resolve this.
":0) Asta
Description and availability of Internet Explorer Error Reporting tool
http://support.microsoft.com/default.aspx?scid=kb;en-us;276550
A great overview and also includes additional hyperlinks for:
310116 How to disable or redirect Internet Explorer Error Reporting
To troubleshoot this issue, see the following Microsoft Knowledge Base articles to repair Internet Explorer:
194177 Description of the Internet Explorer Repair tool
318378 How to reinstall or repair Internet Explorer and Outlook Express in Windows XP
Good luck, back to work.
http://support.microsoft.com/default.aspx?scid=kb;en-us;276550
A great overview and also includes additional hyperlinks for:
310116 How to disable or redirect Internet Explorer Error Reporting
To troubleshoot this issue, see the following Microsoft Knowledge Base articles to repair Internet Explorer:
194177 Description of the Internet Explorer Repair tool
318378 How to reinstall or repair Internet Explorer and Outlook Express in Windows XP
Good luck, back to work.
I suggest Disabling IE error reporting. They don't help you anyway - just Microsoft.
http://support.microsoft.com/kb/310116
http://support.microsoft.com/kb/310116
That may help you, but do feel that it is important to let Microsoft know the problems we have ... they do actually use that information cummulatively to size problems and roll out service packs and patches, IMHO.
ASKER
astaec,
Indded, the problem occurs ONLY while using Internet Explorer 6.0. on certain Web sites, the CPU starts to run 100% for ever and I have to reboot. I am going to try to get rid of the hidden add-ons. I have run Spyboot 3.0 and Adaware Professional 1.05 (the last version). Only unwanted cookies were found.
Any suggestion to find these hidden addons welcome.
dbessis
Indded, the problem occurs ONLY while using Internet Explorer 6.0. on certain Web sites, the CPU starts to run 100% for ever and I have to reboot. I am going to try to get rid of the hidden add-ons. I have run Spyboot 3.0 and Adaware Professional 1.05 (the last version). Only unwanted cookies were found.
Any suggestion to find these hidden addons welcome.
dbessis
That's good news (so far). When you ran AdAware with updates (your version is current) .... you did deep scanning and configured to include the HOSTS file? Important. Then using Spybot S&D, included the Immunize function after checking for updates? If your still running at 100% cpu, could be a memory leak on a running process, multiple interfaces to the svchost or a number of other possibilities. What all is running at the time when this occurs? ALT+CTRL+DEL and check processes ... or check start-run-msconfig the services tab and start up tab. Anything listed in the Event logs? Start-run-services.msc.
Have you tried using the HijackThis exe and posting the log to the analyzer to rule out hidden intrusions? It's ideal to rule out the potential intrusions, in my humble opinion.
http://www.majorgeeks.com/download3155.html
Analyzer of the log results should be pasted here and then click the Analyze function. http://www.hijackthis.de/index.php?langselect=english
Have you tried using the HijackThis exe and posting the log to the analyzer to rule out hidden intrusions? It's ideal to rule out the potential intrusions, in my humble opinion.
http://www.majorgeeks.com/download3155.html
Analyzer of the log results should be pasted here and then click the Analyze function. http://www.hijackthis.de/index.php?langselect=english
ASKER
Here is the file to analyze. Let me know if you see anything suspicious.
Thanks,
dbessis
Logfile of HijackThis v1.98.2
Scan saved at 12:05:28 PM, on 10/22/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\spools
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\spool\
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpm
C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
C:\PROGRA~1\HEWLET~1\HPSHA
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
E:\PROGRA~1\Maxtor\OneTouc
C:\Program Files\Common Files\Real\Update_OB\reals
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\FanGui\i8kfangui.exe
E:\Program Files\The Weather Channel\The Weather Channel.exe
C:\WINDOWS\system32\ctfmon
C:\WINDOWS\system32\rundll
C:\Program Files\EscapeClosePro\Escap
C:\Program Files\Executive Software\Diskeeper\DkServi
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\TurboNote\tbnote.exe
E:\Program Files\Active SMART\ActiveSMART.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\AdvTools\NPROTEC
C:\WINDOWS\System32\nvsvc3
C:\PROGRA~1\Dantz\RETROS~1
C:\WINDOWS\System32\snmp.e
C:\WINDOWS\System32\svchos
C:\WINDOWS\SYSTEM32\ZoneLa
C:\Program Files\Dillobits Software\YATS32\yats32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ntvdm.
