Solved

Microsoft Application Error Reporting

Posted on 2004-10-20
16
1,556 Views
Last Modified: 2008-01-09
I run Windows XP Professional Service Pack II.
From time to time dwwin.exe (Microsoft Application Error Reporting )locks up the computer. I find it loading ELEVEN times in Task Manager! Some are consuming 85% of the CPU time while others add up to the complement: the CPU load remains 100% and the computer is locked up.

Deleting them manually does not help. They reappear a little time later. Finally, I have to reboot;

What is going wrong?

dbessis
0
Comment
Question by:dbessis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
16 Comments
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12364150
What is seen in your Event Logs?  Likely something to do with svchost; concurrent processes or the like,
Asta
0
 

Author Comment

by:dbessis
ID: 12365385
How do I access Event Logs?
Thank you for your help,
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12365429
Once you access the event logs and see problems, most allow you to access the MS site for more if not; this link helps.
http://www.microsoft.com/technet/support/ee/search.aspx?DisplayName=Windows+XP+Professional&ProdName=Windows+Operating+System&MajorMinor=5.1&LCID=1033

You can go there directly from the run command or right-click My Computer icon in desktop and choose Manage....  Do you have Adminstrator access
0
Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

 
LVL 27

Expert Comment

by:Asta Cu
ID: 12365572
How To View and Manage Event Logs in Event Viewer in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;308427&Product=winxp
0
 

Author Comment

by:dbessis
ID: 12370158
I did not write down the precise time when the lock up occurred. There are many errors at different time and days and I am confused; I shall wait until next time and immediately read the Event Logs after the lock up occurs.

Thank you for your help,
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12370582
Error Reporting process often saves file to your default temp directory, if not already cleared.  Also, found that much of the Error Reporting that is analyzed by Microsoft deals with Add-Ons.... here's a brief excerpt and link for more detail in this regard.
Windows Error Reporting data has shown that add-ons are a major cause of stability issues in Internet Explorer. These add-ons significantly affect the reliability of Internet Explorer. These add-ons can also pose a security risk, because they might contain malicious and unknown code.

Many users are unaware of the add-ons they have installed on their computer. Some add-ons are loaded whenever Internet Explorer is started, but cannot be detected unless the user searches the registry. When users experienced crashes, there was no easy way to diagnose whether the issue was related to an add-on. Even if they suspected that the problem stemmed from recently-installed software, it was difficult to isolate the cause and often impossible to resolve if the software did not provide an uninstall option.
Source for more:  http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2brows.mspx

If I were in your shoes, given all the problems you've been having, I'd be sure to get my Viruscan program updated and run a full scan.  I'd also check for Spyware intrusions using some good tools.  My preferences are what I call a great combo... AdAware SE Pro and Spybot S&D and configure the first to do deep scanning including the HOSTS file, the second I use the Immunize function to block about 2344 spyware intrusions.  More about those tools as well as HijackThis guidance below:
http://www.experts-exchange.com/Web/Browser_Issues/Q_20975384.html
http://www.experts-exchange.com/Web/Browser_Issues/Q_21149514.html

Happy to try and help you resolve this.
":0) Asta

0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12370633
Description and availability of Internet Explorer Error Reporting tool
http://support.microsoft.com/default.aspx?scid=kb;en-us;276550

A great overview and also includes additional hyperlinks for:
310116 How to disable or redirect Internet Explorer Error Reporting
To troubleshoot this issue, see the following Microsoft Knowledge Base articles to repair Internet Explorer:
194177 Description of the Internet Explorer Repair tool
318378 How to reinstall or repair Internet Explorer and Outlook Express in Windows XP

Good luck, back to work.
0
 
LVL 12

Expert Comment

by:alandc
ID: 12372325
I suggest Disabling IE error reporting.  They don't help you anyway - just Microsoft.

http://support.microsoft.com/kb/310116
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12372708
That may help you, but do feel that it is important to let Microsoft know the problems we have ... they do actually use that information cummulatively to size problems and roll out service packs and patches, IMHO.
0
 

Author Comment

by:dbessis
ID: 12377234
astaec,
Indded, the problem occurs ONLY while using Internet Explorer 6.0. on certain Web sites, the CPU starts to run 100% for ever and I have to reboot. I am going to try to get rid of the hidden add-ons. I have run Spyboot 3.0 and Adaware Professional 1.05 (the last version). Only unwanted cookies were found.
Any suggestion to find these hidden addons welcome.
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12377319
That's good news (so far).  When you ran AdAware with updates (your version is current) .... you did deep scanning and configured to include the HOSTS file?  Important.  Then using Spybot S&D, included the Immunize function after checking for updates?  If your still running at 100% cpu, could be a memory leak on a running process, multiple interfaces to the svchost or a number of other possibilities.  What all is running at the time when this occurs?  ALT+CTRL+DEL and check processes ... or check start-run-msconfig the services tab and start up tab.  Anything listed in the Event logs?  Start-run-services.msc.