C:\PROGRA~1\WINZIP\winzip3
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Daniel\Desktop\Se
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
O1 - Hosts: 143.166.224.214 forums.us.dell.com #2003-10-23 22:47:08
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-F
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-1
O2 - BHO: PeoplePC FixedBandBHO - {3DE88907-3E38-11D4-BEB2-C
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-0
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
O2 - BHO: Bridge Class - {E479EDE1-923E-11D3-B82B-0
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-B
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\
O4 - HKLM\..\Run: [HP Software Update] "E:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpm
O4 - HKLM\..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe /dontopenmycards
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\NORTON~2\AdvTo
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
O4 - HKLM\..\Run: [MaxtorOneTouch] E:\PROGRA~1\Maxtor\OneTouc
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [i8kfangui] C:\FanGui\i8kfangui.exe /startup
O4 - HKCU\..\Run: [Desktop Weather 3] E:\Program Files\The Weather Channel\The Weather Channel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [EscapeClose] C:\Program Files\EscapeClosePro\Escap
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - Startup: Active SMART.lnk = E:\Program Files\Active SMART\ActiveSMART.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\microsoft office\Office10\OSA.EXE
O4 - Global Startup: TurboNote.lnk = C:\Program Files\TurboNote\tbnote.exe
O6 - HKCU\Software\Policies\Mic
O8 - Extra context menu item: &Download with &DAP - F:\PROGRA~1\DAP\dapextie.h
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.h
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.h
O8 - Extra context menu item: Afficher l'image non compressée - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.ex
O8 - Extra context menu item: Afficher toutes les images non compressées - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.ex
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: QuickDefine - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\eddefine.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-7
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F
O9 - Extra button: Girafa - {78A7D3B4-23E3-11D4-A682-0
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-0
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-B
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugi
O15 - Trusted Zone: bannerweb.cau.edu
O15 - Trusted Zone: http://forums.us.dell.com
O15 - Trusted Zone: http://www.dell.com
O15 - Trusted Zone: http://Download.Windowsupdate.com
O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4//teleir_cert.cab
O16 - DPF: {01113300-3E00-11D2-8470-0
O16 - DPF: {01A88BB1-1174-41EC-ACCB-9
O16 - DPF: {0E5F0222-96B9-11D3-8997-0
O16 - DPF: {340FBD92-B7BB-11D2-8299-0
O16 - DPF: {4E888414-DB8F-11D1-9CD9-0
O16 - DPF: {50F65670-1729-11D2-A51F-0
O16 - DPF: {5445BE81-B796-11D2-B931-0
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0
O16 - DPF: {6CB5E471-C305-11D3-99A8-0
O16 - DPF: {72C23FEC-3AF9-48FC-9597-2
O16 - DPF: {763C10EE-E4C6-49AA-9325-F
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A
O16 - DPF: {90C9629E-CD32-11D3-BBFB-0
O16 - DPF: {94B82441-A413-4E43-8422-D
O16 - DPF: {A7E092C3-692A-11D0-A7E5-0
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-0
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0
O16 - DPF: {E77C0D62-882A-456F-AD8F-7
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8
Thanks,
dbessis
Logfile of HijackThis v1.98.2
Scan saved at 12:05:28 PM, on 10/22/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.e
C:\WINDOWS\system32\winlog
C:\WINDOWS\system32\servic
C:\WINDOWS\system32\lsass.
C:\WINDOWS\system32\svchos
C:\WINDOWS\System32\svchos
C:\WINDOWS\system32\spools
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\spool\
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpm
C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
C:\PROGRA~1\HEWLET~1\HPSHA
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
E:\PROGRA~1\Maxtor\OneTouc
C:\Program Files\Common Files\Real\Update_OB\reals
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\FanGui\i8kfangui.exe
E:\Program Files\The Weather Channel\The Weather Channel.exe
C:\WINDOWS\system32\ctfmon
C:\WINDOWS\system32\rundll
C:\Program Files\EscapeClosePro\Escap
C:\Program Files\Executive Software\Diskeeper\DkServi
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\TurboNote\tbnote.exe
E:\Program Files\Active SMART\ActiveSMART.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\AdvTools\NPROTEC
C:\WINDOWS\System32\nvsvc3
C:\PROGRA~1\Dantz\RETROS~1
C:\WINDOWS\System32\snmp.e
C:\WINDOWS\System32\svchos
C:\WINDOWS\SYSTEM32\ZoneLa
C:\Program Files\Dillobits Software\YATS32\yats32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ntvdm.
C:\PROGRA~1\WINZIP\winzip3
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Daniel\Desktop\Se
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
O1 - Hosts: 143.166.224.214 forums.us.dell.com #2003-10-23 22:47:08
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-F
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-7
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-1
O2 - BHO: PeoplePC FixedBandBHO - {3DE88907-3E38-11D4-BEB2-C
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-2
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-0
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-C
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-F
O2 - BHO: Bridge Class - {E479EDE1-923E-11D3-B82B-0
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-B
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-0
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\
O4 - HKLM\..\Run: [HP Software Update] "E:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpm
O4 - HKLM\..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe /dontopenmycards
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\NORTON~2\AdvTo
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.ex
O4 - HKLM\..\Run: [MaxtorOneTouch] E:\PROGRA~1\Maxtor\OneTouc
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\reals
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [i8kfangui] C:\FanGui\i8kfangui.exe /startup
O4 - HKCU\..\Run: [Desktop Weather 3] E:\Program Files\The Weather Channel\The Weather Channel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon
O4 - HKCU\..\Run: [EscapeClose] C:\Program Files\EscapeClosePro\Escap
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe
O4 - Startup: Active SMART.lnk = E:\Program Files\Active SMART\ActiveSMART.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\microsoft office\Office10\OSA.EXE
O4 - Global Startup: TurboNote.lnk = C:\Program Files\TurboNote\tbnote.exe
O6 - HKCU\Software\Policies\Mic
O8 - Extra context menu item: &Download with &DAP - F:\PROGRA~1\DAP\dapextie.h
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.h
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.h
O8 - Extra context menu item: Afficher l'image non compressée - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.ex
O8 - Extra context menu item: Afficher toutes les images non compressées - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.ex
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: QuickDefine - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\eddefine.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-0
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-0
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-0
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-7
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F
O9 - Extra button: Girafa - {78A7D3B4-23E3-11D4-A682-0
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-0
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-B
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-0
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-0
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugi
O15 - Trusted Zone: bannerweb.cau.edu
O15 - Trusted Zone: http://forums.us.dell.com
O15 - Trusted Zone: http://www.dell.com
O15 - Trusted Zone: http://Download.Windowsupdate.com
O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4//teleir_cert.cab
O16 - DPF: {01113300-3E00-11D2-8470-0
O16 - DPF: {01A88BB1-1174-41EC-ACCB-9
O16 - DPF: {0E5F0222-96B9-11D3-8997-0
O16 - DPF: {340FBD92-B7BB-11D2-8299-0
O16 - DPF: {4E888414-DB8F-11D1-9CD9-0
O16 - DPF: {50F65670-1729-11D2-A51F-0
O16 - DPF: {5445BE81-B796-11D2-B931-0
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0
O16 - DPF: {6CB5E471-C305-11D3-99A8-0
O16 - DPF: {72C23FEC-3AF9-48FC-9597-2
O16 - DPF: {763C10EE-E4C6-49AA-9325-F
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A
O16 - DPF: {90C9629E-CD32-11D3-BBFB-0
O16 - DPF: {94B82441-A413-4E43-8422-D
O16 - DPF: {A7E092C3-692A-11D0-A7E5-0
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-0
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0
O16 - DPF: {E77C0D62-882A-456F-AD8F-7
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you so much fo ryour help,
dbessis
dbessis
My pleasure, dbessis. The best of luck to you in keeping the intrusions out; they are such a gigantic unpleasantness (to say the least).
":0) Asta
":0) Asta
I am trying to open up an access 2007 report and end up crashing getting event error id 7001 with the following description:
"ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6237.1003. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash."
I don't know what to do. Any suggestions?
"ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6237.1003. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash."
I don't know what to do. Any suggestions?
Asta