Have you tried using the HijackThis exe and posting the log to the analyzer to rule out hidden intrusions?  It's ideal to rule out the potential intrusions, in my humble opinion.  
http://www.majorgeeks.com/download3155.html
Analyzer of the log results should be pasted here and then click the Analyze function.  http://www.hijackthis.de/index.php?langselect=english
0
 

Author Comment

by:dbessis
ID: 12385757
Here is the file to analyze. Let me know if you see anything suspicious.
Thanks,
dbessis
Logfile of HijackThis v1.98.2
Scan saved at 12:05:28 PM, on 10/22/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
E:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\FanGui\i8kfangui.exe
E:\Program Files\The Weather Channel\The Weather Channel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\EscapeClosePro\EscapeClosePro.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\TurboNote\tbnote.exe
E:\Program Files\Active SMART\ActiveSMART.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\Program Files\Dillobits Software\YATS32\yats32.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ntvdm.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Daniel\Desktop\Security\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://education.dellnet.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lefigaro.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie/button/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Comcast High-Speed Internet
O1 - Hosts: 143.166.224.214 forums.us.dell.com #2003-10-23 22:47:08
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 6\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CitiUS Shared Browser Helper Object - {387EDF53-1CF2-4523-BC2F-13462651BE8C} - C:\WINDOWS\system32\BhoCitUS.dll
O2 - BHO: PeoplePC FixedBandBHO - {3DE88907-3E38-11D4-BEB2-CBE76C0598DD} - C:\Program Files\PeoplePC Online\bin\BandObject.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEWatchObj Class - {9527D42F-D666-11D3-B8DD-00600838CD5F} - C:\WINDOWS\System32\IETie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Bridge Class - {E479EDE1-923E-11D3-B82B-00E09871521B} - E:\Program Files\Compass\CompassIE.dll
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 6\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HP Software Update] "E:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [CitiVAN] C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe  /dontopenmycards
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\NORTON~2\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] E:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [i8kfangui] C:\FanGui\i8kfangui.exe /startup
O4 - HKCU\..\Run: [Desktop Weather 3] E:\Program Files\The Weather Channel\The Weather Channel.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EscapeClose] C:\Program Files\EscapeClosePro\EscapeClosePro.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Active SMART.lnk = E:\Program Files\Active SMART\ActiveSMART.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\microsoft office\Office10\OSA.EXE
O4 - Global Startup: TurboNote.lnk = C:\Program Files\TurboNote\tbnote.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Download with &DAP - F:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: Afficher l'image non compressée - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.exe/227
O8 - Extra context menu item: Afficher toutes les images non compressées - res://C:\Program Files\Booster Wanadoo\wanadoo_booster.exe/250
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: QuickDefine - C:\Program Files\Common Files\Microsoft Shared\Reference Titles\eddefine.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)
O9 - Extra button: Citi - {4C730913-3961-439b-83D5-F4E445520422} - C:\Program Files\Citi Virtual Account Numbers\CitiVAN.exe
O9 - Extra button: Girafa - {78A7D3B4-23E3-11D4-A682-0050DA502650} - C:\Program Files\Girafa\GirafaBar.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - E:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O12 - Plugin for .mid: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O15 - Trusted Zone: bannerweb.cau.edu
O15 - Trusted Zone: http://forums.us.dell.com
O15 - Trusted Zone: http://www.dell.com
O15 - Trusted Zone: http://Download.Windowsupdate.com
O16 - DPF: symsupportutil - https://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4//teleir_cert.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} - http://www.comcastsupport.com/sdccommon/download/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {340FBD92-B7BB-11D2-8299-00104B27F81B} (ScanCtl Class) - http://outpost.zdnet.com/updates/resources/updates.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cab
O16 - DPF: {50F65670-1729-11D2-A51F-0020AFE5D502} - http://objects.compuserve.com/chat/RTCChat.cab
O16 - DPF: {5445BE81-B796-11D2-B931-002018654E2E} (MeadCo Security Manager) - http://wcs00180.egain.net/wcsapp/weblib/Javascript/messaging/ie/SecMgr.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1997c19cc9ed6c451e03/netzip/RdxIE601.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/deleon/1.1.46-deleon/GoogleNav.cab
O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
O16 - DPF: {763C10EE-E4C6-49AA-9325-F15ABF1C52B0} (X1 DownloadControl Class) - http://www.x1.com/download/X1WebInstall.cab
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - https://www.lifescan.com/otdms/isetup.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - http://rtc.webresponse.microsoft.com/media/XP/TLIEFlash.CAB
O16 - DPF: {A7E092C3-692A-11D0-A7E5-08002B322F3B} (WebResponseAttachments Control) - https://webresponse.one.microsoft.com/WRActiveX/FileXfer.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security1.norton.com/SSC/SharedContent/sc/bin/cabsa.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll

0
 
LVL 27

Accepted Solution

by:
Asta Cu earned 125 total points
ID: 12385878
Ideally, we prefer having you paste the log directly into the analyzer link I gave above due to 1) the size 2) often there are yellow items that only you typically could decide about.  Others, which are shown as Red and Nasty, are often ones that HijackThis can remove but even some of those removals may cause problems, also as noted in the instructions above.

However, since you have already pasted here, took a look and these look like problems; many of which HiackThis can fix if you agree you didn't purposely install related items and use/need them.  If/when you use HijackThis to fix things, only check those items you're sure about.  These do look like problems, though.

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.earthlink.net/partner/more/msie/button/search.html   
Nasty   Entries with this kind of homepages should always be fixed.   This entry should be fixed by HijackThis!

  O1 - Hosts: 143.166.224.214 forums.us.dell.com #2003-10-23 22:47:08    
Nasty   This entry should be fixed immediately!   Must be fixed!

O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)    
Unnecessarily   Entries found in this registry zone are potentially nasty. This application ([62999427-33FC-4baf-9C9C-BCE6BD127F08] - Result: 62999427-33FC-4baf-9C9C-BCE6BD127F08) has been checked. If the name is made up of random letters, found in the folder 'Application Data' and the kind is 'Unknown' , it should be fixed. Hit rate: 99 %  
Unnecessary (deactivated) entry that can be fixed

  O4 - Startup: Active SMART.lnk = E:\Program Files\Active SMART\ActiveSMART.exe    
Nasty   The entered application 'Active SMART.lnk (ActiveSMART.exe)' was identified: 'MS Decryption Software (active.exe)'. Hit rate: 48 % (result)   Must be fixed!

  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)    
Unnecessarily   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
Unnecessary (deactivated) entry that can be fixed.
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)    
Unnecessarily   The entry Sun Java Console has been identified as safe.   If the entry 'Sun Java Console ' is not needed anymore, it should be fixed.
Unnecessary (deactivated) entry that can be fixed.
 O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)    
Unnecessarily   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry 'Net2Phone ' is unknown.
Unnecessary (deactivated) entry that can be fixed.
  O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - http://www.net2phone.com/ (file missing)    
Unnecessarily   Unknown buttons or entries in the 'Extras'-menu should be fixed.   To be fixed if the entry 'Net2Phone ' is unknown.
Unnecessary (deactivated) entry that can be fixed.

  O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)    
Unnecessarily   The entry has been identified as safe.   If the entry '' is not needed anymore, it should be fixed.
Unnecessary (deactivated) entry that can be fixed.

Many others are listed as "possibly nasty", so really would paste the log into the analyzer link above and check it directly, rather than my adding more volume here, making this thread too slow to load.

To EDIT the HOSTS file (no extension), you can back it up, if you like and edit/save it using Notepad.

Alternatively, I like to use AdAware SE Pro and configure it to do deep scanning as well as including the HOSTS file; also choose Spybot S&D and the Immunize function to block @ 2344 spywares from intruding.  All, only good after getting the most current updates.
0
 

Author Comment

by:dbessis
ID: 12390156
Thank you so much fo ryour help,
dbessis
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 12390498
My pleasure, dbessis.  The best of luck to you in keeping the intrusions out; they are such a gigantic unpleasantness (to say the least).
":0) Asta
0
 

Expert Comment

by:Degelman
ID: 23540321
I am trying to open up an access 2007 report and end up crashing getting event error id 7001 with the following description:
 
"ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6304.5000, Microsoft Office Version: 12.0.6237.1003. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash."

I don't know what to do. Any suggestions?
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question